def _set_session_for_flash_uploads(self):
'''
For flash uploads, flash does not pass the cookie forward.
So, I do it in a request param, then do this crap to reset the proper
session.
http://groups.google.com/group/pylons-discuss/browse_thread/thread/7814b72df58f788b?pli=1
'''
if 'session_cookie' in request.params:
cookie = request.params['session_cookie']
logger.info("BF3: Got session cookie '%s', resetting session...." % cookie)
session_id = str(cookie)
newsession = session.get_by_id(session_id)
# Normal pylons session behavior creates a temporary session if none exists.
# If we don't do that here, and no session exists (such as right after the session store (memcached)
# is restarted, and one tries to upload a logo w/o logging in), subsequent code will puke.
# The safest way to fix this would be to emulate pylons behavior, and instantiate a fresh beaker.session.Session object,
# but I don't know what to pass in for the billions of kwargs it takes, so we'll just use an empty {} for simplicity.
# If something breaks down the line because it expects Session-specific methods or properties, this is the problem.
if not newsession:
logger.info("No session found for key '%s'! Using an empty dictionary..." % cookie)
newsession = {}
# Load the registry and replace our global session withthe new one
registry = request.environ['paste.registry']
registry.register(session, newsession)
# Replace the other session reference to look to the new one
pylons_obj = request.environ['pylons.pylons']
pylons_obj.session = newsession
def __call__(self, environ, start_response):
"""Invoke the Controller"""
# WSGIController.__call__ dispatches to the Controller method
# the request is routed to. This routing information is
# available in environ['pylons.routes_dict']
try:
self._session = Session
auth.authenticate_basic_auth()
if '_debug_frontend' in request.params:
#now we can force this no matter the environment.
c.debug_frontend = request.params['_debug_frontend'] == 'True'
else:
c.debug_frontend = not h.is_production()
#this is used by timer proxy and the templates
c.show_debug = bool(session.get('show_debug'))
request.environ['USER'] = session.get('username', '')
request.environ['REAL_USER'] = session.get('real_username', '')
# set the start of the rendering
c.render_start = time.time()
c.requested_url = request.environ.get('PATH_INFO')
if request.environ.get('QUERY_STRING'):
c.requested_url += '?' + request.environ['QUERY_STRING']
logger.info(c.requested_url)
# Capture IP address in non-ssl mode, so we can use it in SSL mode see ticket #2275
ip = auth.get_user_ip()
if not session.get('IP_ADDRESS') and ip:
session['IP_ADDRESS'] = ip
elif not session.get('IP_ADDRESS') and request.environ.get(
'HTTP_RLNCLIENTIPADDR'):
session['IP_ADDRESS'] = request.environ.get(
'HTTP_RLNCLIENTIPADDR')
elif not session.get('IP_ADDRESS') and request.environ.get(
'REMOTE_ADDR'):
session['IP_ADDRESS'] = request.environ.get('REMOTE_ADDR')
# Save the first referer we see to store in user record when/if we create one.
if not session.get('referer'):
session['referer'] = environ.get('HTTP_REFERER',
'').decode('utf-8', 'ignore')
session.save()
if session.get('notify'):
c._notify = session['notify']
del session['notify']
session.save()
return WSGIController.__call__(self, environ, start_response)
finally:
if 'paste.testing_variables' not in request.environ:
Session.remove()
def commit(self):
"""
convenience method; commit the transaction
"""
# only do the flushing if we are running functional tests
if 'paste.testing_variables' in request.environ:
logger.info('Flushing, not committing...')
self._session.flush()
else:
self._session.commit()
def commit(self):
"""
convenience method; commit the transaction
"""
# only do the flushing if we are running functional tests
if 'paste.testing_variables' in request.environ:
logger.info('Flushing, not committing...')
self._session.flush()
else:
self._session.commit()
def __call__(self, environ, start_response):
"""Invoke the Controller"""
# WSGIController.__call__ dispatches to the Controller method
# the request is routed to. This routing information is
# available in environ['pylons.routes_dict']
try:
self._session = Session
auth.authenticate_basic_auth()
if '_debug_frontend' in request.params:
#now we can force this no matter the environment.
c.debug_frontend = request.params['_debug_frontend'] == 'True'
else:
c.debug_frontend = not h.is_production()
#this is used by timer proxy and the templates
c.show_debug = bool(session.get('show_debug'))
request.environ['USER'] = session.get('username', '')
request.environ['REAL_USER'] = session.get('real_username', '')
# set the start of the rendering
c.render_start = time.time()
c.requested_url = request.environ.get('PATH_INFO')
if request.environ.get('QUERY_STRING'):
c.requested_url += '?' + request.environ['QUERY_STRING']
logger.info(c.requested_url)
# Capture IP address in non-ssl mode, so we can use it in SSL mode see ticket #2275
ip = auth.get_user_ip()
if not session.get('IP_ADDRESS') and ip:
session['IP_ADDRESS'] = ip
elif not session.get('IP_ADDRESS') and request.environ.get('HTTP_RLNCLIENTIPADDR'):
session['IP_ADDRESS'] = request.environ.get('HTTP_RLNCLIENTIPADDR')
elif not session.get('IP_ADDRESS') and request.environ.get('REMOTE_ADDR'):
session['IP_ADDRESS'] = request.environ.get('REMOTE_ADDR')
# Save the first referer we see to store in user record when/if we create one.
if not session.get('referer'):
session['referer'] = environ.get('HTTP_REFERER','').decode('utf-8','ignore')
session.save()
if session.get('notify'):
c._notify = session['notify']
del session['notify']
session.save()
return WSGIController.__call__(self, environ, start_response)
finally:
if 'paste.testing_variables' not in request.environ:
Session.remove()
def authenticate_basic_auth():
header = request.headers.get('Authenticate') or request.headers.get('Authorization')
logger.info(header)
if header:
import base64
(style, b64) = header.split(' ')
if style == 'Basic':
username, password = base64.decodestring(b64).split(':')
username = unicode(username)
u = authenticate(username, password, redirect_after=False, from_http_auth=True)
if u: return u
return False
def authenticate_basic_auth():
header = request.headers.get('Authenticate') or request.headers.get(
'Authorization')
logger.info(header)
if header:
import base64
(style, b64) = header.split(' ')
if style == 'Basic':
username, password = base64.decodestring(b64).split(':')
username = unicode(username)
u = authenticate(username,
password,
redirect_after=False,
from_http_auth=True)
if u: return u
return False
def _set_session_for_flash_uploads(self):
'''
For flash uploads, flash does not pass the cookie forward.
So, I do it in a request param, then do this crap to reset the proper
session.
http://groups.google.com/group/pylons-discuss/browse_thread/thread/7814b72df58f788b?pli=1
'''
if 'session_cookie' in request.params:
cookie = request.params['session_cookie']
logger.info("BF3: Got session cookie '%s', resetting session...." %
cookie)
session_id = str(cookie)
newsession = session.get_by_id(session_id)
# Normal pylons session behavior creates a temporary session if none exists.
# If we don't do that here, and no session exists (such as right after the session store (memcached)
# is restarted, and one tries to upload a logo w/o logging in), subsequent code will puke.
# The safest way to fix this would be to emulate pylons behavior, and instantiate a fresh beaker.session.Session object,
# but I don't know what to pass in for the billions of kwargs it takes, so we'll just use an empty {} for simplicity.
# If something breaks down the line because it expects Session-specific methods or properties, this is the problem.
if not newsession:
logger.info(
"No session found for key '%s'! Using an empty dictionary..."
% cookie)
newsession = {}
# Load the registry and replace our global session withthe new one
registry = request.environ['paste.registry']
registry.register(session, newsession)
# Replace the other session reference to look to the new one
pylons_obj = request.environ['pylons.pylons']
pylons_obj.session = newsession
