From aecec02b6ce2a3532625c97b39576d3638f8843b Mon Sep 17 00:00:00 2001 From: Joseph Schorr Date: Thu, 20 Jul 2017 15:40:14 -0400 Subject: [PATCH] Change common_login to take in a user uuid, instead of a user DB object --- data/model/user.py | 2 +- endpoints/api/suconfig.py | 2 +- endpoints/api/user.py | 8 ++++---- endpoints/common.py | 31 +++++++++++++++---------------- endpoints/oauth/login.py | 2 +- endpoints/test/test_common.py | 2 +- endpoints/web.py | 4 ++-- 7 files changed, 25 insertions(+), 26 deletions(-) diff --git a/data/model/user.py b/data/model/user.py index a1fb0d81e..b2c475b78 100644 --- a/data/model/user.py +++ b/data/model/user.py @@ -882,7 +882,7 @@ class LoginWrappedDBUser(UserMixin): @property def is_active(self): - return self.db_user().verified + return self.db_user() and self.db_user().verified def get_id(self): return unicode(self._uuid) diff --git a/endpoints/api/suconfig.py b/endpoints/api/suconfig.py index db5050489..4b7bee5d3 100644 --- a/endpoints/api/suconfig.py +++ b/endpoints/api/suconfig.py @@ -401,7 +401,7 @@ class SuperUserCreateInitialSuperUser(ApiResource): superusers.register_superuser(username) # Conduct login with that user. - common_login(superuser) + common_login(superuser.uuid) return { 'status': True diff --git a/endpoints/api/user.py b/endpoints/api/user.py index f359c16d5..14a180b50 100644 --- a/endpoints/api/user.py +++ b/endpoints/api/user.py @@ -317,7 +317,7 @@ class User(ApiResource): model.user.change_password(user, user_data['password']) # Login again to reset their session cookie. - common_login(user) + common_login(user.uuid) if features.MAILING: send_password_changed(user.username, user.email) @@ -436,7 +436,7 @@ class User(ApiResource): 'awaiting_verification': True } else: - common_login(new_user) + common_login(new_user.uuid) return user_view(new_user) except model.user.DataModelException as ex: raise request_error(exception=ex) @@ -528,7 +528,7 @@ def conduct_signin(username_or_email, password, invite_code=None): if invite_code: handle_invite_code(invite_code, found_user) - if common_login(found_user): + if common_login(found_user.uuid): return {'success': True} else: needs_email_verification = True @@ -688,7 +688,7 @@ class VerifyUser(ApiResource): 'invalidCredentials': True, }, 403 - common_login(result) + common_login(result.uuid) return {'success': True} diff --git a/endpoints/common.py b/endpoints/common.py index 457faaa52..dbe7fabc4 100644 --- a/endpoints/common.py +++ b/endpoints/common.py @@ -23,11 +23,11 @@ from _init import __version__ logger = logging.getLogger(__name__) -def common_login(db_user, permanent_session=True): +def common_login(user_uuid, permanent_session=True): """ Performs login of the given user, with optional non-permanence on the session. """ - if login_user(LoginWrappedDBUser(db_user.uuid, db_user)): - logger.debug('Successfully signed in as: %s (%s)' % (db_user.username, db_user.uuid)) - new_identity = QuayDeferredPermissionUser.for_user(db_user) + if login_user(LoginWrappedDBUser(user_uuid)): + logger.debug('Successfully signed in as user with uuid %s', user_uuid) + new_identity = QuayDeferredPermissionUser.for_id(user_uuid) identity_changed.send(app, identity=new_identity) session['login_time'] = datetime.datetime.now() @@ -37,19 +37,18 @@ def common_login(db_user, permanent_session=True): session.permanent_session_lifetime = convert_to_timedelta(session_timeout_str) # Inform our user analytics that we have a new "lead" - create_lead_future = user_analytics.create_lead( - db_user.email, - db_user.username, - db_user.given_name, - db_user.family_name, - db_user.company, - ) - create_lead_future.add_done_callback(build_error_callback('Create lead failed')) - + #create_lead_future = user_analytics.create_lead( + # db_user.email, + # db_user.username, + # db_user.given_name, + # db_user.family_name, + # db_user.company, + #) + #create_lead_future.add_done_callback(build_error_callback('Create lead failed')) return True - else: - logger.debug('User could not be logged in, inactive?') - return False + + logger.debug('User could not be logged in, inactive?') + return False def _list_files(path, extension): diff --git a/endpoints/oauth/login.py b/endpoints/oauth/login.py index 333f4e99d..3c21fde29 100644 --- a/endpoints/oauth/login.py +++ b/endpoints/oauth/login.py @@ -139,7 +139,7 @@ def _render_ologin_error(service_name, error_message=None, register_redirect=Fal def _perform_login(user_obj, service_name): """ Attempts to login the given user, returning the Flask result of whether the login succeeded. """ - if common_login(user_obj): + if common_login(user_obj.uuid): if model.user.has_user_prompts(user_obj): return redirect(url_for('web.updateuser')) else: diff --git a/endpoints/test/test_common.py b/endpoints/test/test_common.py index 7ede7c62c..39cc0c569 100644 --- a/endpoints/test/test_common.py +++ b/endpoints/test/test_common.py @@ -22,4 +22,4 @@ from test.fixtures import * def test_common_login(username, expect_success, app): db_user = model.user.get_namespace_user(username) with app.app_context(): - assert common_login(db_user) == expect_success + assert common_login(db_user.uuid) == expect_success diff --git a/endpoints/web.py b/endpoints/web.py index da33b0fdb..561c3efd4 100644 --- a/endpoints/web.py +++ b/endpoints/web.py @@ -464,7 +464,7 @@ def confirm_email(): change_email_future = user_analytics.change_email(old_email, new_email) change_email_future.add_done_callback(build_error_callback('Change email failed')) - common_login(user) + common_login(user.uuid) if model.user.has_user_prompts(user): return redirect(url_for('web.updateuser')) elif new_email: @@ -481,7 +481,7 @@ def confirm_recovery(): user = model.user.validate_reset_code(code) if user is not None: - common_login(user) + common_login(user.uuid) return redirect(url_for('web.user_view', path=user.username, tab='settings', action='password')) else: message = 'Invalid recovery code: This code is invalid or may have already been used.'