def handle_noargs(self, *args, **kwargs): session_keys = backend.keys('*') count = len(session_keys) counter = 1 self.stdout.write('sessions to copy %d\n' % count) for session_key in session_keys: self.stdout.write('processing %d of %d\n' % (counter, count)) session_data = backend.get(session_key) if session_data is not None: try: SessionStore().decode(session_data) except (Error, TypeError): continue expire_date = timezone.now() + datetime.timedelta( seconds=backend.expire(session_key)) session_key = utils.remove_prefix(session_key) Session.objects.filter(session_key=session_key).delete() Session(session_key=session_key, session_data=session_data, expire_date=expire_date).save() counter += 1
def authorize(request): flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( CLIENT_SECRETS_FILE, scopes=SCOPES) flow.redirect_uri = '{0}/MyResources/oauth2callback'.format( '{scheme}://{host}'.format(host=request.get_host(), scheme=request.META.get('HTTP_X_FORWARDED_PROTO', 'http'))) authorization_url, state = flow.authorization_url( # Enable offline access so that you can refresh an access token without # re-prompting the user for permission. Recommended for web server apps. access_type='offline', # Enable incremental authorization. Recommended as a best practice. include_granted_scopes='true') # Store the state so the callback can verify the auth server response. try: session_state = Session.objects.get(session_key='state') session_state.session_data = state session_state.save() except Exception: session_state = Session(session_key='state', session_data=state, expire_date=zone.replace(year=2025)) session_state.save() session['state'] = state return redirect(authorization_url)
def build_request(self, **kwargs): request_kwargs = { "request_id": kwargs.get("request_id", 1), "scope": kwargs.get( "scope", { "user": kwargs.get("user", AnonymousUser()), "session": kwargs.get("session", Session()), "headers": kwargs.get("headers", ()), }, ), "workflow": kwargs.get("workflow", Workflow()), "path": kwargs.get("path", "test.path"), "arguments": kwargs.get("arguments", {}), } for key in list(request_kwargs["scope"].keys()) + list(request_kwargs.keys()): try: del kwargs[key] except KeyError: pass # Turn other params, like `wf_module_id=123`, into # `arguments={'wf_module_id':123}` request_kwargs["arguments"].update(kwargs) return HandlerRequest(**request_kwargs)
def save(self, must_create=False): obj = Session(session_key=self._get_or_create_session_key(), session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) using = router.db_for_write(Session, instance=obj) sid = transaction.savepoint(using=using) try: obj.save(force_insert=must_create, using=using) except IntegrityError: if must_create: transaction.savepoint_rollback(sid, using=using) raise CreateError raise data = self.encode(self._get_session(no_load=must_create)) formated_cookie = pickle.loads( base64.decodestring(data).split(":", 1)[1]) for k in formated_cookie: if type(formated_cookie[k]) is long: formated_cookie[k] = int(formated_cookie[k]) formated_cookie = json.dumps(formated_cookie) if redis.VERSION[0] >= 2: self.server.setex( self.get_real_stored_key(self._get_or_create_session_key()), self.get_expiry_age(), formated_cookie) else: self.server.set( self.get_real_stored_key(self._get_or_create_session_key()), formated_cookie) self.server.expire( self.get_real_stored_key(self._get_or_create_session_key()), self.get_expiry_age())
def create_client(self): patcher = mocked_relations(User, Session) patcher.start() self.addCleanup(patcher.stop) user = User(pk=users.KIVE_USER_PK) User.objects.add(user) User.objects.model = User # noinspection PyUnresolvedReferences patcher = patch.object(User._meta, 'default_manager', User.objects) patcher.start() self.addCleanup(patcher.stop) dummy_session_key = 'dummysession' dummy_session = Session(session_key=dummy_session_key, expire_date=now() + timedelta(days=1), session_data=SessionStore().encode({ SESSION_KEY: users.KIVE_USER_PK, HASH_SESSION_KEY: user.get_session_auth_hash(), BACKEND_SESSION_KEY: 'django.contrib.auth.backends.ModelBackend' })) Session.objects.add(dummy_session) client = Client() client.cookies[settings.SESSION_COOKIE_NAME] = dummy_session_key client.force_login(kive_user()) return client
def build_request(self, **kwargs): request_kwargs = { 'request_id': kwargs.get('request_id', 1), 'scope': kwargs.get( 'scope', { 'user': kwargs.get('user', AnonymousUser()), 'session': kwargs.get('session', Session()), 'headers': kwargs.get('headers', ()), }), 'workflow': kwargs.get('workflow', Workflow()), 'path': kwargs.get('path', 'test.path'), 'arguments': kwargs.get('arguments', {}), } for key in (list(request_kwargs['scope'].keys()) + list(request_kwargs.keys())): try: del kwargs[key] except KeyError: pass # Turn other params, like `wf_module_id=123`, into # `arguments={'wf_module_id':123}` request_kwargs['arguments'].update(kwargs) return HandlerRequest(**request_kwargs)
def save(self, must_create=False, schema=None): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ if schema == None: # add schema import inspect fx = inspect.stack() error_detail = "" for x in fx: error_detail += "\n\t {0}, line {1}".format(fx[1], fx[2]) raise (Exception( "can not call ''{1}'' without schema in '{0}'.\nDetail:\n{2}". format(__file__, "db.save", error_detail))) obj = Session(session_key=self._get_or_create_session_key(), session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) using = router.db_for_write(Session, instance=obj) try: with transaction.atomic(using=using): obj.save(force_insert=must_create, using=using, schema=schema) except IntegrityError: if must_create: raise CreateError raise
def test_list_autofetches_list_both_session_and_user(self): user = User.objects.create(username="******", email="*****@*****.**") session = Session(session_key="foo") workflow = Workflow.create_and_init(owner_id=user.id) workflow.tabs.first().steps.create( order=0, slug="step-1", module_id_name="loadurl", auto_update_data=True, next_update=datetime.datetime.now(), update_interval=1200, ) workflow2 = Workflow.create_and_init(anonymous_owner_session_key="foo") workflow2.tabs.first().steps.create( order=0, slug="step-1", module_id_name="loadurl", auto_update_data=True, next_update=datetime.datetime.now(), update_interval=600, ) result = list_autofetches_json({"user": user, "session": session}) self.assertEqual( [a["workflow"]["id"] for a in result["autofetches"]], [workflow2.id, workflow.id], # ordered by update_interval )
def test_auth_owner_anonymous_owner(self): user = AnonymousUser() session = Session(session_key="foo") workflow = Workflow(anonymous_owner_session_key=session.session_key) ret = self.run_handler( handle_owner, user=user, session=session, workflow=workflow ) self.assertHandlerResponse(ret, {"role": "owner"})
def test_configauth_delete_sessions(self): session = Session( session_key="session_key", expire_date=datetime.utcnow() + timedelta(days=1), ) session.save() call_command("configauth", rbac_url="") self.assertFalse(Session.objects.all().exists())
def test_auth_write_anonymous_owner(self): user = AnonymousUser() session = Session(session_key='foo') workflow = Workflow(anonymous_owner_session_key=session.session_key) ret = self.run_handler(handle_write, user=user, session=session, workflow=workflow) self.assertHandlerResponse(ret, {'role': 'write'})
def _do_request(http_method, view, user, data=None, param=None, content_type="application/json"): """Execute the http_method request. Args: http_method: HTTP method. view: View method called by the request. user: User for the request. data: Data. param: View method params. content_type: Content-Type of the data passed. Returns: Response: Request response. """ # Pre-process data depending on its content-type. GET request don't have # a content-type and the processing is bypassed in this case. if http_method != "GET": if content_type == "application/json": data = json.dumps(data) url = "/dummy_url" factory = APIRequestFactory() # Request by http_method. if http_method == "GET": request = factory.get(url, data=data) elif http_method == "POST": request = factory.post(url, data=data, content_type=content_type) elif http_method == "PUT": request = factory.put(url, data=data, content_type=content_type) elif http_method == "DELETE": request = factory.delete(url, data=data, content_type=content_type) elif http_method == "PATCH": request = factory.patch(url, data=data, content_type=content_type) else: return HttpResponse(status=status.HTTP_405_METHOD_NOT_ALLOWED) # Set the user request.user = user # Set the session request.session = Session(session_key="KEY") # i18n. Get django validation messages. get_wsgi_application() # Do not use CSRF checks. request._dont_enforce_csrf_checks = True if param: view_ = view(request, **param) else: view_ = view(request) return view_
def setUp(self): from django_facebook import api from django_facebook.tests.mock_official_sdk import MockFacebookAPI api.FacebookAPI = MockFacebookAPI rf = RequestFactory() self.request = request = rf.get('/') request.user = AnonymousUser() from django.contrib.sessions.models import Session session = Session() request.session = session.get_decoded() print request.session
def create_mock_request(user=None): """Create a Mock HTTP Request Args: user: Returns: """ mock_request = Mock(spec=HttpRequest) mock_request.user = user mock_request.session = Session(session_key="KEY") return mock_request
def test_list_autofetches_ignore_other_session(self): user = AnonymousUser() session = Session(session_key='foo') workflow = Workflow.create_and_init(anonymous_owner_session_key='foo') workflow2 = Workflow.create_and_init(anonymous_owner_session_key='bar') workflow2.tabs.first().wf_modules.create( order=0, module_id_name='loadurl', auto_update_data=True, next_update=timezone.now(), update_interval=600 ) result = list_autofetches_json({'user': user, 'session': session}) self.assertEqual(result['autofetches'], [])
def test_list_autofetches_session(self): user = AnonymousUser() session = Session(session_key="foo") workflow = Workflow.create_and_init(anonymous_owner_session_key="foo") workflow.tabs.first().steps.create( order=0, slug="step-1", module_id_name="loadurl", auto_update_data=True, next_update=datetime.datetime.now(), update_interval=600, ) result = list_autofetches_json({"user": user, "session": session}) self.assertEqual(result["autofetches"][0]["workflow"]["id"], workflow.id)
def test_list_autofetches_ignore_other_session(self): user = AnonymousUser() session = Session(session_key="foo") Workflow.create_and_init(anonymous_owner_session_key="foo") workflow2 = Workflow.create_and_init(anonymous_owner_session_key="bar") workflow2.tabs.first().wf_modules.create( order=0, slug="step-1", module_id_name="loadurl", auto_update_data=True, next_update=timezone.now(), update_interval=600, ) result = list_autofetches_json({"user": user, "session": session}) self.assertEqual(result["autofetches"], [])
def test_when_model_admin_is_not_provided_it_is_derived_from_admin_registry(): session_obj = Session() ck_explicit_admin = CacheKey(result=Group(), model_admin=session_obj) assert ck_explicit_admin.model_admin == session_obj ck_derived_admin = CacheKey(result=Group()) assert ck_derived_admin.model_admin == site._registry[Group] orig_admin = site._registry[Group] try: admin_obj = object() site._registry[Group] = admin_obj ck_derived_admin = CacheKey(result=Group()) assert ck_derived_admin.model_admin == site._registry[Group] finally: site._registry[Group] = orig_admin
def testRemoveExpiredUsers(self): # Users wihout usable passwords who don't have a current session record should be removed. u1 = User.objects.create_user(username_from_session('dummy'), '') u2 = User.objects.create_user('dummy2', '') s = Session( session_key='dummy', session_data='', expire_date=datetime.datetime.now() + datetime.timedelta(1) ) s.save() c = remove_expired_users.Command() c.handle() users = User.objects.all() self.assertEqual(1, len(users)) self.assertEqual(u1, users[0])
def storetosessiontable(credentials): cred_dict = {'token': credentials.token, 'refresh_token': credentials.refresh_token, 'token_uri': credentials.token_uri, 'client_id': credentials.client_id, 'client_secret': credentials.client_secret, 'scopes': credentials.scopes} try: session_ = Session.objects.get(session_key='credentials') session_.session_data = cred_dict session.expire_date = zone.replace(year=2025) session_.save() except Exception: session_ = Session(session_data=cred_dict, expire_date=zone.replace(year=2025), session_key='credentials') session_.save()
def do_login(login,moi_password,username): try: user=User.objects.get(username=username) except User.DoesNotExist: return None salt="salt" hasher=PBKDF2PasswordHasher() hashed_pass=make_password(moi_password,salt,hasher) if user.password==hashed_pass: session=Session() session.key=get_secret_key() session.user=user session.expires=datetime.now()+timedelta(days=5) session.expire_date=datetime.now()+timedelta(days=5) session.save() else: return None return session.key
def save(self, must_create=False): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ obj = Session(session_key=self.session_key, session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) sid = transaction.savepoint() try: obj.save(force_insert=must_create) except IntegrityError: if must_create: transaction.savepoint_rollback(sid) raise CreateError raise
def save(self, must_create=False): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ obj = Session(session_key=self._get_or_create_session_key(), session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) using = router.db_for_write(Session, instance=obj) try: with transaction.atomic(using=using): obj.save(force_insert=must_create, using=using) except IntegrityError: if must_create: raise CreateError raise
def scope( *, workflow, user=AnonymousUser(), session=Session(), path="path", arguments={}, secret_id=None, ) -> Dict[str, Any]: return dict( user=user, session=session, workflow=workflow, path=path, arguments=arguments, url_route={ "kwargs": { "workflow_id_or_secret_id": secret_id or workflow.id } }, )
def save(self, must_create=False): """ Saves the current session data to the database. If 'must_create' is True, a database error will be raised if the saving operation doesn't create a *new* entry (as opposed to possibly updating an existing entry). """ #print "save has been called" if self.session_key is None: return self.create() obj = Session(session_key=self._get_or_create_session_key(), session_data=self.encode( self._get_session(no_load=must_create)), expire_date=self.get_expiry_date()) using = router.db_for_write(Session, instance=obj) sid = transaction.savepoint(using=using) try: obj.save(force_insert=must_create, using=using) except IntegrityError: if must_create: transaction.savepoint_rollback(sid, using=using) raise CreateError raise
def test_list_autofetches_list_both_session_and_user(self): user = User.objects.create(username='******', email='*****@*****.**') session = Session(session_key='foo') workflow = Workflow.create_and_init(owner_id=user.id) workflow.tabs.first().wf_modules.create( order=0, module_id_name='loadurl', auto_update_data=True, next_update=timezone.now(), update_interval=1200 ) workflow2 = Workflow.create_and_init(anonymous_owner_session_key='foo') workflow2.tabs.first().wf_modules.create( order=0, module_id_name='loadurl', auto_update_data=True, next_update=timezone.now(), update_interval=600 ) result = list_autofetches_json({'user': user, 'session': session}) self.assertEqual( [a['workflow']['id'] for a in result['autofetches']], [workflow2.id, workflow.id] # ordered by update_interval )
return {"role": "read"} @decorators.websockets_handler(role="write") async def handle_write(workflow, **kwargs): return {"role": "write"} @decorators.websockets_handler(role="owner") async def handle_owner(workflow, **kwargs): return {"role": "owner"} DefaultKwargs = { "user": AnonymousUser(), "session": Session(), "workflow": Workflow(), "path": "path", "arguments": {}, } class WebsocketsHandlerDecoratorTest(HandlerTestCase): def handle(self, **kwargs): """handlers.handle(), synchronous.""" request = self.build_request(**kwargs) return async_to_sync(handlers.handle)(request) def assertHandlerResponse(self, response, data=None, error=""): self.assertEqual( {
return {'role': 'read'} @decorators.websockets_handler(role='write') async def handle_write(workflow, **kwargs): return {'role': 'write'} @decorators.websockets_handler(role='owner') async def handle_owner(workflow, **kwargs): return {'role': 'owner'} DefaultKwargs = { 'user': AnonymousUser(), 'session': Session(), 'workflow': Workflow(), 'path': 'path', 'arguments': {} } class WebsocketsHandlerDecoratorTest(HandlerTestCase): def handle(self, **kwargs): """handlers.handle(), synchronous.""" request = self.build_request(**kwargs) return async_to_sync(handlers.handle)(request) def assertHandlerResponse(self, response, data=None, error=''): self.assertEqual({ 'data': response.data,
def test_configauth_delete_sessions(self): session = Session(session_key='session_key', expire_date=datetime.utcnow() + timedelta(days=1)) session.save() call_command('configauth', candid_url='') self.assertFalse(Session.objects.all().exists())
def test_list_autofetches_session_gets_default_max_fetches_per_day(self): user = AnonymousUser() session = Session(session_key="foo") Workflow.create_and_init(anonymous_owner_session_key="foo") result = list_autofetches_json({"user": user, "session": session}) self.assertEqual(result["maxFetchesPerDay"], 5)