You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2014/07/25 21:22:11 UTC
[08/13] git commit: [#7451] ticket:616 Moved login expiration check
to a separate middleware
[#7451] ticket:616 Moved login expiration check to a separate middleware
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/aa0ffe70
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/aa0ffe70
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/aa0ffe70
Branch: refs/heads/master
Commit: aa0ffe7083ed2857f575bbb586c7e12674a31748
Parents: 6fb6d87
Author: Aleksey 'LXj' Alekseyev <go...@gmail.com>
Authored: Thu Jul 24 19:18:42 2014 +0300
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Fri Jul 25 18:43:28 2014 +0000
----------------------------------------------------------------------
Allura/allura/config/middleware.py | 7 ++--
Allura/allura/lib/custom_middleware.py | 54 +++++++++++++----------------
2 files changed, 29 insertions(+), 32 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/aa0ffe70/Allura/allura/config/middleware.py
----------------------------------------------------------------------
diff --git a/Allura/allura/config/middleware.py b/Allura/allura/config/middleware.py
index 2fe2b88..91a3575 100644
--- a/Allura/allura/config/middleware.py
+++ b/Allura/allura/config/middleware.py
@@ -29,6 +29,7 @@ from paste.deploy.converters import asbool
from paste.registry import RegistryManager
from routes.middleware import RoutesMiddleware
from pylons.middleware import StatusCodeRedirect
+from beaker.middleware import SessionMiddleware
import activitystream
import ew
@@ -44,7 +45,7 @@ from allura.lib.custom_middleware import SSLMiddleware
from allura.lib.custom_middleware import StaticFilesMiddleware
from allura.lib.custom_middleware import CSRFMiddleware
from allura.lib.custom_middleware import LoginRedirectMiddleware
-from allura.lib.custom_middleware import RememberLoginSessionMiddleware
+from allura.lib.custom_middleware import RememberLoginMiddleware
from allura.lib import patches
from allura.lib import helpers as h
@@ -131,7 +132,9 @@ def _make_core_app(root, global_conf, full_stack=True, **app_conf):
# Required for pylons
app = RoutesMiddleware(app, config['routes.map'])
# Required for sessions
- app = RememberLoginSessionMiddleware(app, config)
+ app = SessionMiddleware(app, config)
+ # Handle "Remember me" functionality
+ app = RememberLoginMiddleware(app, config)
# Redirect 401 to the login page
app = LoginRedirectMiddleware(app)
# Add instrumentation
http://git-wip-us.apache.org/repos/asf/allura/blob/aa0ffe70/Allura/allura/lib/custom_middleware.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/custom_middleware.py b/Allura/allura/lib/custom_middleware.py
index cbaa94d..656e9a4 100644
--- a/Allura/allura/lib/custom_middleware.py
+++ b/Allura/allura/lib/custom_middleware.py
@@ -28,8 +28,6 @@ from pylons.util import call_wsgi_application
from timermiddleware import Timer, TimerMiddleware
from webob import exc, Request
import pysolr
-from beaker.middleware import SessionMiddleware
-from beaker.session import SessionObject
from allura.lib import helpers as h
import allura.model.repository
@@ -285,37 +283,33 @@ class AlluraTimerMiddleware(TimerMiddleware):
return timers
-class RememberLoginSessionMiddleware(SessionMiddleware):
+class RememberLoginMiddleware(object):
'''Modified version of beaker's SessionMiddleware.
This middleware changes session's cookie expiration time according to login_expires
session variable'''
-
- def __call__(self, environ, start_response):
- session = SessionObject(environ, **self.options)
- if environ.get('paste.registry'):
- if environ['paste.registry'].reglist:
- environ['paste.registry'].register(self.session, session)
- environ[self.environ_key] = session
- environ['beaker.get_session'] = self._get_session
- if 'paste.testing_variables' in environ and 'webtest_varname' in self.options:
- environ['paste.testing_variables'][self.options['webtest_varname']] = session
+ def __init__(self, app, config):
+ self.app = app
+ self.config = config
- def session_start_response(status, headers, exc_info=None):
- if session.accessed():
- session.persist()
-
- if session.__dict__['_headers']['set_cookie']:
- login_expires = session.get('login_expires')
- if login_expires is not None:
- session.cookie_expires = login_expires
- if login_expires == True:
- session.cookie[session.key]['expires'] = ''
- else:
- session._set_cookie_expires(None)
- cookie = session.cookie[session.key].output(header='')
-
- if cookie:
- headers.append(('Set-cookie', cookie))
+ def __call__(self, environ, start_response):
+
+ def remember_login_start_response(status, headers, exc_info=None):
+ session = environ.get('beaker.session')
+ userid = session.get('userid')
+ login_expires = session.get('login_expires')
+ if userid and login_expires is not None:
+ if login_expires is True:
+ session.cookie[session.key]['expires'] = ''
+ else:
+ session._set_cookie_expires(login_expires)
+ cookie = session.cookie[session.key].output(header='')
+ for i in range(len(headers)):
+ header, contents = headers[i]
+ if header == 'Set-cookie' and \
+ contents.lstrip().startswith(session.key):
+ headers[i] = ('Set-cookie', cookie)
+ break
return start_response(status, headers, exc_info)
- return self.wrap_app(environ, session_start_response)
+
+ return self.app(environ, remember_login_start_response)