Skip to content
Snippets Groups Projects
Commit 155fedec authored by Robin Sonnabend's avatar Robin Sonnabend
Browse files

Ignore session duration in permanent sessions 

ref #116
parent 739c7714
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 11 additions and 9 deletions
auth.py
+ 11
9
View file @ 155fedec
...@@ -6,7 +6,7 @@ from ldap3.utils.dn import parse_dn ...@@ -6,7 +6,7 @@ from ldap3.utils.dn import parse_dn
from datetime import datetime from datetime import datetime
class User: class User:
def __init__(self, username, groups, timestamp=None, obsolete=False): def __init__(self, username, groups, timestamp=None, obsolete=False, permanent=False):
self.username = username self.username = username
self.groups = groups self.groups = groups
if timestamp is not None: if timestamp is not None:
...@@ -14,20 +14,22 @@ class User: ...@@ -14,20 +14,22 @@ class User:
else: else:
self.timestamp = datetime.now() self.timestamp = datetime.now()
self.obsolete = obsolete self.obsolete = obsolete
self.permanent = permanent
def summarize(self): def summarize(self):
return "{}:{}:{}:{}".format(self.username, ",".join(self.groups), str(self.timestamp.timestamp()), self.obsolete) return "{}:{}:{}:{}:{}".format(self.username, ",".join(self.groups), str(self.timestamp.timestamp()), self.obsolete, self.permanent)
@staticmethod @staticmethod
def from_summary(summary): def from_summary(summary):
parts = summary.split(":", 3) parts = summary.split(":", 4)
if len(parts) != 4: if len(parts) != 5:
return None return None
name, group_str, timestamp_str, obsolete_str = parts name, group_str, timestamp_str, obsolete_str, permanent_str = parts
timestamp = datetime.fromtimestamp(float(timestamp_str)) timestamp = datetime.fromtimestamp(float(timestamp_str))
obsolete = obsolete_str == "True" obsolete = obsolete_str == "True"
groups = group_str.split(",") groups = group_str.split(",")
return User(name, groups, timestamp, obsolete) permanent = permanent_str == "True"
return User(name, groups, timestamp, obsolete, permanent)
@staticmethod @staticmethod
def from_hashstring(secure_string): def from_hashstring(secure_string):
...@@ -38,11 +40,11 @@ class UserManager: ...@@ -38,11 +40,11 @@ class UserManager:
def __init__(self, backends): def __init__(self, backends):
self.backends = backends self.backends = backends
def login(self, username, password): def login(self, username, password, permanent=False):
for backend in self.backends: for backend in self.backends:
if backend.authenticate(username, password): if backend.authenticate(username, password):
groups = backend.groups(username, password) groups = backend.groups(username, password)
return User(username, groups, obsolete=backend.obsolete) return User(username, groups, obsolete=backend.obsolete, permanent=permanent)
return None return None
def all_groups(self): def all_groups(self):
...@@ -154,5 +156,5 @@ class SecurityManager: ...@@ -154,5 +156,5 @@ class SecurityManager:
session_duration = datetime.now() - user.timestamp session_duration = datetime.now() - user.timestamp
macs_equal = hmac.compare_digest(maccer.hexdigest().encode("utf-8"), hash) macs_equal = hmac.compare_digest(maccer.hexdigest().encode("utf-8"), hash)
time_short = int(session_duration.total_seconds()) < self.max_duration time_short = int(session_duration.total_seconds()) < self.max_duration
return macs_equal and time_short return macs_equal and (time_short or user.permanent)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment