diff options
| -rw-r--r-- | service/pixelated/application.py | 4 | ||||
| -rw-r--r-- | service/pixelated/resources/auth.py | 6 | ||||
| -rw-r--r-- | service/pixelated/resources/login_resource.py | 20 | ||||
| -rw-r--r-- | service/pixelated/resources/root_resource.py | 4 | ||||
| -rw-r--r-- | service/test/unit/resources/test_login_resource.py | 10 |
5 files changed, 20 insertions, 24 deletions
diff --git a/service/pixelated/application.py b/service/pixelated/application.py index f56f9106..dafab0b1 100644 --- a/service/pixelated/application.py +++ b/service/pixelated/application.py @@ -177,14 +177,14 @@ def set_up_protected_resources(root_resource, provider, services_factory, checke if not checker: checker = LeapPasswordChecker(provider) session_checker = SessionChecker() - anonymous_resource = LoginResource(services_factory, provider=provider) + anonymous_resource = LoginResource(services_factory) realm = PixelatedRealm(root_resource, anonymous_resource) _portal = portal.Portal(realm, [checker, session_checker, AllowAnonymousAccess()]) protected_resource = PixelatedAuthSessionWrapper(_portal, root_resource, anonymous_resource, []) anonymous_resource.set_portal(_portal) - root_resource.initialize(_portal, provider) + root_resource.initialize(_portal) return protected_resource diff --git a/service/pixelated/resources/auth.py b/service/pixelated/resources/auth.py index 4aff06cd..92efaa27 100644 --- a/service/pixelated/resources/auth.py +++ b/service/pixelated/resources/auth.py @@ -30,6 +30,7 @@ from twisted.web import util from twisted.cred import error from twisted.web.resource import IResource, ErrorPage +from pixelated.config.leap import authenticate_user from pixelated.resources import IPixelatedSession @@ -53,7 +54,12 @@ class LeapPasswordChecker(object): return srp_auth.authenticate(credentials.username, credentials.password) except SRPAuthenticationError: raise UnauthorizedLogin() + + def _get_leap_session(srp_auth): + return authenticate_user(self._leap_provider, credentials.username, credentials.password, auth=srp_auth) + d = threads.deferToThread(_validate_credentials) + d.addCallback(_get_leap_session) return d diff --git a/service/pixelated/resources/login_resource.py b/service/pixelated/resources/login_resource.py index 9e47fd3c..ca8f0b11 100644 --- a/service/pixelated/resources/login_resource.py +++ b/service/pixelated/resources/login_resource.py @@ -28,7 +28,6 @@ from twisted.web.template import Element, XMLFile, renderElement, renderer from twisted.python.filepath import FilePath from pixelated.adapter.welcome_mail import add_welcome_mail -from pixelated.config.leap import authenticate_user from pixelated.resources import BaseResource, UnAuthorizedResource, IPixelatedSession log = logging.getLogger(__name__) @@ -68,13 +67,12 @@ class LoginWebSite(Element): class LoginResource(BaseResource): BASE_URL = 'login' - def __init__(self, services_factory, portal=None, provider=None): + def __init__(self, services_factory, portal=None): BaseResource.__init__(self, services_factory) self._static_folder = _get_static_folder() self._startup_folder = _get_startup_folder() self._html_template = open(os.path.join(self._startup_folder, 'login.html')).read() self._portal = portal - self._leap_provider = provider self.putChild('startup-assets', File(self._startup_folder)) def set_portal(self, portal): @@ -121,8 +119,8 @@ class LoginResource(BaseResource): @defer.inlineCallbacks def _handle_login(self, request): self.creds = self._get_creds_from(request) - iface, srp_auth, logout = yield self._portal.login(self.creds, None, IResource) - defer.returnValue(srp_auth) + iface, leap_session, logout = yield self._portal.login(self.creds, None, IResource) + defer.returnValue(leap_session) def _get_creds_from(self, request): username = request.args['username'][0] @@ -130,19 +128,13 @@ class LoginResource(BaseResource): return credentials.UsernamePassword(username, password) @defer.inlineCallbacks - def _setup_user_services(self, srp_auth, request): - user_id = srp_auth.uuid + def _setup_user_services(self, leap_session, request): + user_id = leap_session.user_auth.uuid if not self._services_factory.is_logged_in(user_id): - leap_session = yield self._init_leap_session(srp_auth) - yield self._initialize_services(leap_session) + yield self._services_factory.create_services_from(leap_session) self._init_http_session(request, user_id) @defer.inlineCallbacks - def _init_leap_session(self, srp_auth): - leap_session = yield authenticate_user(self._leap_provider, self.creds.username, self.creds.password, auth=srp_auth) - defer.returnValue(leap_session) - - @defer.inlineCallbacks def _initialize_services(self, leap_session): yield self._services_factory.create_services_from(leap_session) diff --git a/service/pixelated/resources/root_resource.py b/service/pixelated/resources/root_resource.py index 2ca39617..61df0f39 100644 --- a/service/pixelated/resources/root_resource.py +++ b/service/pixelated/resources/root_resource.py @@ -56,7 +56,7 @@ class RootResource(BaseResource): return self return Resource.getChild(self, path, request) - def initialize(self, portal=None, provider=None): + def initialize(self, portal=None): self.putChild('assets', File(self._static_folder)) self.putChild('keys', KeysResource(self._services_factory)) self.putChild(AttachmentsResource.BASE_URL, AttachmentsResource(self._services_factory)) @@ -67,7 +67,7 @@ class RootResource(BaseResource): self.putChild('mail', MailResource(self._services_factory)) self.putChild('feedback', FeedbackResource(self._services_factory)) self.putChild('user-settings', UserSettingsResource(self._services_factory)) - self.putChild(LoginResource.BASE_URL, LoginResource(self._services_factory, portal, provider)) + self.putChild(LoginResource.BASE_URL, LoginResource(self._services_factory, portal)) self.putChild(LogoutResource.BASE_URL, LogoutResource(self._services_factory)) self._mode = MODE_RUNNING diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py index 8f65a030..b3aaccc2 100644 --- a/service/test/unit/resources/test_login_resource.py +++ b/service/test/unit/resources/test_login_resource.py @@ -71,7 +71,7 @@ class TestLoginPOST(unittest.TestCase): self.services_factory = mock() self.portal = mock() self.provider = mock() - self.resource = LoginResource(self.services_factory, self.portal, self.provider) + self.resource = LoginResource(self.services_factory, self.portal) self.web = DummySite(self.resource) self.request = DummyRequest(['']) @@ -95,14 +95,12 @@ class TestLoginPOST(unittest.TestCase): def test_login_responds_interstitial_and_add_corresponding_session_to_services_factory(self): irrelevant = None - when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.user_auth, irrelevant)) - when(LeapSessionFactory).create(self.username, self.password, self.user_auth).thenReturn(self.leap_session) + when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_session, irrelevant)) d = self.web.get(self.request) def assert_login_setup_service_for_user(_): verify(self.portal).login(ANY(), None, IResource) - verify(LeapSessionFactory).create(self.username, self.password, self.user_auth) verify(self.services_factory).create_services_from(self.leap_session) interstitial_js_in_template = '<script src="startup-assets/Interstitial.js"></script>' self.assertIn(interstitial_js_in_template, self.request.written[0]) @@ -111,9 +109,9 @@ class TestLoginPOST(unittest.TestCase): d.addCallback(assert_login_setup_service_for_user) return d - def test_login_does_not_reload_leap_sessions_and_services_if_already_loaded(self): + def test_login_does_not_reload_services_if_already_loaded(self): irrelevant = None - when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.user_auth, irrelevant)) + when(self.portal).login(ANY(), None, IResource).thenReturn((irrelevant, self.leap_session, irrelevant)) when(self.services_factory).is_logged_in('some_user_uuid').thenReturn(True) d = self.web.get(self.request) |