Mercurial > kallithea
changeset 2045:5b12cbae0b50 beta
fixed issue with sessions that lead to redirection loops
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Mon, 27 Feb 2012 04:28:40 +0200 |
parents | ef2f75e99c3e |
children | 4e1e265af5ca |
files | rhodecode/controllers/login.py rhodecode/lib/auth.py rhodecode/lib/base.py |
diffstat | 3 files changed, 6 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/rhodecode/controllers/login.py Sun Feb 26 21:53:36 2012 +0200 +++ b/rhodecode/controllers/login.py Mon Feb 27 04:28:40 2012 +0200 @@ -73,7 +73,7 @@ # If they want to be remembered, update the cookie if c.form_result['remember'] is not False: session.cookie_expires = False - session._set_cookie_values() + session._set_cookie_values() session._update_cookie_out() session.save()
--- a/rhodecode/lib/auth.py Sun Feb 26 21:53:36 2012 +0200 +++ b/rhodecode/lib/auth.py Mon Feb 27 04:28:40 2012 +0200 @@ -355,6 +355,8 @@ setattr(self, k, v) self.set_authenticated() is_user_loaded = True + else: + log.debug('No data in %s that could been used to log in' % self) if not is_user_loaded: # if we cannot authenticate user try anonymous @@ -661,12 +663,13 @@ def __call__(self, check_Location=''): user = request.user + log.debug('checking %s %s %s', self.__class__.__name__, + self.required_perms, user) if not user: + log.debug('Empty request user') return False self.user_perms = user.permissions self.granted_for = user - log.debug('checking %s %s %s', self.__class__.__name__, - self.required_perms, user) if self.check_permissions(): log.debug('Permission granted %s @ %s', self.granted_for,
--- a/rhodecode/lib/base.py Sun Feb 26 21:53:36 2012 +0200 +++ b/rhodecode/lib/base.py Mon Feb 27 04:28:40 2012 +0200 @@ -136,7 +136,6 @@ cookie_store = CookieStoreWrapper(session.get('rhodecode_user')) user_id = cookie_store.get('user_id', None) username = get_container_username(environ, config) - auth_user = AuthUser(user_id, api_key, username) request.user = auth_user self.rhodecode_user = c.rhodecode_user = auth_user