OCA
/
server-tools
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2212 Commits
13 Branches
0 Tags
45 MiB
Tree: f331fcdb80
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f331fcdb80'
${ noResults }
server-tools/auth_session_timeout/models/res_users.py

110 lines
3.4 KiB
Raw Normal View History

Add a new module to logout inactive session after a configured delay
10 years ago
[9.0] port - inactive_session_timeout
8 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[9.0] port - inactive_session_timeout
8 years ago
Add a new module to logout inactive session after a configured delay
10 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
Add a new module to logout inactive session after a configured delay
10 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
[FIX] auth_session_timeout: Missing import
6 years ago
Add a new module to logout inactive session after a configured delay
10 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[MIG] auth_session_timeout: Migrate to v10 * Bump versions * Installable to True * Add Usage section to ReadMe w/ Runbot link * `_crypt_context` now directly exposes the `CryptContext` * Change all instances of openerp to odoo * Add test coverage to IrConfigParameter * Add test coverage for res.users * Remove db from `get_session_parameters` method call * Remove deprecated skiparg for ormcache * Fix tests & lint * Switch cache to use self.cr.dbname * Fix ormcache
8 years ago
Add a new module to logout inactive session after a configured delay
10 years ago
Commit concerns: - Add AGPL-3 badge on README.rst - Insert Bug tracker informations in README.rst - Import from same package on same line - Use CamelCase for class names
9 years ago
Add a new module to logout inactive session after a configured delay
10 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Add a new module to logout inactive session after a configured delay
10 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
corrects AttributeError: 'HttpRequest' object has no attribute 'http' (#1070) * corrects AttributeError: 'HttpRequest' object has no attribute 'http' * updates the module version number for pull request #1070
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
Add a new module to logout inactive session after a configured delay
10 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[IMP] auth_session_timeout: Deprecate backwards compat + improve * Deprecate backwards compatibility methods that were retained during v9 rework * Upgrade API and rename a few things for PEP-8 * Switch to HttpCase for tests * Switch to isolated build
7 years ago
Module auth_session_timeout: Pluggability (#887) * Module auth_session_timeout: --------------------------- * Refactor to allow other modules to inherit and augment or override the following: ** Session expiry time (deadline) calculation ** Ignored URLs ** Final session expiry (with possibility to late-abort) * Re-ordered functionality to remove unnecessary work, as this code is called very often. * Do not expire a session if delay gets set to zero (or unset / false) * WIP * Fixed flake8 lint errors * Fixed flake8 lint errors * WIP * WIP * WIP * WIP * WIP * WIP * Module: auth-session-timeout: Refactor ResUser tests to use `unittest.mock` patching * Module: auth_session_timeout: Fixed flake8 lint errors * Module: auth_session_timeout: Fixed flake8 lint errors
7 years ago
[FIX] auth_session_timeout: ormcache should be explicitly declared Closes #1532
6 years ago
[FIX] Use _compute_session_token to invalidate user sessions on auth_session_timeout
6 years ago
[FIX] Avoid crash when using auth_session_timeout module with XML-RPC API
6 years ago
Add a new module to logout inactive session after a configured delay
10 years ago
  1. # -*- coding: utf-8 -*-
  2. # (c) 2015 ACSONE SA/NV, Dhinesh D
  4. # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
  6. import logging
  8. from os.path import getmtime
  9. from time import time
  10. from os import utime
  12. from odoo import api, http, models, tools
  14. _logger = logging.getLogger(__name__)
  17. class ResUsers(models.Model):
  18. _inherit = 'res.users'
  20. @api.model_cr_context
  21. def _auth_timeout_get_ignored_urls(self):
  22. """Pluggable method for calculating ignored urls
  23. Defaults to stored config param
  24. """
  25. params = self.env['ir.config_parameter']
  26. return params._auth_timeout_get_parameter_ignored_urls()
  28. @api.model_cr_context
  29. def _auth_timeout_deadline_calculate(self):
  30. """Pluggable method for calculating timeout deadline
  31. Defaults to current time minus delay using delay stored as config
  32. param.
  33. """
  34. params = self.env['ir.config_parameter']
  35. delay = params._auth_timeout_get_parameter_delay()
  36. if delay <= 0:
  37. return False
  38. return time() - delay
  40. @api.model_cr_context
  41. def _auth_timeout_session_terminate(self, session):
  42. """Pluggable method for terminating a timed-out session
  44. This is a late stage where a session timeout can be aborted.
  45. Useful if you want to do some heavy checking, as it won't be
  46. called unless the session inactivity deadline has been reached.
  48. Return:
  49. True: session terminated
  50. False: session timeout cancelled
  51. """
  52. if session.db and session.uid:
  53. session.logout(keep_db=True)
  54. return True
  56. @api.model_cr_context
  57. def _auth_timeout_check(self):
  58. """Perform session timeout validation and expire if needed."""
  60. if not http.request:
  61. return
  63. session = http.request.session
  65. # Calculate deadline
  66. deadline = self._auth_timeout_deadline_calculate()
  68. # Check if past deadline
  69. expired = False
  70. if deadline is not False:
  71. path = http.root.session_store.get_session_filename(session.sid)
  72. try:
  73. expired = getmtime(path) < deadline
  74. except OSError as e:
  75. _logger.exception(
  76. 'Exception reading session file modified time.',
  77. )
  78. # Force expire the session. Will be resolved with new session.
  79. expired = True
  81. # Try to terminate the session
  82. terminated = False
  83. if expired:
  84. terminated = self._auth_timeout_session_terminate(session)
  86. # If session terminated, all done
  87. if terminated:
  88. return
  90. # Else, conditionally update session modified and access times
  91. ignored_urls = self._auth_timeout_get_ignored_urls()
  93. if http.request.httprequest.path not in ignored_urls:
  94. if 'path' not in locals():
  95. path = http.root.session_store.get_session_filename(
  96. session.sid,
  97. )
  98. try:
  99. utime(path, None)
  100. except OSError as e:
  101. _logger.exception(
  102. 'Exception updating session file access/modified times.',
  103. )
  105. @tools.ormcache('sid')
  106. def _compute_session_token(self, sid):
  107. res = super(ResUsers, self)._compute_session_token(sid)
  108. if http.request:
  109. http.request.env.user._auth_timeout_check()
  110. return res