예제 #1
0
  def test_purge_expired_tokens(self):
    """ Generate tokens with current time as expiration date/time.
    That is, tokens are expired as soon as they are generated.

    """
    for user in self.users:
      token = generate_user_auth_token(user,
                                       'password hash',
                                       timeout=0)
      auth_token = lookup_user_auth_token(user, token)
      self.assertEqual(None, auth_token)

    # As expired tokens are purged from the DB just before
    # they are generated, the above should leave us with one
    # expired token in the DB
    query = Session.gql("WHERE expire_date <= :1", api.utcnow())
    expired_tokens = query.count()
    self.assertEqual(1, expired_tokens)

    # Generate another token to trigger cache purging which
    # should leave us with no expired sessions in the DB (as
    # this token is generated with a future expiration date.)
    token = generate_user_auth_token('fake user', 'password hash')

    query = Session.gql("WHERE expire_date <= :1", api.utcnow())
    expired_tokens = query.count()
    self.assertEqual(0, expired_tokens)
예제 #2
0
파일: user.py 프로젝트: frankk00/realtor
def generate_user_auth_token(nick,
                             password,
                             timeout=(14 * 24 * 60 * 60)):
  """ Generates a user authentication token and stores it in the
  database for later retrieval.

  Why store tokens in the database? Because GAE flushes memcache quite
  aggressively and this was causing users to be logged out much more
  frequently than was acceptable.

  """
  # Clear cache of expired tokens
  purge_expired_user_auth_token_keys()

  token = util.hash_generic(util.generate_uuid())
  key = generate_user_auth_token_key(nick, token)
  # Set an expiration date to enable us to purge old, inactive
  # sessions from the database. Cookie expiration dates are what
  # actually govern how long sessions last.
  expire_date = (api.utcnow() +
                 datetime.timedelta(seconds=timeout))
  session = Session(key_name=key,
                    session_data=db.Blob(password.encode("utf-8")),
                    expire_date=expire_date)
  session.put()
  return token
예제 #3
0
 def save(self, must_create=False):
   if must_create and self.exists(self.session_key):
     raise base.CreateError
   session = Session(
       key_name='k:' + self.session_key,
       session_data = self.encode(self._session),
       expire_date = self.get_expiry_date())
   session.put()
예제 #4
0
 def _get_session(self, session_key):
   session = Session.get_by_key_name('k:' + session_key)
   if session:
     if session.expire_date > datetime.now():
       return session
     session.delete()
   return None
예제 #5
0
파일: user.py 프로젝트: frankk00/realtor
def lookup_user_auth_token(nick, token):
  """ Look up a user authentication token from the database cache. """

  key = generate_user_auth_token_key(nick, token)
  user_auth_token_blob = Session.get_by_key_name(key)
  if not user_auth_token_blob:
    return None
  elif user_auth_token_blob.expire_date <= api.utcnow():
    return None
  else:
    user_auth_token = user_auth_token_blob.session_data.decode("utf-8")
    return user_auth_token
예제 #6
0
파일: user.py 프로젝트: frankk00/realtor
def purge_expired_user_auth_token_keys():
  """ Remove expired tokens from the database. """

  #TODO: Remove hard coded limit
  limit = 10
  try:
    query = Session.gql("WHERE expire_date <= :1", api.utcnow())
    expired_tokens = query.count()
    if expired_tokens:
      db.delete(query.fetch(limit))
      logging.info("Removed %d expired user authentication "
                   "tokens (%d remaining)",
                   min(limit, expired_tokens),
                   max(0, expired_tokens-limit))
  except Exception, e:
    logging.exception('Unhandled exception while removing expired tokens')
예제 #7
0
 def exists(self, session_key):
   return Session.get_by_key_name('k:' + session_key) is not None
예제 #8
0
 def save(self):
   session = Session(
       key_name='k:' + self.session_key,
       session_data = self.encode(self._session),
       expire_date = self.get_expiry_date())
   session.put()
예제 #9
0
 def save(self):
     session = Session(key_name='k:' + self.session_key,
                       session_data=self.encode(self._session),
                       expire_date=self.get_expiry_date())
     session.put()