Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
protokollsystem
proto3
Commits
6e6f7935
Commit
6e6f7935
authored
Jul 07, 2017
by
Robin Sonnabend
Browse files
Ignore session duration in permanent sessions
ref
#116
parent
940eb642
Changes
2
Hide whitespace changes
Inline
Side-by-side
auth.py
View file @
6e6f7935
...
...
@@ -6,7 +6,7 @@ from ldap3.utils.dn import parse_dn
from
datetime
import
datetime
class
User
:
def
__init__
(
self
,
username
,
groups
,
timestamp
=
None
,
obsolete
=
False
):
def
__init__
(
self
,
username
,
groups
,
timestamp
=
None
,
obsolete
=
False
,
permanent
=
False
):
self
.
username
=
username
self
.
groups
=
groups
if
timestamp
is
not
None
:
...
...
@@ -14,20 +14,22 @@ class User:
else
:
self
.
timestamp
=
datetime
.
now
()
self
.
obsolete
=
obsolete
self
.
permanent
=
permanent
def
summarize
(
self
):
return
"{}:{}:{}:{}"
.
format
(
self
.
username
,
","
.
join
(
self
.
groups
),
str
(
self
.
timestamp
.
timestamp
()),
self
.
obsolete
)
return
"{}:{}:{}:{}
:{}
"
.
format
(
self
.
username
,
","
.
join
(
self
.
groups
),
str
(
self
.
timestamp
.
timestamp
()),
self
.
obsolete
,
self
.
permanent
)
@
staticmethod
def
from_summary
(
summary
):
parts
=
summary
.
split
(
":"
,
3
)
if
len
(
parts
)
!=
4
:
parts
=
summary
.
split
(
":"
,
4
)
if
len
(
parts
)
!=
5
:
return
None
name
,
group_str
,
timestamp_str
,
obsolete_str
=
parts
name
,
group_str
,
timestamp_str
,
obsolete_str
,
permanent_str
=
parts
timestamp
=
datetime
.
fromtimestamp
(
float
(
timestamp_str
))
obsolete
=
obsolete_str
==
"True"
groups
=
group_str
.
split
(
","
)
return
User
(
name
,
groups
,
timestamp
,
obsolete
)
permanent
=
permanent_str
==
"True"
return
User
(
name
,
groups
,
timestamp
,
obsolete
,
permanent
)
@
staticmethod
def
from_hashstring
(
secure_string
):
...
...
@@ -38,11 +40,11 @@ class UserManager:
def
__init__
(
self
,
backends
):
self
.
backends
=
backends
def
login
(
self
,
username
,
password
):
def
login
(
self
,
username
,
password
,
permanent
=
False
):
for
backend
in
self
.
backends
:
if
backend
.
authenticate
(
username
,
password
):
groups
=
backend
.
groups
(
username
,
password
)
return
User
(
username
,
groups
,
obsolete
=
backend
.
obsolete
)
return
User
(
username
,
groups
,
obsolete
=
backend
.
obsolete
,
permanent
=
permanent
)
return
None
def
all_groups
(
self
):
...
...
@@ -154,5 +156,5 @@ class SecurityManager:
session_duration
=
datetime
.
now
()
-
user
.
timestamp
macs_equal
=
hmac
.
compare_digest
(
maccer
.
hexdigest
().
encode
(
"utf-8"
),
hash
)
time_short
=
int
(
session_duration
.
total_seconds
())
<
self
.
max_duration
return
macs_equal
and
time_short
return
macs_equal
and
(
time_short
or
user
.
permanent
)
server.py
View file @
6e6f7935
...
...
@@ -1348,7 +1348,7 @@ def login():
return
redirect
(
request
.
args
.
get
(
"next"
)
or
url_for
(
"index"
))
form
=
LoginForm
()
if
form
.
validate_on_submit
():
user
=
user_manager
.
login
(
form
.
username
.
data
,
form
.
password
.
data
)
user
=
user_manager
.
login
(
form
.
username
.
data
,
form
.
password
.
data
,
permanent
=
form
.
permanent
.
data
)
if
user
is
not
None
:
session
[
"auth"
]
=
security_manager
.
hash_user
(
user
)
session
.
permanent
=
form
.
permanent
.
data
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
