def on_open(self, request): """ Checking for user session and xsrf. To open socket, client must include into url xsrf value from cookie: io.connect('http://example.com?xsrf=' + xsrf_from_cookie') """ # check user session self.user_cookie = request.get_cookie('user') if not self.user_cookie: raise HTTPError(403, SocketError.NO_COOKIE) user = yield gen.Task(self.get_edtr_current_user, self.user_cookie) if not user: raise HTTPError(403, SocketError.BAD_SESSION) # check xsrf xsrf_arg = request.get_argument('xsrf') if not xsrf_arg or request.get_cookie('_xsrf').value != xsrf_arg: raise HTTPError(403, SocketError.XSRF) # TODO maybe store only needed user fields self.user = user SocketPool.add_socket(user['_id'], self.dbox_updates)
def _dbox_sync_user(user, error): if error: try: raise error except: logger.exception("_dbox_sync_user error:") elif user: user = UserModel(**user) async_dbox = DropboxMixin() db = DB.instance() skt_opened = SocketPool.is_socket_opened(user.name) rst = yield gen.Task( _update_dbox_delta, db, async_dbox, user, skt_opened) if rst['status'] != ErrCode.ok: logger.warning("Dropbox periodic update for user {0}" "ended with status = {1}".format(user.name, rst['status'])) elif skt_opened: if 'updates' in rst and rst['updates']: SocketPool.notify_dbox_update(user.name, rst) else: logger.error("_dbox_sync_user user not found")
def on_close(self): SocketPool.remove_socket(self.user['_id'])