Mercurial Mercurial > pub > hg > cubicweb / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[web] the AuthenticationManager is no more an appobject
authorAurelien Campeas <aurelien.campeas@logilab.fr>
Thu, 13 Feb 2014 16:43:33 +0100
changeset 10564 6b109900583b
parent 10563 834284af988f
child 10565 f5063eae939e
[web] the AuthenticationManager is no more an appobject It is now explictly instanciated by the session manager. Related to #1381328.
web/views/authentication.py file | annotate | diff | comparison | revisions
web/views/sessions.py file | annotate | diff | comparison | revisions 
--- a/web/views/authentication.py	Fri Dec 05 16:22:02 2014 +0100
+++ b/web/views/authentication.py	Thu Feb 13 16:43:33 2014 +0100
@@ -19,12 +19,9 @@
 
 __docformat__ = "restructuredtext en"
 
-from threading import Lock
-
-from logilab.common.decorators import clear_cache
 from logilab.common.deprecation import class_renamed
 
-from cubicweb import AuthenticationError, BadConnectionId
+from cubicweb import AuthenticationError
 from cubicweb.view import Component
 from cubicweb.web import InvalidSession
 
@@ -101,41 +98,11 @@
     '("ie" instead of "ei")')
 
 
-class AbstractAuthenticationManager(Component):
-    """authenticate user associated to a request and check session validity"""
-    __abstract__ = True
-    __regid__ = 'authmanager'
 
-    def __init__(self, repo):
-        self.vreg = repo.vreg
-
-    def validate_session(self, req, session):
-        """check session validity, reconnecting it to the repository if the
-        associated connection expired in the repository side (hence the
-        necessity for this method).
-
-        raise :exc:`InvalidSession` if session is corrupted for a reason or
-        another and should be closed
-        """
-        raise NotImplementedError()
-
-    def authenticate(self, req):
-        """authenticate user using connection information found in the request,
-        and return corresponding a :class:`~cubicweb.dbapi.Connection` instance,
-        as well as login and authentication information dictionary used to open
-        the connection.
-
-        raise :exc:`cubicweb.AuthenticationError` if authentication failed
-        (no authentication info found or wrong user/password)
-        """
-        raise NotImplementedError()
-
-
-class RepositoryAuthenticationManager(AbstractAuthenticationManager):
+class RepositoryAuthenticationManager(object):
     """authenticate user associated to a request and check session validity"""
 
     def __init__(self, repo):
-        super(RepositoryAuthenticationManager, self).__init__(repo)
         self.repo = repo
         vreg = repo.vreg
         self.log_queries = vreg.config['query-log-file']
--- a/web/views/sessions.py	Fri Dec 05 16:22:02 2014 +0100
+++ b/web/views/sessions.py	Thu Feb 13 16:43:33 2014 +0100
@@ -23,6 +23,7 @@
 from cubicweb import RepositoryError, Unauthorized, BadConnectionId
 from cubicweb.web import InvalidSession, component
 
+from cubicweb.web.views import authentication
 
 class AbstractSessionManager(component.Component):
     """manage session data associated to a session identifier"""
@@ -32,7 +33,7 @@
     def __init__(self, repo):
         vreg = repo.vreg
         self.session_time = vreg.config['http-session-time'] or None
-        self.authmanager = vreg['components'].select('authmanager', repo=repo)
+        self.authmanager = authentication.RepositoryAuthenticationManager(repo)
         interval = (self.session_time or 0) / 2.
         if vreg.config.anonymous_user()[0] is not None:
             self.cleanup_anon_session_time = vreg.config['cleanup-anonymous-session-time'] or 5 * 60
cubicweb