Re: [Kimchi-devel] [PATCH 2/5] Code cleanup.
On 02/10/2014 10:32 AM, Leonardo Garcia wrote:
From: Leonardo Garcia <lagarcia(a)br.ibm.com>
Remove useless statements and improve debug message.
Signed-off-by: Leonardo Garcia <lagarcia(a)br.ibm.com>
---
src/kimchi/auth.py | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py
index 242fdcf..f9873ca 100644
--- a/src/kimchi/auth.py
+++ b/src/kimchi/auth.py
@@ -87,13 +87,11 @@ def check_auth_session():
for the user.
"""
try:
- s = cherrypy.session[SESSION_USER]
- user = cherrypy.request.login = cherrypy.session[SESSION_USER]
- debug("Authenticated with session: %s, for user: %s" % (s, user))
+ user = cherrypy.session[USER_ID]
It seems USER_ID is defined in the
following up patch in this series,
so it needs a rebase.
+ debug("Session authenticated for user %s" % user)
except KeyError:
debug("Session not found")
return False
- debug("Session found for user %s" % user)
return True
@@ -135,8 +133,7 @@ def login(userid, password):
def logout():
cherrypy.session.acquire_lock()
- userid = cherrypy.session.get(SESSION_USER, None)
- cherrypy.session[SESSION_USER] = cherrypy.request.login = None
+ cherrypy.session[USER_ID] = None
we reset the session var to None on logout,
but in check_auth_session,
we check if the key exists.
So check_auth_session will always hold true even after logout. @shaohe,
it's a but, correct?
I know this problem exists in the original patch, but I think we should
not keep the bug when it's changed.
cherrypy.session.release_lock()
cherrypy.lib.sessions.expire()