Merge branch 'master' of github.com:Pylons/pyramid
| | |
|---|
| | | tokens = filter(None, tokens) |
|---|
| | | headers = self.remember(request, userid, max_age=self.max_age, |
|---|
| | | tokens=tokens) |
|---|
| | | add_global_response_headers(request, headers) |
|---|
| | | def reissue_authtkt(request, response): |
|---|
| | | if not hasattr(request, '_authtkt_reissue_revoked'): |
|---|
| | | for k, v in headers: |
|---|
| | | response.headerlist.append((k, v)) |
|---|
| | | request.add_response_callback(reissue_authtkt) |
|---|
| | | request._authtkt_reissued = True |
|---|
| | | |
|---|
| | | environ['REMOTE_USER_TOKENS'] = tokens |
|---|
| | |
|---|
| | | """ Return a set of expires Set-Cookie headers, which will destroy |
|---|
| | | any existing auth_tkt cookie when attached to a response""" |
|---|
| | | environ = request.environ |
|---|
| | | request._authtkt_reissue_revoked = True |
|---|
| | | return self._get_cookies(environ, '', max_age=EXPIRE) |
|---|
| | | |
|---|
| | | def remember(self, request, userid, max_age=None, tokens=()): |
|---|
| | |
|---|
| | | if not (isinstance(token, str) and VALID_TOKEN.match(token)): |
|---|
| | | raise ValueError("Invalid token %r" % (token,)) |
|---|
| | | |
|---|
| | | if hasattr(request, '_authtkt_reissued'): |
|---|
| | | request._authtkt_reissue_revoked = True |
|---|
| | | |
|---|
| | | ticket = self.AuthTicket( |
|---|
| | | self.secret, |
|---|
| | | userid, |
|---|
| | |
|---|
| | | self.assertTrue(result) |
|---|
| | | self.assertEqual(len(request.callbacks), 1) |
|---|
| | | response = DummyResponse() |
|---|
| | | request.callbacks[0](None, response) |
|---|
| | | request.callbacks[0](request, response) |
|---|
| | | self.assertEqual(len(response.headerlist), 3) |
|---|
| | | self.assertEqual(response.headerlist[0][0], 'Set-Cookie') |
|---|
| | | |
|---|
| | |
|---|
| | | self.assertTrue(result) |
|---|
| | | self.assertEqual(len(request.callbacks), 0) |
|---|
| | | |
|---|
| | | def test_identify_cookie_reissue_revoked_by_forget(self): |
|---|
| | | import time |
|---|
| | | helper = self._makeOne('secret', timeout=10, reissue_time=0) |
|---|
| | | now = time.time() |
|---|
| | | helper.auth_tkt.timestamp = now |
|---|
| | | helper.now = now + 1 |
|---|
| | | request = self._makeRequest('bogus') |
|---|
| | | result = helper.identify(request) |
|---|
| | | self.assertTrue(result) |
|---|
| | | self.assertEqual(len(request.callbacks), 1) |
|---|
| | | result = helper.forget(request) |
|---|
| | | self.assertTrue(result) |
|---|
| | | self.assertEqual(len(request.callbacks), 1) |
|---|
| | | response = DummyResponse() |
|---|
| | | request.callbacks[0](request, response) |
|---|
| | | self.assertEqual(len(response.headerlist), 0) |
|---|
| | | |
|---|
| | | def test_identify_cookie_reissue_revoked_by_remember(self): |
|---|
| | | import time |
|---|
| | | helper = self._makeOne('secret', timeout=10, reissue_time=0) |
|---|
| | | now = time.time() |
|---|
| | | helper.auth_tkt.timestamp = now |
|---|
| | | helper.now = now + 1 |
|---|
| | | request = self._makeRequest('bogus') |
|---|
| | | result = helper.identify(request) |
|---|
| | | self.assertTrue(result) |
|---|
| | | self.assertEqual(len(request.callbacks), 1) |
|---|
| | | result = helper.remember(request, 'bob') |
|---|
| | | self.assertTrue(result) |
|---|
| | | self.assertEqual(len(request.callbacks), 1) |
|---|
| | | response = DummyResponse() |
|---|
| | | request.callbacks[0](request, response) |
|---|
| | | self.assertEqual(len(response.headerlist), 0) |
|---|
| | | |
|---|
| | | def test_identify_cookie_reissue_with_tokens_default(self): |
|---|
| | | # see https://github.com/Pylons/pyramid/issues#issue/108 |
|---|
| | | import time |
|---|
