You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ponymail.apache.org by hu...@apache.org on 2020/09/08 07:35:09 UTC
[incubator-ponymail-foal] branch master updated (5b5ee7c -> 496983e)
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-ponymail-foal.git.
from 5b5ee7c clean up module syntax
new d4cd874 Improve type tests, assert values
new 496983e cookie must be valid hex
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
server/plugins/server.py | 5 +++--
server/plugins/session.py | 19 +++++++++++++------
2 files changed, 16 insertions(+), 8 deletions(-)
[incubator-ponymail-foal] 02/02: cookie must be valid hex
Posted by hu...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-ponymail-foal.git
commit 496983e7ab29fe6258921a8ffbb7b493eb754b0c
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Sep 8 09:34:14 2020 +0200
cookie must be valid hex
---
server/plugins/session.py | 2 ++
1 file changed, 2 insertions(+)
diff --git a/server/plugins/session.py b/server/plugins/session.py
index 4592484..f8424fd 100644
--- a/server/plugins/session.py
+++ b/server/plugins/session.py
@@ -98,6 +98,8 @@ async def get_session(
)
if "ponymail" in cookies:
session_id = cookies["ponymail"].value
+ if not all(c in 'abcdefg1234567890-' for c in session_id):
+ session_id = None
break
# Do we have the session in local memory?
[incubator-ponymail-foal] 01/02: Improve type tests, assert values
Posted by hu...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
humbedooh pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-ponymail-foal.git
commit d4cd874ed4b53a798420ab0049386a0d1b949738
Author: Daniel Gruno <hu...@apache.org>
AuthorDate: Tue Sep 8 09:33:52 2020 +0200
Improve type tests, assert values
---
server/plugins/server.py | 5 +++--
server/plugins/session.py | 17 +++++++++++------
2 files changed, 14 insertions(+), 8 deletions(-)
diff --git a/server/plugins/server.py b/server/plugins/server.py
index ae2a775..0d96ed3 100644
--- a/server/plugins/server.py
+++ b/server/plugins/server.py
@@ -5,7 +5,7 @@ import aiohttp
from elasticsearch import AsyncElasticsearch
import plugins.configuration
-
+import plugins.offloader
class Endpoint:
exec: typing.Callable
@@ -18,8 +18,9 @@ class BaseServer:
"""Main server class, base def"""
config: plugins.configuration.Configuration
- server: aiohttp.web.Server
+ server: typing.Optional[aiohttp.web.Server]
data: plugins.configuration.InterData
handlers: typing.Dict[str, Endpoint]
database: AsyncElasticsearch
dbpool: asyncio.Queue
+ runners: plugins.offloader.ExecutorPool
diff --git a/server/plugins/session.py b/server/plugins/session.py
index aae98b7..4592484 100644
--- a/server/plugins/session.py
+++ b/server/plugins/session.py
@@ -27,6 +27,7 @@ import aiohttp.web
import plugins.database
import plugins.server
import copy
+import typing
FOAL_MAX_SESSION_AGE = 86400 * 7 # Max 1 week between visits before voiding a session
FOAL_SAVE_SESSION_INTERVAL = 3600 # Update sessions on disk max once per hour
@@ -61,11 +62,11 @@ class SessionCredentials:
class SessionObject:
- cid: str
+ cid: typing.Optional[str]
cookie: str
created: int
last_accessed: int
- credentials: SessionCredentials
+ credentials: typing.Optional[SessionCredentials]
database: typing.Optional[plugins.database.Database]
def __init__(self, server: plugins.server.BaseServer, **kwargs):
@@ -78,9 +79,9 @@ class SessionObject:
self.cookie = str(uuid.uuid4())
self.cid = None
else:
- self.last_accessed = kwargs.get("last_accessed")
+ self.last_accessed = kwargs.get("last_accessed", 0)
self.credentials = SessionCredentials(kwargs.get("credentials"))
- self.cookie = kwargs.get("cookie")
+ self.cookie = kwargs.get("cookie", "___")
self.cid = kwargs.get("cid")
@@ -100,7 +101,7 @@ async def get_session(
break
# Do we have the session in local memory?
- if session_id in server.data.sessions:
+ if session_id and session_id in server.data.sessions:
x_session = server.data.sessions[session_id]
if (now - x_session.last_accessed) > FOAL_MAX_SESSION_AGE:
del server.data.sessions[session_id]
@@ -122,7 +123,7 @@ async def get_session(
session.database = await server.dbpool.get()
# If a cookie was supplied, look for a session object in ES
- if session_id:
+ if session_id and session.database:
try:
session_doc = await session.database.get(
session.database.dbs.session, id=session_id
@@ -185,6 +186,7 @@ async def set_session(server: plugins.server.BaseServer, cid, **credentials):
async def save_session(session: SessionObject):
"""Save a session object in the ES database"""
+ assert session.database, "Database not connected!"
await session.database.index(
index=session.database.dbs.session,
id=session.cookie,
@@ -198,6 +200,7 @@ async def save_session(session: SessionObject):
async def remove_session(session: SessionObject):
"""Remove a session object in the ES database"""
+ assert session.database, "Database not connected!"
await session.database.delete(
index=session.database.dbs.session,
id=session.cookie
@@ -206,6 +209,8 @@ async def remove_session(session: SessionObject):
async def save_credentials(session: SessionObject):
"""Save a user account object in the ES database"""
+ assert session.database, "Database not connected!"
+ assert session.credentials, "Session object without credentials, cannot save!"
await session.database.index(
index=session.database.dbs.account,
id=session.cid,