rattail/tailbone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add way for login_user() to set different timeout depending on nature of login

Browse source 
This was added for the sake of a "clock in/out" mechanism
This commit is contained in:
Lance Edgar 2017-02-13 19:23:24 -06:00
parent 6bcfd0515f
commit b89e8574e1
1 changed files with 14 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
tailbone/auth.py
View file

@ -30,7 +30,7 @@ import logging
from rattail.db import model from rattail.db import model
from rattail.db.auth import has_permission from rattail.db.auth import has_permission
from rattail.util import prettify from rattail.util import prettify, NOTSET
from zope.interface import implementer from zope.interface import implementer
from pyramid.interfaces import IAuthorizationPolicy from pyramid.interfaces import IAuthorizationPolicy
@ -42,19 +42,20 @@ from tailbone.db import Session
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
def login_user(request, user): def login_user(request, user, type_='default', timeout=NOTSET):
""" """
Perform the steps necessary to login the given user. Note that this Perform the steps necessary to login the given user. Note that this
returns a ``headers`` dict which you should pass to the redirect. returns a ``headers`` dict which you should pass to the redirect.
""" """
headers = remember(request, user.uuid) headers = remember(request, user.uuid)
timeout = get_session_timeout_for_user(request.rattail_config, user) or None if timeout is NOTSET:
timeout = get_session_timeout_for_user(request.rattail_config, user, type_) or None
log.debug("setting session timeout for '{}' to {}".format(user.username, timeout)) log.debug("setting session timeout for '{}' to {}".format(user.username, timeout))
set_session_timeout(request, timeout) set_session_timeout(request, timeout)
return headers return headers
def get_session_timeout_for_user(config, user): def get_session_timeout_for_user(config, user, type_='default'):
""" """
Must return a value to be used to set the session timeout for the given Must return a value to be used to set the session timeout for the given
user. By default this will return ``None`` if the user has the user. By default this will return ``None`` if the user has the
@ -66,14 +67,19 @@ def get_session_timeout_for_user(config, user):
[tailbone] [tailbone]
# set session timeout to 10 minutes: # set session timeout to 10 minutes:
session.default_timeout = 600 session.timeout.default = 600
# or, set to 0 to disable: # or, set to 0 to disable:
#session.default_timeout = 0 #session.timeout.default = 0
""" """
if not has_permission(Session(), user, 'general.forever_session'): if not has_permission(Session(), user, 'general.forever_session'):
return config.getint('tailbone', 'session.default_timeout', timeout = config.getint('tailbone', 'session.timeout.{}'.format(type_))
default=300) # 5 minutes
# TODO: remove this hack after no longer needed
if timeout is None and type_ == 'default':
timeout = config.getint('tailbone', 'session.default_timeout')
return timeout if timeout is not None else 300 # 5 minutes
def set_session_timeout(request, timeout): def set_session_timeout(request, timeout):