From: ShaoHe Feng <shaohef@linux.vnet.ibm.com> Now UI will periodic access the vms and host. The will never make the session be timeout. This patch fix this problem. Now the UI can set "User-Agent" as "kimchi-robot" when it want to periodic access the vms and host. If the "User-Agent" starts with "kimchi-robot" for a long time, kimchi will expire the session. A UI patch will send later. Signed-off-by: ShaoHe Feng <shaohef@linux.vnet.ibm.com> --- src/kimchi/auth.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/kimchi/auth.py b/src/kimchi/auth.py index f8ccea1..b1c08db 100644 --- a/src/kimchi/auth.py +++ b/src/kimchi/auth.py @@ -22,6 +22,7 @@ import cherrypy import grp import PAM import re +import time from kimchi import template @@ -32,6 +33,7 @@ from kimchi.utils import run_command USER_ID = 'userid' USER_GROUPS = 'groups' USER_SUDO = 'sudo' +REFRESH = 'robot-refresh' def debug(msg): @@ -131,6 +133,13 @@ def check_auth_session(): cherrypy.session.release_lock() if session is not None: debug("Session authenticated for user %s" % session) + userAgent = cherrypy.request.headers.get('User-Agent') + if userAgent.startswith("kimchi-robot"): + if (time.time() - cherrypy.session[REFRESH] > + cherrypy.session.timeout * 60): + cherrypy.lib.sessions.expire() + else: + cherrypy.session[REFRESH] = time.time() return True debug("Session not found") @@ -172,6 +181,7 @@ def login(userid, password): cherrypy.session[USER_ID] = userid cherrypy.session[USER_GROUPS] = user.get_groups() cherrypy.session[USER_SUDO] = user.has_sudo() + cherrypy.session[REFRESH] = time.time() cherrypy.session.release_lock() return user.get_user() @@ -179,6 +189,7 @@ def login(userid, password): def logout(): cherrypy.session.acquire_lock() cherrypy.session[USER_ID] = None + cherrypy.session[REFRESH] = 0 cherrypy.session.release_lock() cherrypy.lib.sessions.expire() -- 1.8.4.2