Statistics
| Branch: | Tag: | Revision:

root / snf-astakos-app / astakos / im / cookie.py @ a6b6d810

History | View | Annotate | Download (3.9 kB)

1
# Copyright 2011-2012 GRNET S.A. All rights reserved.
2
# 
3
# Redistribution and use in source and binary forms, with or
4
# without modification, are permitted provided that the following
5
# conditions are met:
6
# 
7
#   1. Redistributions of source code must retain the above
8
#      copyright notice, this list of conditions and the following
9
#      disclaimer.
10
# 
11
#   2. Redistributions in binary form must reproduce the above
12
#      copyright notice, this list of conditions and the following
13
#      disclaimer in the documentation and/or other materials
14
#      provided with the distribution.
15
# 
16
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
# POSSIBILITY OF SUCH DAMAGE.
28
# 
29
# The views and conclusions contained in the software and
30
# documentation are those of the authors and should not be
31
# interpreted as representing official policies, either expressed
32
# or implied, of GRNET S.A.
33

    
34
import logging
35

    
36
from urllib import quote, unquote
37

    
38
from django.contrib.auth.models import AnonymousUser
39
from django.http import HttpRequest
40
from django.utils.translation import ugettext as _
41

    
42
from astakos.im.settings import (
43
    COOKIE_NAME, COOKIE_DOMAIN, COOKIE_SECURE, LOGGING_LEVEL)
44

    
45
import astakos.im.messages as astakos_messages
46

    
47
logger = logging.getLogger(__name__)
48

    
49
class Cookie():
50
    def __init__(self, request, response=None):
51
        cookies = getattr(request, 'COOKIES', {})
52
        cookie = unquote(cookies.get(COOKIE_NAME, ''))
53
        self.uuid, sep, self.auth_token = cookie.partition('|')
54
        self.request = request
55
        self.response = response
56
    
57
    @property
58
    def uuid(self):
59
        return getattr(self, 'uuid', '')
60
    
61
    @property
62
    def auth_token(self):
63
        return getattr(self, 'auth_token', '')
64
    
65
    @property
66
    def is_set(self):
67
        no_token = not self.auth_token
68
        return not no_token
69
    
70
    @property
71
    def is_valid(self):
72
        return self.uuid == getattr(self.user, 'uuid', '') and \
73
            self.auth_token == getattr(self.user, 'auth_token', '')
74
    
75
    @property
76
    def user(self):
77
        return getattr(self.request, 'user', AnonymousUser())
78
    
79
    def __set(self):
80
        if not self.response:
81
            raise ValueError(_(astakos_messages.NO_RESPONSE))
82
        user = self.user
83
        expire_fmt = user.auth_token_expires.strftime('%a, %d-%b-%Y %H:%M:%S %Z')
84
        cookie_value = quote(user.uuid + '|' + user.auth_token)
85
        self.response.set_cookie(
86
            COOKIE_NAME, value=cookie_value, expires=expire_fmt, path='/',
87
            domain=COOKIE_DOMAIN, secure=COOKIE_SECURE
88
        )
89
        msg = 'Cookie [expiring %(auth_token_expires)s] set for %(uuid)s' % user.__dict__
90
        logger._log(LOGGING_LEVEL, msg, [])
91
    
92
    def __delete(self):
93
        if not self.response:
94
            raise ValueError(_(astakos_messages.NO_RESPONSE))
95
        self.response.delete_cookie(COOKIE_NAME, path='/', domain=COOKIE_DOMAIN)
96
        msg = 'Cookie deleted for %(uuid)s' % self.__dict__
97
        logger._log(LOGGING_LEVEL, msg, [])
98
    
99
    def fix(self, response=None):
100
        self.response = response or self.response
101
        try:
102
            if self.user.is_authenticated():
103
                if not self.is_set or not self.is_valid:
104
                    self.__set()
105
            else:
106
                if self.is_set:
107
                    self.__delete()
108
        except AttributeError:
109
            pass