Mercurial > p > roundup > code
comparison roundup/cgi/actions.py @ 6823:fe0091279f50
Refactor session db logging and key generation for sessions/otks
While I was working on the redis sessiondb stuff, I noticed that
log_wanrning, get_logger ... was duplicated. Also there was code to
generate a unique key for otks that was duplicated.
Changes:
creating new sessions_common.py and SessionsCommon class to provide
methods:
log_warning, log_info, log_debug, get_logger, getUniqueKey
getUniqueKey method is closer to the method used to make
session keys in client.py.
sessions_common.py now report when random_.py chooses a weak
random number generator. Removed same from rest.py.
get_logger reconciles all logging under
roundup.hyperdb.backends.<name of BasicDatabase class>
some backends used to log to root logger.
have BasicDatabase in other sessions_*.py modules inherit from
SessionCommon.
change logging to use log_* methods.
In addition:
remove unused imports reported by flake8 and other formatting
changes
modify actions.py, rest.py, templating.py to use getUniqueKey
method.
add tests for new methods
test_redis_session.py
swap out ModuleNotFoundError for ImportError to prevent crash in
python2 when redis is not present.
allow injection of username:password or just password into redis
connection URL. set pytest_redis_pw envirnment variable to password
or user:password when running test.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 07 Aug 2022 01:51:11 -0400 |
| parents | 3f60a71b0812 |
| children | 075d8c6626b0 |
comparison
equal
deleted
inserted
replaced
| 6822:5053ee6c846b | 6823:fe0091279f50 |
|---|---|
| 8 from roundup.rate_limit import Gcra, RateLimit | 8 from roundup.rate_limit import Gcra, RateLimit |
| 9 from roundup.cgi.timestamp import Timestamped | 9 from roundup.cgi.timestamp import Timestamped |
| 10 from roundup.exceptions import Reject, RejectRaw | 10 from roundup.exceptions import Reject, RejectRaw |
| 11 from roundup.anypy import urllib_ | 11 from roundup.anypy import urllib_ |
| 12 from roundup.anypy.strings import StringIO | 12 from roundup.anypy.strings import StringIO |
| 13 import roundup.anypy.random_ as random_ | 13 |
| 14 | 14 |
| 15 from roundup.anypy.html import html_escape | 15 from roundup.anypy.html import html_escape |
| 16 | 16 |
| 17 from datetime import timedelta | 17 from datetime import timedelta |
| 18 | 18 |
| 20 __all__ = ['Action', 'ShowAction', 'RetireAction', 'RestoreAction', | 20 __all__ = ['Action', 'ShowAction', 'RetireAction', 'RestoreAction', |
| 21 'SearchAction', | 21 'SearchAction', |
| 22 'EditCSVAction', 'EditItemAction', 'PassResetAction', | 22 'EditCSVAction', 'EditItemAction', 'PassResetAction', |
| 23 'ConfRegoAction', 'RegisterAction', 'LoginAction', 'LogoutAction', | 23 'ConfRegoAction', 'RegisterAction', 'LoginAction', 'LogoutAction', |
| 24 'NewItemAction', 'ExportCSVAction', 'ExportCSVWithIdAction'] | 24 'NewItemAction', 'ExportCSVAction', 'ExportCSVWithIdAction'] |
| 25 | |
| 26 # used by a couple of routines | |
| 27 chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789' | |
| 28 | |
| 29 | 25 |
| 30 class Action: | 26 class Action: |
| 31 def __init__(self, client): | 27 def __init__(self, client): |
| 32 self.client = client | 28 self.client = client |
| 33 self.form = client.form | 29 self.form = client.form |
| 1003 self.client.add_error_message( | 999 self.client.add_error_message( |
| 1004 self._('You need to specify a username or address')) | 1000 self._('You need to specify a username or address')) |
| 1005 return | 1001 return |
| 1006 | 1002 |
| 1007 # generate the one-time-key and store the props for later | 1003 # generate the one-time-key and store the props for later |
| 1008 otk = ''.join([random_.choice(chars) for x in range(32)]) | 1004 otk = otks.getUniqueKey(length=32) |
| 1009 while otks.exists(otk): | 1005 |
| 1010 otk = ''.join([random_.choice(chars) for x in range(32)]) | |
| 1011 otks.set(otk, uid=uid, uaddress=address) | 1006 otks.set(otk, uid=uid, uaddress=address) |
| 1012 otks.commit() | 1007 otks.commit() |
| 1013 | 1008 |
| 1014 # send the email | 1009 # send the email |
| 1015 tracker_name = self.db.config.TRACKER_NAME | 1010 tracker_name = self.db.config.TRACKER_NAME |
| 1148 elif isinstance(proptype, hyperdb.Interval): | 1143 elif isinstance(proptype, hyperdb.Interval): |
| 1149 user_props[propname] = str(value) | 1144 user_props[propname] = str(value) |
| 1150 elif isinstance(proptype, hyperdb.Password): | 1145 elif isinstance(proptype, hyperdb.Password): |
| 1151 user_props[propname] = str(value) | 1146 user_props[propname] = str(value) |
| 1152 otks = self.db.getOTKManager() | 1147 otks = self.db.getOTKManager() |
| 1153 otk = ''.join([random_.choice(chars) for x in range(32)]) | 1148 otk = otks.getUniqueKey(length=32) |
| 1154 while otks.exists(otk): | |
| 1155 otk = ''.join([random_.choice(chars) for x in range(32)]) | |
| 1156 otks.set(otk, **user_props) | 1149 otks.set(otk, **user_props) |
| 1157 | 1150 |
| 1158 # send the email | 1151 # send the email |
| 1159 tracker_name = self.db.config.TRACKER_NAME | 1152 tracker_name = self.db.config.TRACKER_NAME |
| 1160 tracker_email = self.db.config.TRACKER_EMAIL | 1153 tracker_email = self.db.config.TRACKER_EMAIL |