diff options
| author | Jon Newson <jon_newson@ieee.org> | 2016-02-26 16:20:59 +1100 |
|---|---|---|
| committer | Jon Newson <jon_newson@ieee.org> | 2016-02-26 16:20:59 +1100 |
| commit | 05f4e2ca2d64eaba23c87df4d2e2cc9e09bba6de (patch) | |
| tree | 50b2ccf6454f31a3f6bceaa997a5e2abbcb91a80 /service/pixelated/bitmask_libraries | |
| parent | 52467b9aef76c9aac2f250478befd3afb7b6aabd (diff) | |
| parent | dbb434b56e6b161a3b851ae6a81f96dff14a29da (diff) | |
Merge branch 'master' of https://github.com/pixelated/pixelated-user-agent
# By Felix Hammerl (5) and others
# Via NavaL
* 'master' of https://github.com/pixelated/pixelated-user-agent:
serving the client directly, as the current dependency on proxy strips out xsrf cookies -fixing functional test
only adding feature resource in root_resource test -- fixing build
changed logout to post Issue #612
Backend and frontend protection against csrf attacks: - root resources changes the csrf token cookie everytime it is loaded, in particular during the intestitial load during login - it will also add that cookie on single user mode - initialize will still load all resources - but they you cant access them if the csrf token do not match - all ajax calls needs to add the token to the header - non ajax get requests do not need xsrf token validation - non ajax post will have to send the token in as a form input or in the content
Consolidate stylesheets
Remove unused font and stylesheetgit s
Create a new deferred for all IMAPAccount calls
Clean up jshintrc
Recreate session on soledad problems
issue #617: Remove old html whitelister
Issue #617: Sanitize received content
Diffstat (limited to 'service/pixelated/bitmask_libraries')
| -rw-r--r-- | service/pixelated/bitmask_libraries/session.py | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py index f28d9f59..ae3eb992 100644 --- a/service/pixelated/bitmask_libraries/session.py +++ b/service/pixelated/bitmask_libraries/session.py @@ -53,18 +53,19 @@ class LeapSession(object): self.fresh_account = False self.incoming_mail_fetcher = None self.account = None - self._has_been_synced = False + self._has_been_initially_synced = False self._sem_intial_sync = defer.DeferredLock() + self._is_closed = False register(events.KEYMANAGER_FINISHED_KEY_GENERATION, self._set_fresh_account, uid=self.account_email()) @defer.inlineCallbacks def initial_sync(self): yield self._sem_intial_sync.acquire() try: - if not self._has_been_synced: - yield self.sync() + yield self.sync() + if not self._has_been_initially_synced: yield self.after_first_sync() - self._has_been_synced = True + self._has_been_initially_synced = True finally: yield self._sem_intial_sync.release() defer.returnValue(self) @@ -81,8 +82,7 @@ class LeapSession(object): reactor.callFromThread(self.incoming_mail_fetcher.startService) def _create_account(self, user_mail, soledad): - account = IMAPAccount(user_mail, soledad) - return account + return IMAPAccount(user_mail, soledad, defer.Deferred()) def _set_fresh_account(self, event, email_address): log.debug('Key for email %s has been generated' % email_address) @@ -94,12 +94,17 @@ class LeapSession(object): return self.provider.address_for(name) def close(self): + self._is_closed = True self.stop_background_jobs() unregister(events.KEYMANAGER_FINISHED_KEY_GENERATION, uid=self.account_email()) self.soledad.close() self.remove_from_cache() self._close_account() + @property + def is_closed(self): + return self._is_closed + def _close_account(self): if self.account: self.account.end_session() @@ -284,7 +289,12 @@ class SessionCache(object): @staticmethod def lookup_session(key): - return SessionCache.sessions.get(key, None) + session = SessionCache.sessions.get(key, None) + if session is not None and session.is_closed: + SessionCache.remove_session(key) + return None + else: + return session @staticmethod def remember_session(key, session): |