move leap session creation to be done after interstitial is loaded

Issue #590

6 files changed, 40 insertions, 49 deletions

diff --git a/service/pixelated/application.py b/service/pixelated/application.py
index dafab0b1..f56f9106 100644
--- a/service/pixelated/application.py
+++ b/service/pixelated/application.py
@@ -177,14 +177,14 @@ def set_up_protected_resources(root_resource, provider, services_factory, checke
     if not checker:
         checker = LeapPasswordChecker(provider)
     session_checker = SessionChecker()
-    anonymous_resource = LoginResource(services_factory)
+    anonymous_resource = LoginResource(services_factory, provider=provider)
 
     realm = PixelatedRealm(root_resource, anonymous_resource)
     _portal = portal.Portal(realm, [checker, session_checker, AllowAnonymousAccess()])
 
     protected_resource = PixelatedAuthSessionWrapper(_portal, root_resource, anonymous_resource, [])
     anonymous_resource.set_portal(_portal)
-    root_resource.initialize(_portal)
+    root_resource.initialize(_portal, provider)
     return protected_resource
 
 
diff --git a/service/pixelated/assets/Interstitial.js b/service/pixelated/assets/Interstitial.js
index 6fed8d78..ac5a789a 100644
--- a/service/pixelated/assets/Interstitial.js
+++ b/service/pixelated/assets/Interstitial.js
@@ -48,7 +48,7 @@ $(function () {
         window.location="/";
       }
     });
-  }, 5000);
+  }, 2000);
 
   $('#hive-section').height($(window).height());
 
diff --git a/service/pixelated/resources/auth.py b/service/pixelated/resources/auth.py
index 5e0221cb..4aff06cd 100644
--- a/service/pixelated/resources/auth.py
+++ b/service/pixelated/resources/auth.py
@@ -30,9 +30,6 @@ from twisted.web import util
 from twisted.cred import error
 from twisted.web.resource import IResource, ErrorPage
 
-from pixelated.adapter.welcome_mail import add_welcome_mail
-from pixelated.config.leap import authenticate_user
-from pixelated.config import services
 from pixelated.resources import IPixelatedSession
 
 
@@ -56,12 +53,7 @@ class LeapPasswordChecker(object):
                 return srp_auth.authenticate(credentials.username, credentials.password)
             except SRPAuthenticationError:
                 raise UnauthorizedLogin()
-
-        def _authententicate_user(srp_auth):
-            return authenticate_user(self._leap_provider, credentials.username, credentials.password, auth=srp_auth)
-
         d = threads.deferToThread(_validate_credentials)
-        d.addCallback(_authententicate_user)
         return d
 
 
@@ -91,12 +83,6 @@ class SessionChecker(object):
         return IPixelatedSession(request.getSession())
 
 
-class LeapUser(object):
-
-    def __init__(self, leap_session):
-        self.leap_session = leap_session
-
-
 class PixelatedRealm(object):
     implements(portal.IRealm)
 
@@ -106,12 +92,7 @@ class PixelatedRealm(object):
 
     def requestAvatar(self, avatarId, mind, *interfaces):
         if IResource in interfaces:
-            if avatarId == checkers.ANONYMOUS:
-                return IResource, checkers.ANONYMOUS, lambda: None
-            else:
-                leap_session = avatarId
-                user = LeapUser(leap_session)
-                return IResource, user, lambda: None
+            return IResource, avatarId, lambda: None
         raise NotImplementedError()
 
 
diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py
index 6109f232..dd5563a5 100644
--- a/service/pixelated/resources/login_resource.py
+++ b/service/pixelated/resources/login_resource.py
@@ -24,10 +24,11 @@ from twisted.web.http import UNAUTHORIZED, OK
 from twisted.web.resource import IResource, NoResource
 from twisted.web.server import NOT_DONE_YET
 from twisted.web.static import File
-from twisted.web.template import Element, XMLFile, renderElement, renderer, tags
+from twisted.web.template import Element, XMLFile, renderElement, renderer
 from twisted.python.filepath import FilePath
 
 from pixelated.adapter.welcome_mail import add_welcome_mail
+from pixelated.config.leap import authenticate_user
 from pixelated.resources import BaseResource, UnAuthorizedResource, IPixelatedSession
 
 log = logging.getLogger(__name__)
@@ -67,12 +68,13 @@ class LoginWebSite(Element):
 class LoginResource(BaseResource):
     BASE_URL = 'login'
 
-    def __init__(self, services_factory, portal=None):
+    def __init__(self, services_factory, portal=None, provider=None):
         BaseResource.__init__(self, services_factory)
         self._static_folder = _get_static_folder()
         self._startup_folder = _get_startup_folder()
         self._html_template = open(os.path.join(self._startup_folder, 'login.html')).read()
         self._portal = portal
+        self._leap_provider = provider
         self.putChild('startup-assets', File(self._startup_folder))
 
     def set_portal(self, portal):
@@ -118,9 +120,9 @@ class LoginResource(BaseResource):
 
     @defer.inlineCallbacks
     def _handle_login(self, request):
-        creds = self._get_creds_from(request)
-        iface, leap_user, logout = yield self._portal.login(creds, None, IResource)
-        defer.returnValue(leap_user)
+        self.creds = self._get_creds_from(request)
+        iface, srp_auth, logout = yield self._portal.login(self.creds, None, IResource)
+        defer.returnValue(srp_auth)
 
     def _get_creds_from(self, request):
         username = request.args['username'][0]
@@ -128,18 +130,23 @@ class LoginResource(BaseResource):
         return credentials.UsernamePassword(username, password)
 
     @defer.inlineCallbacks
-    def _setup_user_services(self, leap_user, request):
-        yield self._initialize_after_login(self._services_factory, leap_user)
-        self._init_http_session(request, leap_user)
+    def _setup_user_services(self, srp_auth, request):
+        leap_session = yield self._init_leap_session(srp_auth)
+        yield self._initialize_services(leap_session)
+        self._init_http_session(request, leap_session)
 
     @defer.inlineCallbacks
-    def _initialize_after_login(self, services_factory, leap_user):
-        session = leap_user.leap_session
-        yield services_factory.create_services_from(session)
+    def _init_leap_session(self, srp_auth):
+        leap_session = yield authenticate_user(self._leap_provider, self.creds.username, self.creds.password, auth=srp_auth)
+        defer.returnValue(leap_session)
 
-        if session.fresh_account:
-            yield add_welcome_mail(session.mail_store)
+    @defer.inlineCallbacks
+    def _initialize_services(self, leap_session):
+        yield self._services_factory.create_services_from(leap_session)
+
+        if leap_session.fresh_account:
+            yield add_welcome_mail(leap_session.mail_store)
 
-    def _init_http_session(self, request, leap_user):
+    def _init_http_session(self, request, leap_session):
         session = IPixelatedSession(request.getSession())
-        session.user_uuid = leap_user.leap_session.user_auth.uuid
+        session.user_uuid = leap_session.user_auth.uuid
diff --git a/service/pixelated/resources/root_resource.py b/service/pixelated/resources/root_resource.py
index 61df0f39..2ca39617 100644
--- a/service/pixelated/resources/root_resource.py
+++ b/service/pixelated/resources/root_resource.py
@@ -56,7 +56,7 @@ class RootResource(BaseResource):
             return self
         return Resource.getChild(self, path, request)
 
-    def initialize(self, portal=None):
+    def initialize(self, portal=None, provider=None):
         self.putChild('assets', File(self._static_folder))
         self.putChild('keys', KeysResource(self._services_factory))
         self.putChild(AttachmentsResource.BASE_URL, AttachmentsResource(self._services_factory))
@@ -67,7 +67,7 @@ class RootResource(BaseResource):
         self.putChild('mail', MailResource(self._services_factory))
         self.putChild('feedback', FeedbackResource(self._services_factory))
         self.putChild('user-settings', UserSettingsResource(self._services_factory))
-        self.putChild(LoginResource.BASE_URL, LoginResource(self._services_factory, portal))
+        self.putChild(LoginResource.BASE_URL, LoginResource(self._services_factory, portal, provider))
         self.putChild(LogoutResource.BASE_URL, LogoutResource(self._services_factory))
 
         self._mode = MODE_RUNNING
diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py
index 0baf7ac0..50b96f15 100644
--- a/service/test/unit/resources/test_login_resource.py
+++ b/service/test/unit/resources/test_login_resource.py
@@ -7,8 +7,7 @@ from twisted.trial import unittest
 from twisted.web.resource import IResource
 from twisted.web.test.requesthelper import DummyRequest
 
-from pixelated.bitmask_libraries.session import LeapSession
-from pixelated.resources.auth import LeapUser
+from pixelated.bitmask_libraries.session import LeapSession, LeapSessionFactory
 from pixelated.resources.login_resource import LoginResource
 from test.unit.resources import DummySite
 
@@ -73,13 +72,16 @@ class TestLoginPOST(unittest.TestCase):
     def setUp(self):
         self.services_factory = mock()
         self.portal = mock()
-        self.resource = LoginResource(self.services_factory, self.portal)
+        self.provider = mock()
+        self.resource = LoginResource(self.services_factory, self.portal, self.provider)
         self.web = DummySite(self.resource)
 
         self.request = DummyRequest([''])
         username = 'ayoyo'
         self.request.addArg('username', username)
         password = 'ayoyo_password'
+        self.username = username
+        self.password = password
         self.request.addArg('password', password)
         self.request.method = 'POST'
         leap_session = mock(LeapSession)
@@ -91,17 +93,18 @@ class TestLoginPOST(unittest.TestCase):
         leap_session.config = config
         leap_session.fresh_account = False
         self.leap_session = leap_session
-        self.leap_user = LeapUser(leap_session)
+        self.user_auth = user_auth
 
-    @patch('twisted.web.util.redirectTo')
-    @patch('pixelated.config.services.Services.setup')
-    def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory(self, mock_service_setup, mock_redirect):
+    def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory(self):
         irrelevant = None
-        when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_user, irrelevant))
+        when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.user_auth, irrelevant))
+        when(LeapSessionFactory).create(self.username, self.password, self.user_auth).thenReturn(self.leap_session)
+
         d = self.web.get(self.request)
 
         def assert_login_setup_service_for_user(_):
             verify(self.portal).login(ANY(), None, IResource)
+            verify(LeapSessionFactory).create(self.username, self.password, self.user_auth)
             verify(self.services_factory).create_services_from(self.leap_session)
             interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>'
             self.assertIn(interstitial_js_in_template, self.request.written[0])
@@ -110,7 +113,7 @@ class TestLoginPOST(unittest.TestCase):
         d.addCallback(assert_login_setup_service_for_user)
         return d
 
-    def test_should_return_form_back_with_error_message_when_login_fails(self, ):
+    def test_should_return_form_back_with_error_message_when_login_fails(self):
         when(self.portal).login(ANY(), None, IResource).thenRaise(Exception())
         d = self.web.get(self.request)