def make_cookies(self):
"""
Create the necessary cookies to implement secure session handling
(possibly over HTTPS).
@return: a list of cookies.
"""
cookies = []
uid = self.get('_uid', -1)
if uid > 0 and CFG_SITE_SECURE_URL.startswith("https://"):
stub_cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME + 'stub', 'HTTPS')
else:
stub_cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME + 'stub', 'NO')
cookies.append(stub_cookie)
if self._req.is_https(
) or not CFG_SITE_SECURE_URL.startswith("https://") or uid <= 0:
cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME, self._sid)
if CFG_SITE_SECURE_URL.startswith("https://") and uid > 0:
cookie.secure = True
cookie.httponly = True
cookies.append(cookie)
for cookie in cookies:
cookie.path = '/'
if self._remember_me:
cookie.expires = time.time(
) + CFG_WEBSESSION_ONE_DAY * CFG_WEBSESSION_EXPIRY_LIMIT_REMEMBER
cookie.max_age = CFG_WEBSESSION_ONE_DAY * CFG_WEBSESSION_EXPIRY_LIMIT_REMEMBER
return cookies
def make_cookies(self):
"""
Create the necessary cookies to implement secure session handling
(possibly over HTTPS).
@return: a list of cookies.
"""
cookies = []
uid = self.get("uid", -1)
if uid > 0 and CFG_SITE_SECURE_URL.startswith("https://"):
stub_cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME + "stub", "HTTPS")
else:
stub_cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME + "stub", "NO")
cookies.append(stub_cookie)
if self._req.is_https() or not CFG_SITE_SECURE_URL.startswith("https://") or uid <= 0:
cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME, self._sid)
if CFG_SITE_SECURE_URL.startswith("https://") and uid > 0:
cookie.secure = True
cookie.httponly = True
cookies.append(cookie)
for cookie in cookies:
cookie.path = "/"
if self._remember_me:
cookie.expires = time.time() + self._timeout
return cookies
def make_cookies(self):
"""
Create the necessary cookies to implement secure session handling
(possibly over HTTPS).
@return: a list of cookies.
"""
cookies = []
uid = self.get('_uid', -1)
if uid > 0 and CFG_SITE_SECURE_URL.startswith("https://"):
stub_cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME + 'stub', 'HTTPS')
else:
stub_cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME + 'stub', 'NO')
cookies.append(stub_cookie)
if self._req.is_https() or not CFG_SITE_SECURE_URL.startswith("https://") or uid <= 0:
cookie = Cookie(CFG_WEBSESSION_COOKIE_NAME, self._sid)
if CFG_SITE_SECURE_URL.startswith("https://") and uid > 0:
cookie.secure = True
cookie.httponly = True
cookies.append(cookie)
for cookie in cookies:
cookie.path = '/'
if self._remember_me:
cookie.expires = time.time() + CFG_WEBSESSION_ONE_DAY * CFG_WEBSESSION_EXPIRY_LIMIT_REMEMBER
cookie.max_age = CFG_WEBSESSION_ONE_DAY * CFG_WEBSESSION_EXPIRY_LIMIT_REMEMBER
return cookies
def check_wsgiref_testing_feasability():
"""
In order to use wsgiref for running Invenio, CFG_SITE_URL and
CFG_SITE_SECURE_URL must not use HTTPS because SSL is not supported.
"""
if CFG_SITE_URL.lower().startswith('https'):
print >> sys.stderr, """
ERROR: SSL is not supported by the wsgiref simple server implementation.
Please set CFG_SITE_URL not to start with "https".
Currently CFG_SITE_URL is set to: "%s".""" % CFG_SITE_URL
sys.exit(1)
if CFG_SITE_SECURE_URL.lower().startswith('https'):
print >> sys.stderr, """
ERROR: SSL is not supported by the wsgiref simple server implementation.
Please set CFG_SITE_SECURE_URL not to start with "https".
Currently CFG_SITE_SECURE_URL is set to: "%s".""" % CFG_SITE_SECURE_URL
sys.exit(1)
def check_wsgiref_testing_feasability():
"""
In order to use wsgiref for running Invenio, CFG_SITE_URL and
CFG_SITE_SECURE_URL must not use HTTPS because SSL is not supported.
"""
if CFG_SITE_URL.lower().startswith('https'):
print >> sys.stderr, """
ERROR: SSL is not supported by the wsgiref simple server implementation.
Please set CFG_SITE_URL not to start with "https".
Currently CFG_SITE_URL is set to: "%s".""" % CFG_SITE_URL
sys.exit(1)
if CFG_SITE_SECURE_URL.lower().startswith('https'):
print >> sys.stderr, """
ERROR: SSL is not supported by the wsgiref simple server implementation.
Please set CFG_SITE_SECURE_URL not to start with "https".
Currently CFG_SITE_SECURE_URL is set to: "%s".""" % CFG_SITE_SECURE_URL
sys.exit(1)
import gc
from invenio import webinterface_handler_config as apache
from invenio.config import CFG_SITE_URL, CFG_SITE_SECURE_URL, CFG_TMPDIR, \
CFG_SITE_RECORD, CFG_ACCESS_CONTROL_LEVEL_SITE
from invenio.messages import wash_language
from invenio.urlutils import redirect_to_url
from invenio.errorlib import register_exception
from invenio.webuser import get_preferred_user_language, isGuestUser, \
getUid, isUserSuperAdmin, collect_user_info
from invenio.webinterface_handler_wsgi_utils import StringField
from invenio.session import get_session
## The following variable is True if the installation make any difference
## between HTTP Vs. HTTPS connections.
CFG_HAS_HTTPS_SUPPORT = CFG_SITE_SECURE_URL.startswith("https://")
## The following variable is True if HTTPS is used for *any* URL.
CFG_FULL_HTTPS = CFG_SITE_URL.lower().startswith("https://")
## Set this to True in order to log some more information.
DEBUG = False
# List of URIs for which the 'ln' argument must not be added
# automatically
CFG_NO_LANG_RECOGNITION_URIS = ['/rss',
'/oai2d',
'/journal']
from invenio import config
from invenio.config import CFG_SITE_URL, CFG_SITE_SECURE_URL, CFG_TMPDIR, \
CFG_SITE_RECORD, CFG_ACCESS_CONTROL_LEVEL_SITE
from invenio.messages import wash_language
from invenio.urlutils import redirect_to_url
from invenio.errorlib import register_exception
from invenio.webuser import get_preferred_user_language, isGuestUser, \
getUid, isUserSuperAdmin, collect_user_info, setUid
from invenio.webinterface_handler_wsgi_utils import StringField
from invenio.session import get_session
from invenio import web_api_key
## The following variable is True if the installation make any difference
## between HTTP Vs. HTTPS connections.
CFG_HAS_HTTPS_SUPPORT = CFG_SITE_SECURE_URL.startswith("https://")
## The following variable is True if HTTPS is used for *any* URL.
CFG_FULL_HTTPS = CFG_SITE_URL.lower().startswith("https://")
## Set this to True in order to log some more information.
DEBUG = False
# List of URIs for which the 'ln' argument must not be added
# automatically
CFG_NO_LANG_RECOGNITION_URIS = ['/rss',
'/oai2d',
'/journal']
from werkzeug.datastructures import CallbackDict
from werkzeug.exceptions import BadRequest
from flask.sessions import SessionInterface, SessionMixin
from flask import g, current_app, request, get_flashed_messages, flash
from warnings import warn
from invenio.sqlalchemyutils import db
from invenio.websession_model import Session
from invenio.webuser_flask import current_user
from invenio.config import \
CFG_SITE_SECURE_URL, \
CFG_FLASK_CACHE_TYPE
__all__ = ["InvenioSession", "InvenioSessionInterface"]
CFG_SUPPORT_HTTPS = CFG_SITE_SECURE_URL.startswith("https://")
# Store session information in memory cache (Redis, Memcache, ...).
CFG_SESSION_IN_CACHE = CFG_FLASK_CACHE_TYPE not in [None, 'null']
# Session key prefix for storing in db.
CFG_CACHE_KEY_PREFIX_SESSION = 'session::'
from invenio.cache import cache
class InvenioSession(dict, SessionMixin):
"""
This class implement a traditional Invenio session but compatible
with the Flask session handler.
"""
def __init__(self, initial=None, sid=None):