diff options
| -rw-r--r-- | server/src/leap/soledad/server/application.py | 42 | ||||
| -rw-r--r-- | server/src/leap/soledad/server/auth.py | 12 |
2 files changed, 42 insertions, 12 deletions
diff --git a/server/src/leap/soledad/server/application.py b/server/src/leap/soledad/server/application.py index a9ebcaf6..17296425 100644 --- a/server/src/leap/soledad/server/application.py +++ b/server/src/leap/soledad/server/application.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # application.py -# Copyright (C) 2013 LEAP +# Copyright (C) 2016 LEAP # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -14,6 +14,14 @@ # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +""" +A WSGI application to serve as the root resource of the webserver. + +Use it like this: + + twistd web --wsgi=leap.soledad.server.application.wsgi_application +""" +from twisted.internet import reactor from leap.soledad.server import SoledadApp from leap.soledad.server.auth import SoledadTokenAuthMiddleware @@ -21,11 +29,11 @@ from leap.soledad.server.gzip_middleware import GzipMiddleware from leap.soledad.server.config import load_configuration from leap.soledad.common.backend import SoledadBackend from leap.soledad.common.couch.state import CouchServerState +from leap.soledad.common.log import getLogger -# ---------------------------------------------------------------------------- -# Run as Twisted WSGI Resource -# ---------------------------------------------------------------------------- +__all__ = ['wsgi_application'] + def _load_config(): conf = load_configuration('/etc/soledad/soledad-server.conf') @@ -40,8 +48,26 @@ def _get_couch_state(): return state -_couch_state = _get_couch_state() +_app = SoledadTokenAuthMiddleware(SoledadApp(None)) # delay state init +wsgi_application = GzipMiddleware(_app) + + +# During its initialization, the couch state verifies if all user databases +# contain a config document with the correct couch schema version stored, and +# will log an error and raise an exception if that is not the case. +# +# If this verification made too early (i.e. before the reactor has started and +# the twistd web logging facilities have been setup), the logging will not +# work. Because of that, we delay couch state initialization until the reactor +# is running. + +def _init_couch_state(_app): + try: + _app.state = _get_couch_state() + except Exception as e: + logger = getLogger() + logger.error(str(e)) + reactor.stop() + -# a WSGI application that may be used by `twistd -web` -wsgi_application = GzipMiddleware( - SoledadTokenAuthMiddleware(SoledadApp(_couch_state))) +reactor.callWhenRunning(_init_couch_state, _app) diff --git a/server/src/leap/soledad/server/auth.py b/server/src/leap/soledad/server/auth.py index b7186b3b..b0764569 100644 --- a/server/src/leap/soledad/server/auth.py +++ b/server/src/leap/soledad/server/auth.py @@ -343,9 +343,13 @@ class SoledadTokenAuthMiddleware(SoledadAuthMiddleware): TOKEN_AUTH_ERROR_STRING = "Incorrect address or token." - def __init__(self, app): - self._state = app.state - super(SoledadTokenAuthMiddleware, self).__init__(app) + def _get_state(self): + return self._app.state + + def _set_state(self, state): + self._app.state = state + + state = property(_get_state, _set_state) def _verify_authentication_scheme(self, scheme): """ @@ -379,7 +383,7 @@ class SoledadTokenAuthMiddleware(SoledadAuthMiddleware): """ token = auth_data # we expect a cleartext token at this point try: - return self._state.verify_token(uuid, token) + return self.state.verify_token(uuid, token) except Exception as e: logger.error(e) return False |