- If the form post value ``max_age`` exists while in the ``identify`` met...

Chris McDonough

2009-06-25 a1416326817b8d82717f2fe173435601e7d43cb4

- If the form post value ``max_age`` exists while in the ``identify``
  method is handling the ``login_handler_path``, pass the max_age
  value in the returned identity dictionary as ``max_age``.

 CHANGES.txt

@@ -5,6 +5,11 @@
Next release
============

- If the form post value ``max_age`` exists while in the ``identify``
  method is handling the ``login_handler_path``, pass the max_age
  value in the returned identity dictionary as ``max_age``.  See the
  below bullet point for why.

- If the ``identity`` dict passed to the ``auth_tkt`` ``remember``
  method contains a ``max_age`` key with a string (or integer) value,
  treat it as a cue to set the ``Max-Age`` and ``Expires`` headers in

 repoze/who/plugins/form.py

@@ -105,7 +105,11 @@
            environ['QUERY_STRING'] = urllib.urlencode(query)
            environ['repoze.who.application'] = HTTPFound(
                                                    construct_url(environ))
            return {'login':login, 'password':password}
            credentials = {'login':login, 'password':password}
            max_age = form.get('max_age', None)
            if max_age is not None:
                credentials['max_age'] = max_age
            return credentials

        return None

@@ -167,12 +171,19 @@
            try:
                login = form['login']
                password = form['password']
                max_age = form.get('max_age', None)
                credentials = {
                    'login':form['login'],
                    'password':form['password']
                    'password':form['password'],
                    }
            except KeyError:
                credentials = None

            if credentials is not None:
                max_age = form.get('max_age', None)
                if max_age is not None:
                    credentials['max_age'] = max_age
            
            referer = environ.get('HTTP_REFERER', '/')
            came_from = form.get('came_from', referer)
            environ['repoze.who.application'] = HTTPFound(came_from)

 repoze/who/plugins/tests/test_form.py

@@ -16,13 +16,16 @@
                                        formbody, formcallable)
        return plugin

    def _makeEnviron(self, login=None, password=None, do_login=False):
    def _makeEnviron(self, login=None, password=None, do_login=False,
                     max_age=None):
        from StringIO import StringIO
        fields = []
        if login:
            fields.append(('login', login))
        if password:
            fields.append(('password', password))
        if max_age:
            fields.append(('max_age', max_age))
        content_type, body = encode_multipart_formdata(fields)
        credentials = {'login':'chris', 'password':'password'}
        identifier = DummyIdentifier(credentials)
@@ -82,6 +85,18 @@
                                        password='password')
        result = plugin.identify(environ)
        self.assertEqual(result, {'login':'chris', 'password':'password'})
        app = environ['repoze.who.application']
        self.failUnless(isinstance(app, HTTPFound))
        self.assertEqual(app.location(), 'http://localhost:8080/protected')

    def test_identify_success_with_max_age(self):
        from paste.httpexceptions import HTTPFound
        plugin = self._makeOne()
        environ = self._makeEnviron(do_login=True, login='chris',
                                        password='password', max_age='500')
        result = plugin.identify(environ)
        self.assertEqual(result, {'login':'chris', 'password':'password',
                                  'max_age':'500'})
        app = environ['repoze.who.application']
        self.failUnless(isinstance(app, HTTPFound))
        self.assertEqual(app.location(), 'http://localhost:8080/protected')
@@ -204,7 +219,7 @@
        return plugin

    def _makeEnviron(self, login=None, password=None, came_from=None,
                         path_info='/', identifier=None):
                         path_info='/', identifier=None, max_age=None):
        from StringIO import StringIO
        fields = []
        if login:
@@ -213,6 +228,8 @@
            fields.append(('password', password))
        if came_from:
            fields.append(('came_from', came_from))
        if max_age:
            fields.append(('max_age', max_age))
        if identifier is None:
            credentials = {'login':'chris', 'password':'password'}
            identifier = DummyIdentifier(credentials)
@@ -261,6 +278,23 @@
        self.assertEqual(value, 'http://example.com')
        self.assertEqual(app.code, 302)

    def test_identify_via_login_handler_max_age(self):
        plugin = self._makeOne()
        environ = self._makeEnviron(path_info='/login_handler',
                                    login='chris',
                                    password='password',
                                    came_from='http://example.com',
                                    max_age='500')
        result = plugin.identify(environ)
        self.assertEqual(result, {'login':'chris', 'password':'password',
                                  'max_age':'500'})
        app = environ['repoze.who.application']
        self.assertEqual(len(app.headers), 1)
        name, value = app.headers[0]
        self.assertEqual(name, 'location')
        self.assertEqual(value, 'http://example.com')
        self.assertEqual(app.code, 302)

    def test_identify_via_login_handler_no_username_pass(self):
        plugin = self._makeOne()
        environ = self._makeEnviron(path_info='/login_handler')