Python username_from_session Exemples

Exemple #1

Fichier : decorators.py Projet : drx/django-lazysignup

    def wrapped(request, *args, **kwargs):
        assert hasattr(request, 'session'), ("You need to have the session "
                                             "app intsalled")
        if getattr(settings, 'LAZYSIGNUP_ENABLE', True):
            # If the user agent is one we ignore, bail early
            ignore = False
            request_user_agent = request.META.get('HTTP_USER_AGENT', '')
            for user_agent in USER_AGENT_BLACKLIST:
                if user_agent.search(request_user_agent):
                    ignore = True
                    break

            # If there's already a key in the session for a valid user, then we don't
            # need to do anything. If the user isn't valid, then get_user will return
            # an anonymous user
            if get_user(request).is_anonymous() and not ignore:
                # If not, then we have to create a user, and log them in.
                from lazysignup.models import LazyUser
                username = username_from_session(request.session.session_key)
                user = LazyUser.objects.create_lazy_user(username)
                request.user = None
                user = authenticate(username=username)
                assert user, ("Lazy user creation and authentication "
                              "failed. Have you got "
                              "lazysignup.backends.LazySignupBackend in "
                              "AUTHENTICATION_BACKENDS?")
                # Set the user id in the session here to prevent the login
                # call cycling the session key.
                request.session[SESSION_KEY] = user.id
                login(request, user)
        return func(request, *args, **kwargs)

Exemple #2

Fichier : decorators.py Projet : mattjmorrison/django-lazysignup

    def wrapped(request, *args, **kwargs):
        assert hasattr(request, 'session'), ("You need to have the session "
                                             "app intsalled")
        if getattr(settings, 'LAZYSIGNUP_ENABLE', True):
            # If the user agent is one we ignore, bail early
            ignore = False
            request_user_agent = request.META.get('HTTP_USER_AGENT', '')
            for user_agent in USER_AGENT_BLACKLIST:
                if user_agent.search(request_user_agent):
                    ignore = True
                    break

            # If there's already a key in the session for a valid user, then we don't
            # need to do anything. If the user isn't valid, then get_user will return
            # an anonymous user
            if get_user(request).is_anonymous() and not ignore:
                # If not, then we have to create a user, and log them in.
                from lazysignup.models import LazyUser
                username = username_from_session(request.session.session_key)
                user = LazyUser.objects.create_lazy_user(username)
                request.user = None
                user = authenticate(username=username)
                assert user, ("Lazy user creation and authentication "
                              "failed. Have you got "
                              "lazysignup.backends.LazySignupBackend in "
                              "AUTHENTICATION_BACKENDS?")
                # Set the user id in the session here to prevent the login
                # call cycling the session key.
                request.session[SESSION_KEY] = user.id
                login(request, user)
        return func(request, *args, **kwargs)

Exemple #3

 def testUsernameNotBasedOnSessionKey(self):
     # The generated username should not look like the session key. While doing
     # so isn't a security problem in itself, any client software that blindly
     # displays the logged-in user's username risks showing most of the session
     # key to the world.
     fake_session_key = 'a' * 32
     username = username_from_session(fake_session_key)
     self.failIf(fake_session_key.startswith(username))

Exemple #4

 def testCreateLazyUser(self, mock_resolve):
     # If there isn't a setup session, then this middleware should create a user
     # with the same name as the session key, and an unusable password.
     f = allow_lazy_user(lambda request: 1)
     mock_resolve.return_value = (f, None, None)
     f(self.request)
     self.assertEqual(username_from_session(self.request.session.session_key), self.request.user.username)
     self.assertEqual(False, self.request.user.has_usable_password())

Exemple #5

Fichier : tests.py Projet : drx/django-lazysignup

 def testUsernameNotBasedOnSessionKey(self):
     # The generated username should not look like the session key. While doing
     # so isn't a security problem in itself, any client software that blindly
     # displays the logged-in user's username risks showing most of the session
     # key to the world.
     fake_session_key = "a" * 32
     username = username_from_session(fake_session_key)
     self.failIf(fake_session_key.startswith(username))

Exemple #6

Fichier : tests.py Projet : drx/django-lazysignup

 def testCreateLazyUser(self, mock_resolve):
     # If there isn't a setup session, then this middleware should create a user
     # with the same name as the session key, and an unusable password.
     f = allow_lazy_user(lambda request: 1)
     mock_resolve.return_value = (f, None, None)
     f(self.request)
     self.assertEqual(username_from_session(self.request.session.session_key), self.request.user.username)
     self.assertEqual(False, self.request.user.has_usable_password())

Exemple #7

    def testBadSessionAlreadyExists(self, mock_resolve):
        # If the user id is already in the session, but the user doesn't exist,
        # then a user should be created
        f = allow_lazy_user(lambda request: 1)
        self.request.session[SESSION_KEY] = 1000
        mock_resolve.return_value = (f, None, None)

        f(self.request)
        self.assertEqual(username_from_session(self.request.session.session_key), self.request.user.username)
        self.assertEqual(False, self.request.user.has_usable_password())

Exemple #8

Fichier : tests.py Projet : drx/django-lazysignup

    def testBadSessionAlreadyExists(self, mock_resolve):
        # If the user id is already in the session, but the user doesn't exist,
        # then a user should be created
        f = allow_lazy_user(lambda request: 1)
        self.request.session[SESSION_KEY] = 1000
        mock_resolve.return_value = (f, None, None)

        f(self.request)
        self.assertEqual(username_from_session(self.request.session.session_key), self.request.user.username)
        self.assertEqual(False, self.request.user.has_usable_password())

Exemple #9

Fichier : tests.py Projet : drx/django-lazysignup

    def testRemoveExpiredUsers(self):
        # Users wihout usable passwords who don't have a current session record should be removed.
        u1 = User.objects.create_user(username_from_session("dummy"), "")
        u2 = User.objects.create_user("dummy2", "")
        s = Session(session_key="dummy", session_data="", expire_date=datetime.datetime.now() + datetime.timedelta(1))
        s.save()

        c = remove_expired_users.Command()
        c.handle()

        users = User.objects.all()
        self.assertEqual(1, len(users))
        self.assertEqual(u1, users[0])

Exemple #10

Fichier : remove_expired_users.py Projet : aehlke/django-lazysignup

    def handle_noargs(self, **options):
        usernames = [username_from_session(sk) for sk in Session.objects.all().values_list('session_key', flat=True)]

        # Find all the users who have an unusable password, whose usernames
        # aren't in the list of valid sessions:
        session_users = User.objects.filter(
            password=UNUSABLE_PASSWORD
        ).exclude(
            username__in=usernames
        )

        # Delete each of these users. We don't use the queryset delete() because
        # we want cascades to work.
        for user in session_users:
            user.delete()

Exemple #11

Fichier : remove_expired_users.py Projet : mattjmorrison/django-lazysignup

    def handle_noargs(self, **options):
        usernames = [
            username_from_session(sk)
            for sk in Session.objects.all().values_list('session_key',
                                                        flat=True)
        ]

        # Find all the users who have an unusable password, whose usernames
        # aren't in the list of valid sessions:
        session_users = User.objects.filter(
            password=UNUSABLE_PASSWORD).exclude(username__in=usernames)

        # Delete each of these users. We don't use the queryset delete() because
        # we want cascades to work.
        for user in session_users:
            user.delete()

Exemple #12

    def testRemoveExpiredUsers(self):
        # Users wihout usable passwords who don't have a current session record should be removed.
        u1 = User.objects.create_user(username_from_session('dummy'), '')
        u2 = User.objects.create_user('dummy2', '')
        s = Session(
            session_key='dummy',
            session_data='',
            expire_date=datetime.datetime.now() + datetime.timedelta(1)
        )
        s.save()

        c = remove_expired_users.Command()
        c.handle()

        users = User.objects.all()
        self.assertEqual(1, len(users))
        self.assertEqual(u1, users[0])

Exemple #13

Fichier : remove_expired_users.py Projet : aehlke/django-lazysignup

 def get_username(self, session_key, username_length=None):
     return username_from_session(session_key, username_length)

Exemple #14

Fichier : remove_expired_users.py Projet : mattjmorrison/django-lazysignup

 def get_username(self, session_key, username_length=None):
     return username_from_session(session_key, username_length)