annotate MoinMoin/web/session.py @ 4607:d8e5e9cfadf1

always do 'from werkzeug import ...', except for contrib, exceptions, routing, script
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Mon, 23 Feb 2009 22:39:32 +0100
parents 83666cc9dc31
children 3c6980b5e938
rev   line source
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
1 # -*- coding: iso-8859-1 -*-
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
2 """
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
3 MoinMoin - WSGI session handling
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
4
4317
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
5 To provide sessions, the MoinMoin WSGI application interacts with an
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
6 object implementing the `SessionService` API. The interface is quite
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
7 straight forward. For documentation of the expected methods, refer
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
8 to the documentation of `SessionService` in this module.
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
9
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
10 @copyright: 2008 MoinMoin:FlorianKrupicka
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
11 @license: GNU GPL, see COPYING for details.
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
12 """
4190
a030da8b2ec9 Fixed: missing imports and falsely ported session middleware code
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4188
diff changeset
13 import time
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
14
4607
d8e5e9cfadf1 always do 'from werkzeug import ...', except for contrib, exceptions, routing, script
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4531
diff changeset
15 from werkzeug import dump_cookie
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
16 from werkzeug.contrib.sessions import FilesystemSessionStore, Session
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
17
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
18 from MoinMoin import caching
4531
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
19 from MoinMoin.util import filesys
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
20
4193
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
21 from MoinMoin import log
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
22 logging = log.getLogger(__name__)
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
23
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
24 class MoinSession(Session):
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
25 """ Compatibility interface to Werkzeug-sessions for old Moin-code. """
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
26 is_new = property(lambda s: s.new)
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
27 is_stored = property(lambda s: True)
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
28
4211
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
29 class SessionService(object):
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
30 """
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
31 A session service returns a session object given a request object and
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
32 provides services like persisting sessions and cleaning up occasionally.
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
33 """
4529
002c21b10561 fix / finish xmlrpc auth token (session) code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4317
diff changeset
34 def get_session(self, request, sid=None):
4211
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
35 """ Return a session object pertaining to the particular request."""
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
36 raise NotImplementedError
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
37
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
38 def destroy_session(self, request, session):
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
39 """ Destroy an existing session (make it unusable). """
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
40 raise NotImplementedError
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
41
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
42 def finalize(self, request, session):
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
43 """
4317
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
44 If the service needs to do anything to the session and/or request,
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
45 before it is sent back to the client, he can chose to do so here.
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
46 Typical examples would be setting cookies for the client.
4211
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
47 """
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
48 raise NotImplementedError
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
49
dde44d6e24ae Removed MoinMoin.web.api, use inheritance and abstract classes
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4198
diff changeset
50 class FileSessionService(SessionService):
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
51 """
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
52 This sample session service stores session information in a temporary
4317
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
53 directory and identifies the session via a cookie in the request/response
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
54 cycle. It is based on werkzeug's FilesystemSessionStore, that implements
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
55 the whole logic for creating the actual session objects (which are
371bf2615ea1 Code review: added some more documentation
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4278
diff changeset
56 inherited from the builtin `dict`)
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
57 """
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
58 def __init__(self, cookie_name='MOIN_SESSION'):
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
59 self.cookie_name = cookie_name
4531
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
60 self.store = None
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
61
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
62 def _store_get(self, request):
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
63 if self.store is None:
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
64 path = request.cfg.session_dir
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
65 try:
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
66 filesys.mkdir(path)
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
67 except OSError:
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
68 pass
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
69 self.store = FilesystemSessionStore(path=path, filename_template='%s', session_class=MoinSession)
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
70 return self.store
4198
988b2b672219 Fix tests: source code (indentation, whitespace) mostly
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4195
diff changeset
71
4529
002c21b10561 fix / finish xmlrpc auth token (session) code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4317
diff changeset
72 def get_session(self, request, sid=None):
002c21b10561 fix / finish xmlrpc auth token (session) code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4317
diff changeset
73 if sid is None:
002c21b10561 fix / finish xmlrpc auth token (session) code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4317
diff changeset
74 sid = request.cookies.get(self.cookie_name, None)
4531
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
75 store = self._store_get(request)
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
76 if sid is None:
4531
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
77 session = store.new()
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
78 else:
4531
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
79 session = store.get(sid)
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
80 return session
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
81
4195
2d8a9f98382b Added 'destroy_session' to session service api
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4193
diff changeset
82 def destroy_session(self, request, session):
2d8a9f98382b Added 'destroy_session' to session service api
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4193
diff changeset
83 session.clear()
4531
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
84 store = self._store_get(request)
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
85 store.delete(session)
4195
2d8a9f98382b Added 'destroy_session' to session service api
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4193
diff changeset
86
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
87 def finalize(self, request, session):
4530
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
88 if request.user.auth_method == 'setuid':
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
89 userobj = request._setuid_real_user
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
90 setuid = request.user.id
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
91 else:
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
92 userobj = request.user
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
93 setuid = None
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
94 logging.debug("finalize userobj = %r, setuid = %r" % (userobj, setuid))
4193
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
95 if userobj and userobj.valid:
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
96 session['user.id'] = userobj.id
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
97 session['user.auth_method'] = userobj.auth_method
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
98 session['user.auth_attribs'] = userobj.auth_attribs
4530
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
99 if setuid:
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
100 session['setuid'] = setuid
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
101 elif 'setuid' in session:
0ac99fdbe65d fixed suid functionality, compute cfg.auth_methods only once
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4529
diff changeset
102 del session['setuid']
4193
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
103 logging.debug("after auth: storing valid user into session: %r" % userobj.name)
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
104 else:
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
105 if 'user.id' in session:
4195
2d8a9f98382b Added 'destroy_session' to session service api
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4193
diff changeset
106 self.destroy_session(request, session)
4193
1e954e802ed2 Start to make auth work again with the new session layer
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4190
diff changeset
107
4232
42352c0b2a51 Don't send session cookie when session was already established
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4211
diff changeset
108 if session.new:
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
109 cookie_lifetime = request.cfg.cookie_lifetime * 3600
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
110 cookie_expires = time.time() + cookie_lifetime
4278
7a6d93a96a98 Fixed: wrong cookie path made session restricted to login-action-path
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4232
diff changeset
111 if request.cfg.cookie_path:
7a6d93a96a98 Fixed: wrong cookie path made session restricted to login-action-path
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4232
diff changeset
112 cookie_path = request.cfg.cookie_path
7a6d93a96a98 Fixed: wrong cookie path made session restricted to login-action-path
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4232
diff changeset
113 else:
7a6d93a96a98 Fixed: wrong cookie path made session restricted to login-action-path
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4232
diff changeset
114 cookie_path = request.script_root or '/'
4188
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
115 cookie = dump_cookie(self.cookie_name, session.sid,
a2709307da3d New (sample) session service
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
116 cookie_lifetime, cookie_expires,
4278
7a6d93a96a98 Fixed: wrong cookie path made session restricted to login-action-path
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4232
diff changeset
117 cookie_path, request.cfg.cookie_domain)
4190
a030da8b2ec9 Fixed: missing imports and falsely ported session middleware code
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4188
diff changeset
118 request.headers.add('Set-Cookie', cookie)
4278
7a6d93a96a98 Fixed: wrong cookie path made session restricted to login-action-path
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4232
diff changeset
119
7a6d93a96a98 Fixed: wrong cookie path made session restricted to login-action-path
Florian Krupicka <florian.krupicka@googlemail.com>
parents: 4232
diff changeset
120 if session.should_save:
4531
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
121 store = self._store_get(request)
83666cc9dc31 new cfg.session_dir setting, store sessions into cache_dir/__session__ by default
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4530
diff changeset
122 store.save(session)
4529
002c21b10561 fix / finish xmlrpc auth token (session) code
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4317
diff changeset
123