I am not able to test it without the UI part. Could you send both patches (backend and UI) in the same patch set? On 03/03/2014 11:54 AM, shaohef@linux.vnet.ibm.com wrote:
From: ShaoHe Feng <shaohef@linux.vnet.ibm.com>
Now UI will periodic access the vms and host. The will never make the session be timeout. This patch fix this problem. Now the UI can set "User-Agent" as "kimchi-robot" when it want to periodic access the vms and host. If the "User-Agent" starts with "kimchi-robot" for a long time, kimchi will expire the session.
A UI patch will send later.
Signed-off-by: ShaoHe Feng <shaohef@linux.vnet.ibm.com> --- src/kimchi/auth.py | 11 +++++++++++ 1 file changed, 11 insertions(+)
diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py index f8ccea1..b1c08db 100644 --- a/src/kimchi/auth.py +++ b/src/kimchi/auth.py @@ -22,6 +22,7 @@ import cherrypy import grp import PAM import re +import time
from kimchi import template @@ -32,6 +33,7 @@ from kimchi.utils import run_command USER_ID = 'userid' USER_GROUPS = 'groups' USER_SUDO = 'sudo' +REFRESH = 'robot-refresh'
def debug(msg): @@ -131,6 +133,13 @@ def check_auth_session(): cherrypy.session.release_lock() if session is not None: debug("Session authenticated for user %s" % session) + userAgent = cherrypy.request.headers.get('User-Agent') + if userAgent.startswith("kimchi-robot"): + if (time.time() - cherrypy.session[REFRESH] > + cherrypy.session.timeout * 60): + cherrypy.lib.sessions.expire() + else: + cherrypy.session[REFRESH] = time.time() return True
debug("Session not found") @@ -172,6 +181,7 @@ def login(userid, password): cherrypy.session[USER_ID] = userid cherrypy.session[USER_GROUPS] = user.get_groups() cherrypy.session[USER_SUDO] = user.has_sudo() + cherrypy.session[REFRESH] = time.time() cherrypy.session.release_lock() return user.get_user()
@@ -179,6 +189,7 @@ def login(userid, password): def logout(): cherrypy.session.acquire_lock() cherrypy.session[USER_ID] = None + cherrypy.session[REFRESH] = 0 cherrypy.session.release_lock() cherrypy.lib.sessions.expire()