summaryrefslogtreecommitdiff
path: root/server/src/leap/soledad/server/session.py
diff options
context:
space:
mode:
Diffstat (limited to 'server/src/leap/soledad/server/session.py')
-rw-r--r--server/src/leap/soledad/server/session.py55
1 files changed, 50 insertions, 5 deletions
diff --git a/server/src/leap/soledad/server/session.py b/server/src/leap/soledad/server/session.py
index 22e1d1fb..75440089 100644
--- a/server/src/leap/soledad/server/session.py
+++ b/server/src/leap/soledad/server/session.py
@@ -21,15 +21,41 @@ from zope.interface import implementer
from twisted.cred import error
from twisted.python import log
+from twisted.python.components import registerAdapter
from twisted.web import util
from twisted.web.guard import HTTPAuthSessionWrapper
from twisted.web.resource import ErrorPage
from twisted.web.resource import IResource
+from twisted.web.server import Session
+from zope.interface import Interface
+from zope.interface import Attribute
from leap.soledad.server.auth import URLMapper
from leap.soledad.server.auth import portal
from leap.soledad.server.auth import credentialFactory
from leap.soledad.server.auth import UnauthorizedResource
+from leap.soledad.server.resource import SoledadResource
+
+
+class ISessionData(Interface):
+ username = Attribute('An uuid.')
+ password = Attribute('A token.')
+
+
+@implementer(ISessionData)
+class SessionData(object):
+ def __init__(self, session):
+ self.username = None
+ self.password = None
+
+
+registerAdapter(SessionData, Session, ISessionData)
+
+
+def _sessionData(request):
+ session = request.getSession()
+ data = ISessionData(session)
+ return data
@implementer(IResource)
@@ -71,8 +97,27 @@ class SoledadSession(HTTPAuthSessionWrapper):
except:
log.err(None, "Unexpected failure from credentials factory")
return ErrorPage(500, None, None)
- else:
- request_uuid = match.get('uuid')
- if request_uuid and request_uuid != credentials.username:
- return ErrorPage(500, None, None)
- return util.DeferredResource(self._login(credentials))
+
+ request_uuid = match.get('uuid')
+ if request_uuid and request_uuid != credentials.username:
+ return ErrorPage(500, None, None)
+
+ # eventually return a cached resouce
+ sessionData = _sessionData(request)
+ if sessionData.username == credentials.username \
+ and sessionData.password == credentials.password:
+ return SoledadResource()
+
+ return util.DeferredResource(self._login(credentials, sessionData))
+
+ def _login(self, credentials, sessionData):
+
+ def _cacheSessionData(res):
+ sessionData.username = credentials.username
+ sessionData.password = credentials.password
+ return res
+
+ d = self._portal.login(credentials, None, IResource)
+ d.addCallback(_cacheSessionData)
+ d.addCallbacks(self._loginSucceeded, self._loginFailed)
+ return d