rattail/tailbone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Refactor logic used to login a user, for easier sharing

Browse source
This commit is contained in:
Lance Edgar 2017-02-11 17:08:27 -06:00
parent 61b3daa701
commit ca4d15f06c
2 changed files with 51 additions and 41 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
tailbone/auth.py
View file

@ -2,7 +2,7 @@
################################################################################ ################################################################################
# #
# Rattail -- Retail Software Framework # Rattail -- Retail Software Framework
# Copyright © 2010-2016 Lance Edgar # Copyright © 2010-2017 Lance Edgar
# #
# This file is part of Rattail. # This file is part of Rattail.
# #
@ -26,17 +26,63 @@ Authentication & Authorization
from __future__ import unicode_literals, absolute_import from __future__ import unicode_literals, absolute_import
import logging
from rattail.db import model from rattail.db import model
from rattail.db.auth import has_permission from rattail.db.auth import has_permission
from rattail.util import prettify from rattail.util import prettify
from zope.interface import implementer from zope.interface import implementer
from pyramid.interfaces import IAuthorizationPolicy from pyramid.interfaces import IAuthorizationPolicy
from pyramid.security import Everyone, Authenticated from pyramid.security import remember, Everyone, Authenticated
from tailbone.db import Session from tailbone.db import Session
log = logging.getLogger(__name__)
def login_user(request, user):
"""
Perform the steps necessary to login the given user. Note that this
returns a ``headers`` dict which you should pass to the redirect.
"""
headers = remember(request, user.uuid)
timeout = get_session_timeout_for_user(request.rattail_config, user) or None
log.debug("setting session timeout for '{}' to {}".format(user.username, timeout))
set_session_timeout(request, timeout)
return headers
def get_session_timeout_for_user(config, user):
"""
Must return a value to be used to set the session timeout for the given
user. By default this will return ``None`` if the user has the
"forever session" permission, otherwise will try to read a default
value from config:
.. code-block:: ini
[tailbone]
# set session timeout to 10 minutes:
session.default_timeout = 600
# or, set to 0 to disable:
#session.default_timeout = 0
"""
if not has_permission(Session(), user, 'general.forever_session'):
return config.getint('tailbone', 'session.default_timeout',
default=300) # 5 minutes
def set_session_timeout(request, timeout):
"""
Set the server-side session timeout to the given value.
"""
request.session['_timeout'] = timeout or None
@implementer(IAuthorizationPolicy) @implementer(IAuthorizationPolicy)
class TailboneAuthorizationPolicy(object): class TailboneAuthorizationPolicy(object):

42
tailbone/views/auth.py
View file

@ -26,9 +26,7 @@ Auth Views
from __future__ import unicode_literals, absolute_import from __future__ import unicode_literals, absolute_import
import logging from rattail.db.auth import authenticate_user, set_user_password
from rattail.db.auth import authenticate_user, set_user_password, has_permission
import formencode as fe import formencode as fe
from pyramid.httpexceptions import HTTPForbidden from pyramid.httpexceptions import HTTPForbidden
@ -39,9 +37,7 @@ from webhelpers.html import tags, literal
from tailbone import forms from tailbone import forms
from tailbone.db import Session from tailbone.db import Session
from tailbone.views import View from tailbone.views import View
from tailbone.auth import login_user
log = logging.getLogger(__name__)
class UserLogin(fe.Schema): class UserLogin(fe.Schema):
@ -111,13 +107,8 @@ class AuthenticationView(View):
user = self.authenticate_user(form.data['username'], user = self.authenticate_user(form.data['username'],
form.data['password']) form.data['password'])
if user: if user:
# okay now they're truly logged in # okay now they're truly logged in
headers = remember(self.request, user.uuid) headers = login_user(self.request, user)
timeout = self.get_session_timeout_for_user(user) or None
log.debug("setting session timeout for '{}' to {}".format(user.username, timeout))
self.set_session_timeout(timeout)
# treat URL from session as referrer, if available # treat URL from session as referrer, if available
referrer = self.request.session.pop('next_url', referrer) referrer = self.request.session.pop('next_url', referrer)
return self.redirect(referrer, headers=headers) return self.redirect(referrer, headers=headers)
@ -134,33 +125,6 @@ class AuthenticationView(View):
def authenticate_user(self, username, password): def authenticate_user(self, username, password):
return authenticate_user(Session(), username, password) return authenticate_user(Session(), username, password)
def get_session_timeout_for_user(self, user):
"""
Must return a value to be used to set the session timeout for the given
user. By default this will return ``None`` if the user has the
"forever session" permission, otherwise will try to read a default
value from config:
.. code-block:: ini
[tailbone]
# set session timeout to 10 minutes:
session.default_timeout = 600
# or, set to 0 to disable:
#session.default_timeout = 0
"""
if not has_permission(Session(), user, 'general.forever_session'):
return self.rattail_config.getint('tailbone', 'session.default_timeout',
default=300) # 5 minutes
def set_session_timeout(self, timeout):
"""
Set the server-side session timeout to the given value.
"""
self.request.session['_timeout'] = timeout or None
def mobile_login(self): def mobile_login(self):
return self.login(mobile=True) return self.login(mobile=True)