summaryrefslogtreecommitdiff
path: root/server/src
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2017-02-12 20:40:01 +0100
committerKali Kaneko <kali@leap.se>2017-02-13 12:14:51 +0100
commit1a5b292bd1fbd57b0b3127857e74bdf1ac22a7c6 (patch)
treeb7052f81585f8a2aafb152ece3a61441d247a71a /server/src
parent6cabe46e4671627c22d5eed9ebb3bdc751948414 (diff)
[bug] get a new server instance on each request to the tokens db
Diffstat (limited to 'server/src')
-rw-r--r--server/src/leap/soledad/server/auth.py21
1 files changed, 13 insertions, 8 deletions
diff --git a/server/src/leap/soledad/server/auth.py b/server/src/leap/soledad/server/auth.py
index c5954c60..7112aa35 100644
--- a/server/src/leap/soledad/server/auth.py
+++ b/server/src/leap/soledad/server/auth.py
@@ -69,13 +69,11 @@ class TokenChecker(object):
TOKENS_TYPE_DEF = "Token"
TOKENS_USER_ID_KEY = "user_id"
- def __init__(self, server=None):
- if server is None:
- config = get_config()
- couch_url = config['couch_url']
- server = couch_server(couch_url)
- self._server = server
- self._dbs = {}
+ def __init__(self):
+ self._couch_url = get_config().get('couch_url')
+
+ def _get_server(self):
+ return couch_server(self._couch_url)
def _tokens_dbname(self):
# the tokens db rotates every 30 days, and the current db name is
@@ -90,7 +88,11 @@ class TokenChecker(object):
def _tokens_db(self):
dbname = self._tokens_dbname()
- with self._server as server:
+
+ # TODO -- leaking abstraction here: this module shouldn't need
+ # to known anything about the context manager. hide that in the couch
+ # module
+ with self._get_server() as server:
db = server[dbname]
return db
@@ -99,11 +101,14 @@ class TokenChecker(object):
token = credentials.password
# lookup key is a hash of the token to prevent timing attacks.
+ # TODO cache the tokens already!
+
db = self._tokens_db()
token = db.get(sha512(token).hexdigest())
if token is None:
return defer.fail(error.UnauthorizedLogin())
+ # TODO -- use cryptography constant time builtin comparison.
# we compare uuid hashes to avoid possible timing attacks that
# might exploit python's builtin comparison operator behaviour,
# which fails immediatelly when non-matching bytes are found.