Annikka/evennia
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

First attemtps at fixing the auto-login and making it cleaner.

Browse source
This commit is contained in:
Griatch 2017-08-20 17:07:18 +02:00
parent 994e8f6fb0
commit 0ac190b6ea
4 changed files with 89 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

1
evennia/server/portal/portalsessionhandler.py
View file

@ -268,6 +268,7 @@ class PortalSessionHandler(SessionHandler):
data (dict): The session sync data. data (dict): The session sync data.
""" """
session.at_login()
session.load_sync_data(data) session.load_sync_data(data)
def server_session_sync(self, serversessions, clean=True): def server_session_sync(self, serversessions, clean=True):

48
evennia/server/portal/webclient.py
View file

@ -42,26 +42,38 @@ class WebSocketClient(Protocol, Session):
client_address = client_address[0] if client_address else None client_address = client_address[0] if client_address else None
self.init_session("websocket", client_address, self.factory.sessionhandler) self.init_session("websocket", client_address, self.factory.sessionhandler)
def validationMade(self): def get_browser_session(self):
""" """
This is called from the (modified) txws websocket library when Get the Client browser session (used for auto-login based on browser session)
the ws handshake and validation has completed fully.
Returns:
csession (ClientSession): This is a django-specific internal representation
of the browser session.
""" """
try: try:
self.csessid = self.transport.location.split("?", 1)[1] self.csessid = self.transport.location.split("?", 1)[1]
except IndexError: except IndexError:
# this may happen for custom webclients not caring for the # this may happen for custom webclients not caring for the
# browser session. # browser session.
self.csessid = None self.csessid = None
return None
if self.csessid: if self.csessid:
csession = _CLIENT_SESSIONS(session_key=self.csessid) return _CLIENT_SESSIONS(session_key=self.csessid)
uid = csession and csession.get("logged_in", False)
if uid: def validationMade(self):
# the client session is already logged in. """
self.uid = uid This is called from the (modified) txws websocket library when
self.logged_in = True the ws handshake and validation has completed fully.
"""
csession = self.get_browser_session()
uid = csession and csession.get("webclient_authenticated_uid", None)
print("In validationMade csession uid=", uid)
if uid:
# the client session is already logged in.
self.uid = uid
self.logged_in = True
# watch for dead links # watch for dead links
self.transport.setTcpKeepAlive(1) self.transport.setTcpKeepAlive(1)
@ -78,6 +90,14 @@ class WebSocketClient(Protocol, Session):
""" """
self.data_out(text=((reason or "",), {})) self.data_out(text=((reason or "",), {}))
csession = self.get_client_session()
if csession:
print("In disconnect: csession uid=%s" % csession.get("webclient_authenticated_uid", None))
#csession["webclient_authenticated_uid"] = None
#csession.save()
self.logged_in = False
self.connectionLost(reason) self.connectionLost(reason)
def connectionLost(self, reason): def connectionLost(self, reason):
@ -90,6 +110,7 @@ class WebSocketClient(Protocol, Session):
reason (str): Motivation for the lost connection. reason (str): Motivation for the lost connection.
""" """
print("In connectionLost of webclient")
self.sessionhandler.disconnect(self) self.sessionhandler.disconnect(self)
self.transport.close() self.transport.close()
@ -116,6 +137,13 @@ class WebSocketClient(Protocol, Session):
""" """
return self.transport.write(line) return self.transport.write(line)
def at_login(self):
csession = self.get_browser_session()
print("Weblient at_login. Session: %s" % csession.session_key)
if csession:
csession["webclient_authenticated_uid"] = self.uid
csession.save()
def data_in(self, **kwargs): def data_in(self, **kwargs):
""" """
Data User > Evennia. Data User > Evennia.

34
evennia/web/webclient/views.py
View file

@ -19,25 +19,33 @@ def _shared_login(request):
""" """
csession = request.session csession = request.session
account = request.user account = request.user
sesslogin = csession.get("logged_in", None) # these can have 3 values:
# None - previously unused (auto-login)
# False - actively logged out (don't auto-login)
# <uid> - logged in User/Account id
website_uid = csession.get("website_authenticated_uid", None)
webclient_uid = csession.get("webclient_authenticated_uid", None)
print("webclient website_uid=%s, webclient_uid=%s, session_key=%s" % (website_uid, webclient_uid, csession.session_key))
# check if user has authenticated to website # check if user has authenticated to website
if csession.session_key is None: if csession.session_key is None:
# this is necessary to build the sessid key # this is necessary to build the sessid key
print("Webclient created a new browser session key")
csession.save() csession.save()
elif account.is_authenticated():
if not sesslogin: if webclient_uid:
# User has already authenticated to website
csession["logged_in"] = account.id
elif sesslogin:
# The webclient has previously registered a login to this browser_session # The webclient has previously registered a login to this browser_session
account = AccountDB.objects.get(id=sesslogin) if not account.is_authenticated():
try: # not logged into website
# calls our custom authenticate in web/utils/backends.py if website_uid is None:
account = authenticate(autologin=account) account = AccountDB.objects.get(id=webclient_uid)
login(request, account) try:
except AttributeError: # calls our custom authenticate in web/utils/backends.py
logger.log_trace() account = authenticate(autologin=account)
login(request, account)
csession["website_authenticated_uid"] = webclient_uid
except AttributeError:
logger.log_trace()
def webclient(request): def webclient(request):

42
evennia/web/website/views.py
View file

@ -28,23 +28,39 @@ def _shared_login(request):
""" """
csession = request.session csession = request.session
account = request.user account = request.user
sesslogin = csession.get("logged_in", None) # these can have 3 values:
# None - previously unused (auto-login)
# False - actively logged out (don't auto-login)
# <uid> - logged in User/Account id
website_uid = csession.get("website_authenticated_uid", None)
webclient_uid = csession.get("webclient_authenticated_uid", None)
print("website website_uid=%s, webclient_uid=%s, session_key=%s" % (website_uid, webclient_uid, csession.session_key))
if csession.session_key is None: if csession.session_key is None:
# this is necessary to build the sessid key # this is necessary to build the sessid key
print("Website created a new browser session key")
csession.save() csession.save()
elif account.is_authenticated():
if not sesslogin: if account.is_authenticated():
csession["logged_in"] = account.id # Logged into website
elif sesslogin: if not website_uid:
# The webclient has previously registered a login to this csession # fresh website login (just from login page)
account = AccountDB.objects.get(id=sesslogin) csession["website_authenticated_uid"] = account.id
try: if webclient_uid is None:
# calls our custom authenticate, in web/utils/backend.py # auto-login web client
authenticate(autologin=account) csession["webclient_authenticated_uid"] = account.id
login(request, account)
except AttributeError: elif webclient_uid:
logger.log_trace() # Not logged into website, but logged into webclient
if not website_uid:
csession["website_authenticated_uid"] = account.id
account = AccountDB.objects.get(id=webclient_uid)
try:
# calls our custom authenticate, in web/utils/backend.py
authenticate(autologin=account)
login(request, account)
except AttributeError:
logger.log_trace()
def _gamestats(): def _gamestats():