# HG changeset patch # User Filip de Waard # Date 1271710787 -7200 # Node ID 9942b083eefdd85a689d5e7da18c43bd0e9df73d # Parent efb32b74a279dca08b58db9262be3071ab6ded39 working on Session implementation diff -r efb32b74a279dca08b58db9262be3071ab6ded39 -r 9942b083eefdd85a689d5e7da18c43bd0e9df73d development.ini --- a/development.ini Sun Apr 18 00:04:35 2010 +0200 +++ b/development.ini Mon Apr 19 22:59:47 2010 +0200 @@ -38,6 +38,9 @@ couchdb_server = http://localhost:5984/ couchdb_uri = http://localhost:5984/vix_dev +#authentication session duration in seconds +auth_session_duration = 60 + # Logging configuration [loggers] keys = root, routes, vix diff -r efb32b74a279dca08b58db9262be3071ab6ded39 -r 9942b083eefdd85a689d5e7da18c43bd0e9df73d setup.py --- a/setup.py Sun Apr 18 00:04:35 2010 +0200 +++ b/setup.py Mon Apr 19 22:59:47 2010 +0200 @@ -16,7 +16,8 @@ install_requires=[ "Pylons>=1.0rc1", "CouchDB", - "bcrypt" + "bcrypt", + "testfixtures" ], dependency_links = [ "http://pylonshq.com/download/1.0rc1" diff -r efb32b74a279dca08b58db9262be3071ab6ded39 -r 9942b083eefdd85a689d5e7da18c43bd0e9df73d vix/lib/auth.py --- a/vix/lib/auth.py Sun Apr 18 00:04:35 2010 +0200 +++ b/vix/lib/auth.py Mon Apr 19 22:59:47 2010 +0200 @@ -19,10 +19,6 @@ """ -import time -import random -import hashlib - import bcrypt import vix.model as model @@ -91,9 +87,3 @@ return True else: return False - -def create_token(): - """Creates a random token for an authorization session""" - - return hashlib.md5("%f%f%i" % ( - time.time(), random.random(), id([]))).hexdigest() diff -r efb32b74a279dca08b58db9262be3071ab6ded39 -r 9942b083eefdd85a689d5e7da18c43bd0e9df73d vix/model/__init__.py --- a/vix/model/__init__.py Sun Apr 18 00:04:35 2010 +0200 +++ b/vix/model/__init__.py Mon Apr 19 22:59:47 2010 +0200 @@ -3,7 +3,7 @@ """ vix/model/__init__.py: CouchDB models -Copyright 2009, Net Collective. +Copyright 2009-2010, Net Collective. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -19,11 +19,16 @@ """ +import sys +import random import re +import hashlib + from datetime import datetime +from time import time from couchdb import schema - + _password_re = re.compile('\$2a\$[\d]{2}\$[A-z\d./]{53}') _username_re = re.compile('^[.\w]{2,30}$') @@ -189,3 +194,53 @@ if self.type != u'user': raise ValueError("The type of a model.User object can't be " + "modified") + +class Session(schema.Document): + """ + Session objects are models for authentication sessions in Vix. They are + stored in a separate database (e.g. 'vix_sessions'). Users are presented + with a random token that identifies the session on login. Using this + token they can identify themselves for the duration of the session. + + :param id: authentication token (MD5 hash of random value). + :type id: TextField + :param username: user asssociated with the session. + :type username: TextField + :param created: date and time when the Session was created. + :type created: DateTimeField + :param updated: date and time when the Session was last updated (if ever). + :type updated: DateTimeField + :param expires: date and time the Session will expire. + :type expires: DateTimeField + + """ + + type = schema.TextField(default=u"session") + + id = token = schema.TextField() + username = schema.TextField() + + created = schema.DateTimeField(default=datetime.utcnow) + updated = schema.DateTimeField() + expires = schema.DateTimeField() + + def __init__(self, token=None, **values): + """ + Creates the Session. If no token is supplied one is generated + using the current time, a semi-random number and a memory addres + as the input of a MD5 digest. + + """ + + from pylons import config + + if token is None: + token = hashlib.md5("%f%i%i" % ( + time(), random.randint(1, sys.maxint), id([]))).hexdigest() + + super(Session, self).__init__(token, **values) + + self.updated = datetime.utcnow() + + print config['couchdb_uri'] + print config['auth_session_duration'] diff -r efb32b74a279dca08b58db9262be3071ab6ded39 -r 9942b083eefdd85a689d5e7da18c43bd0e9df73d vix/tests/__init__.py --- a/vix/tests/__init__.py Sun Apr 18 00:04:35 2010 +0200 +++ b/vix/tests/__init__.py Mon Apr 19 22:59:47 2010 +0200 @@ -35,12 +35,12 @@ def __init__(self, *args, **kwargs): wsgiapp = pylons.test.pylonsapp - config = wsgiapp.config + config = pylons.config = wsgiapp.config self.app = TestApp(wsgiapp) url._push_object(URLGenerator(config['routes.map'], environ)) TestCase.__init__(self, *args, **kwargs) -class DatabasePoweredTestCase(TestCase): +class DatabasePoweredTestCase(TestController): def setUp(self): """Create new test database for every test.""" diff -r efb32b74a279dca08b58db9262be3071ab6ded39 -r 9942b083eefdd85a689d5e7da18c43bd0e9df73d vix/tests/test_auth.py --- a/vix/tests/test_auth.py Sun Apr 18 00:04:35 2010 +0200 +++ b/vix/tests/test_auth.py Mon Apr 19 22:59:47 2010 +0200 @@ -17,10 +17,6 @@ """ -import time -import random -import hashlib - from unittest import TestCase import bcrypt @@ -82,26 +78,3 @@ feed=u'blog', action=u'GET'), False) self.assertEquals(auth.authorize(user=u"fmw", database=u'vix_tests', feed=u'blog', action=u'GET'), False) - - def test_create_token(self): - """Test if authorization tokens are generated correctly.""" - - t = time.time() - r = random.random() - - def _time(): - return t - - def _random(): - return r - - #monkey patch functions used by token creator - time.time = _time - random.random = _random - - self.assertEquals(auth.create_token(), - hashlib.md5("%f%f%i" % (t, r, id([]))).hexdigest()) - - #undo monkey patching - reload(time) - reload(random) diff -r efb32b74a279dca08b58db9262be3071ab6ded39 -r 9942b083eefdd85a689d5e7da18c43bd0e9df73d vix/tests/test_models.py --- a/vix/tests/test_models.py Sun Apr 18 00:04:35 2010 +0200 +++ b/vix/tests/test_models.py Mon Apr 19 22:59:47 2010 +0200 @@ -3,7 +3,7 @@ """ vix/tests/test_models.py: Tests for model code. -Copyright 2009, Net Collective. +Copyright 2009-2010, Net Collective. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -19,12 +19,17 @@ """ +import hashlib +import random import time + from datetime import datetime import couchdb import bcrypt +from testfixtures import Replacer, test_datetime, test_time + import vix.tests import vix.model as model @@ -234,3 +239,30 @@ user = user.load(model.db, u'fmw') self.assertEquals(user.get_permissions('vix_tests', 'news'), None) + + def test_Session(self): + """Test session model object.""" + + def _random(x,y): + return 130280746314667334 + + def _time(): + return 1271706172.864481 + + with Replacer() as r: + r.replace('vix.model.datetime', + test_datetime(2010, 4, 19, 11, 12, 5)) + r.replace('vix.model.datetime.utcnow', + vix.model.datetime.now) + r.replace('vix.model.time', _time) + r.replace('vix.model.random.randint', _random) + + session = model.Session() + + self.assertEquals(session.id, hashlib.md5("%f%i%i" % ( + _time(), _random(0,0), id([]))).hexdigest()) + self.assertEquals(session.updated, + datetime(2010, 4, 19, 11, 12, 5)) + #TODO: implement this + self.assertEquals(session.expires, + datetime(2010, 4, 19, 11, 17, 5))