ViewMTN: Diff from [c5eced75..] to [550f515a..]

ViewMTN — Everything : Branches | Tags | Help | About | Change DB
Revision [c5eced75..]: Info | Browse Files | Download (tar)

The unified diff between revisions [c5eced75..] and [550f515a..] is displayed below. It can also be downloaded as a raw diff.

#
#
# patch "cgi-bin/openid.fcgi"
#  from [b536acee33d00c945aec19fe2481c44aec26e595]
#    to [b3dc3de52a2d667d13509312ae53a333d9e75550]
#
============================================================
--- cgi-bin/openid.fcgi	b536acee33d00c945aec19fe2481c44aec26e595
+++ cgi-bin/openid.fcgi	b3dc3de52a2d667d13509312ae53a333d9e75550
@@ -7,6 +7,7 @@ from time import time
 # Standard libraries and path append.
 import os, sys, shelve, re
 from time import time
+import threading

 # Need this for web.py, flup, openid. web.py has been customised a bit. -- sj26
 sys.path[0:0] = ["/home/wheel/sj26/lib/python/site-packages/"]
@@ -27,7 +28,7 @@ import ldap
 import ldap

 # TODO:
-#  * Lock down session cookie, lax it when ticked "remember me"
+#  * Remember me.
 #  * Multiple ID sources (tartarus? cyllene?)
 #  * Pretty up templates
 #  * Look at security of variable passing to templates and whether websafe
@@ -125,8 +126,9 @@ def is_logged_in(username=None):
   if web.session.get("user", None) == None:
     return False

-  if username != None and username != web.session.user:
-    return False
+  if username != None:
+    if username != web.session.user:
+      return False

   if web.session.get("ip", web.ctx.ip) != web.ctx.ip:
     return False
@@ -136,7 +138,7 @@ def logged_in(f):
 def logged_in(f):
   """ Decorator which will redirect to login page if not logged in. """
   def internal(*a, **kw):
-    if web.session.user == None:
+    if not is_logged_in():
       return web.seeother("login")
     f(*a, **kw)
   return internal
@@ -400,8 +402,18 @@ class About:
   def GET(self):
     render("index.html", terms=dict(user=web.session.user))

+def cleanup_sessions():
+  """ Cleans up sessions every 5 minutes. """
+  web.env['com.saddi.service.session']._store.periodic()
+  threading.Timer(300.0, cleanup_sessions)
+
 if __name__ == "__main__":
-  session_mw = web.sessions(web.DiskSessionStore, storeDir=base_dir+"store/session/", defaults={"user": None, "ip": None})
+  cookieAttributes = {'domain': 'secure.ucc.asn.au', 'path': '/openid/',
+    'secure': 'secure'}
+  session_mw = web.sessions(web.DiskSessionStore, \
+    storeDir=base_dir+"store/session/", defaults={"user": None, "ip": None},
+    cookieAttributes=cookieAttributes)
+  threading.Timer(300.0, cleanup_sessions)
   sys.argv.append("fastcgi")
   web.run(urls, locals(), session_mw)