From 03855d3df78b4a71b880a068939e8708b0315be9 Mon Sep 17 00:00:00 2001
From: Folker Bernitt <fbernitt@thoughtworks.com>
Date: Wed, 24 Feb 2016 11:06:08 +0100
Subject: Recreate session on soledad problems

- Issue #615
- invalid token raised by soledad after timeout,
  if we see this, recreate the session on next login
---
 service/pixelated/bitmask_libraries/session.py | 21 ++++++++++++-----
 service/pixelated/config/leap.py               | 31 ++++++++++++++++++++------
 service/pixelated/resources/auth.py            |  1 -
 3 files changed, 40 insertions(+), 13 deletions(-)

(limited to 'service/pixelated')

diff --git a/service/pixelated/bitmask_libraries/session.py b/service/pixelated/bitmask_libraries/session.py
index f28d9f59..5d8b13af 100644
--- a/service/pixelated/bitmask_libraries/session.py
+++ b/service/pixelated/bitmask_libraries/session.py
@@ -53,18 +53,19 @@ class LeapSession(object):
         self.fresh_account = False
         self.incoming_mail_fetcher = None
         self.account = None
-        self._has_been_synced = False
+        self._has_been_initially_synced = False
         self._sem_intial_sync = defer.DeferredLock()
+        self._is_closed = False
         register(events.KEYMANAGER_FINISHED_KEY_GENERATION, self._set_fresh_account, uid=self.account_email())
 
     @defer.inlineCallbacks
     def initial_sync(self):
         yield self._sem_intial_sync.acquire()
         try:
-            if not self._has_been_synced:
-                yield self.sync()
+            yield self.sync()
+            if not self._has_been_initially_synced:
                 yield self.after_first_sync()
-                self._has_been_synced = True
+                self._has_been_initially_synced = True
         finally:
             yield self._sem_intial_sync.release()
         defer.returnValue(self)
@@ -94,12 +95,17 @@ class LeapSession(object):
         return self.provider.address_for(name)
 
     def close(self):
+        self._is_closed = True
         self.stop_background_jobs()
         unregister(events.KEYMANAGER_FINISHED_KEY_GENERATION, uid=self.account_email())
         self.soledad.close()
         self.remove_from_cache()
         self._close_account()
 
+    @property
+    def is_closed(self):
+        return self._is_closed
+
     def _close_account(self):
         if self.account:
             self.account.end_session()
@@ -284,7 +290,12 @@ class SessionCache(object):
 
     @staticmethod
     def lookup_session(key):
-        return SessionCache.sessions.get(key, None)
+        session = SessionCache.sessions.get(key, None)
+        if session is not None and session.is_closed:
+            SessionCache.remove_session(key)
+            return None
+        else:
+            return session
 
     @staticmethod
     def remember_session(key, session):
diff --git a/service/pixelated/config/leap.py b/service/pixelated/config/leap.py
index a8666086..17a69406 100644
--- a/service/pixelated/config/leap.py
+++ b/service/pixelated/config/leap.py
@@ -1,14 +1,13 @@
 from __future__ import absolute_import
-from leap.common.events import (server as events_server,
-                                register, catalog as events)
+from leap.common.events import (server as events_server)
+from leap.soledad.common.errors import InvalidAuthTokenError
+
 from pixelated.config import credentials
 from pixelated.bitmask_libraries.config import LeapConfig
 from pixelated.bitmask_libraries.certs import LeapCertificate
 from pixelated.bitmask_libraries.provider import LeapProvider
 from pixelated.bitmask_libraries.session import LeapSessionFactory
 from twisted.internet import defer
-import os
-import logging
 
 import logging
 log = logging.getLogger(__name__)
@@ -39,11 +38,29 @@ def initialize_leap_multi_user(provider_hostname,
     defer.returnValue((config, provider))
 
 
+def _create_session(provider, username, password, auth):
+    return LeapSessionFactory(provider).create(username, password, auth)
+
+
+def _force_close_session(session):
+    try:
+        session.close()
+    except Exception, e:
+        log.error(e)
+
+
 @defer.inlineCallbacks
 def authenticate_user(provider, username, password, initial_sync=True, auth=None):
-    leap_session = LeapSessionFactory(provider).create(username, password, auth)
-    if initial_sync:
-        yield leap_session.initial_sync()
+    leap_session = _create_session(provider, username, password, auth)
+    try:
+        if initial_sync:
+            yield leap_session.initial_sync()
+    except InvalidAuthTokenError:
+        _force_close_session(leap_session)
+
+        leap_session = _create_session(provider, username, password, auth)
+        if initial_sync:
+            yield leap_session.initial_sync()
 
     defer.returnValue(leap_session)
 
diff --git a/service/pixelated/resources/auth.py b/service/pixelated/resources/auth.py
index 02729a01..a6ab5396 100644
--- a/service/pixelated/resources/auth.py
+++ b/service/pixelated/resources/auth.py
@@ -41,7 +41,6 @@ log = logging.getLogger(__name__)
 class LeapPasswordChecker(object):
     credentialInterfaces = (
         credentials.IUsernamePassword,
-        credentials.IUsernameHashedPassword
     )
 
     def __init__(self, leap_provider):
-- 
cgit v1.2.3