[web] the AuthenticationMAnager is no more an appobject

It is now explictly instanciated by the session manager.

Related to #1381328.

authorAurelien Campeas <aurelien.campeas@logilab.fr>
changeset00295e793002
branchdefault
phasedraft
hiddenyes
parent revision#480187dd66b3 [web] move AbstractAuthManager near its immediate concrete subclass
child revision#1337d9436c2c [web/sessions] the session managers are definitely not components
files modified by this revision
web/views/authentication.py
web/views/sessions.py
# HG changeset patch
# User Aurelien Campeas <aurelien.campeas@logilab.fr>
# Date 1392306213 -3600
# Thu Feb 13 16:43:33 2014 +0100
# Node ID 00295e7930024db5ce9443180b066e456f67295d
# Parent 480187dd66b3c5b0eebe922e9cba8d4f3a34efaa
[web] the AuthenticationMAnager is no more an appobject

It is now explictly instanciated by the session manager.

Related to #1381328.

diff --git a/web/views/authentication.py b/web/views/authentication.py
@@ -17,16 +17,13 @@
1  # with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
2  """user authentication component"""
3 
4  __docformat__ = "restructuredtext en"
5 
6 -from threading import Lock
7 -
8 -from logilab.common.decorators import clear_cache
9  from logilab.common.deprecation import class_renamed
10 
11 -from cubicweb import AuthenticationError, BadConnectionId
12 +from cubicweb import AuthenticationError
13  from cubicweb.view import Component
14  from cubicweb.web import InvalidSession
15 
16 
17  class NoAuthInfo(Exception): pass
@@ -99,45 +96,15 @@
18      'LoginPasswordRetreiver', LoginPasswordRetriever,
19      '[3.17] LoginPasswordRetreiver had been renamed into LoginPasswordRetriever '
20      '("ie" instead of "ei")')
21 
22 
23 -class AbstractAuthenticationManager(Component):
24 -    """authenticate user associated to a request and check session validity"""
25 -    __abstract__ = True
26 -    __regid__ = 'authmanager'
27 
28 -    def __init__(self, repo):
29 -        self.vreg = repo.vreg
30 -
31 -    def validate_session(self, req, session):
32 -        """check session validity, reconnecting it to the repository if the
33 -        associated connection expired in the repository side (hence the
34 -        necessity for this method).
35 -
36 -        raise :exc:`InvalidSession` if session is corrupted for a reason or
37 -        another and should be closed
38 -        """
39 -        raise NotImplementedError()
40 -
41 -    def authenticate(self, req):
42 -        """authenticate user using connection information found in the request,
43 -        and return corresponding a :class:`~cubicweb.dbapi.Connection` instance,
44 -        as well as login and authentication information dictionary used to open
45 -        the connection.
46 -
47 -        raise :exc:`cubicweb.AuthenticationError` if authentication failed
48 -        (no authentication info found or wrong user/password)
49 -        """
50 -        raise NotImplementedError()
51 -
52 -
53 -class RepositoryAuthenticationManager(AbstractAuthenticationManager):
54 +class RepositoryAuthenticationManager(object):
55      """authenticate user associated to a request and check session validity"""
56 
57      def __init__(self, repo):
58 -        super(RepositoryAuthenticationManager, self).__init__(repo)
59          self.repo = repo
60          vreg = repo.vreg
61          self.log_queries = vreg.config['query-log-file']
62          self.authinforetrievers = sorted(vreg['webauth'].possible_objects(vreg),
63                                           key=lambda x: x.order)
diff --git a/web/views/sessions.py b/web/views/sessions.py
@@ -21,20 +21,21 @@
64  from time import time
65 
66  from cubicweb import RepositoryError, Unauthorized, BadConnectionId
67  from cubicweb.web import InvalidSession, component
68 
69 +from cubicweb.web.views import authentication
70 
71  class AbstractSessionManager(component.Component):
72      """manage session data associated to a session identifier"""
73      __abstract__ = True
74      __regid__ = 'sessionmanager'
75 
76      def __init__(self, repo):
77          vreg = repo.vreg
78          self.session_time = vreg.config['http-session-time'] or None
79 -        self.authmanager = vreg['components'].select('authmanager', repo=repo)
80 +        self.authmanager = authentication.RepositoryAuthenticationManager(repo)
81          interval = (self.session_time or 0) / 2.
82          if vreg.config.anonymous_user()[0] is not None:
83              self.cleanup_anon_session_time = vreg.config['cleanup-anonymous-session-time'] or 5 * 60
84              assert self.cleanup_anon_session_time > 0
85              if self.session_time is not None: