cco/py-scopes
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

auth: logout: start implementation (expire cookie)

Browse source
This commit is contained in:
Helmut Merz 2025-04-20 10:42:42 +02:00
parent d128c5f138
commit 67985a6bdb
2 changed files with 11 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
scopes/server/auth.py
View file

@ -48,11 +48,8 @@ class OidcAuthentication:
Authenticator(request).login() Authenticator(request).login()
def logout(self, request): def logout(self, request):
print('*** OidcAuthentication: logout')
Authenticator(request).logout() Authenticator(request).logout()
JwtAuthentication = OidcAuthentication # old name - still used?
authentication = OidcAuthentication(None) authentication = OidcAuthentication(None)
@ -72,7 +69,6 @@ class Principal:
@property @property
def groups(self): def groups(self):
groups = [self.group_prefix + g for g in self.data.get('groups', [])] groups = [self.group_prefix + g for g in self.data.get('groups', [])]
print('*** Principal.groups', groups)
return groups return groups
def asDict(self): def asDict(self):
@ -125,7 +121,7 @@ class Authenticator(DummyFolder):
) )
self.storeSession(dict(state=state, nonce=nonce, code_verifier=codeVerifier)) self.storeSession(dict(state=state, nonce=nonce, code_verifier=codeVerifier))
loginUrl = '?'.join((self.params['auth_url'], urlencode(args))) loginUrl = '?'.join((self.params['auth_url'], urlencode(args)))
print('***', loginUrl) logger.debug('login: URL %s', loginUrl)
req.response.redirect(loginUrl, trusted=True) req.response.redirect(loginUrl, trusted=True)
def callback(self): def callback(self):
@ -163,14 +159,17 @@ class Authenticator(DummyFolder):
req.response.redirect(self.reqUrl, trusted=True) req.response.redirect(self.reqUrl, trusted=True)
def logout(self): def logout(self):
pass cname = self.params['cookie_name']
logger.debug('logout, cookie: %s', cname)
self.request.response.expireCookie(cname, path='/')
self.request.response.redirect(config.base_url, trusted=True)
def storeSession(self, data): def storeSession(self, data):
lifetime = int(self.params['cookie_lifetime']) lifetime = int(self.params['cookie_lifetime'])
options = dict( options = dict(
path='/', path='/',
expires=formatdate(time() + lifetime, localtime=False, usegmt=True), expires=formatdate(time() + lifetime, localtime=False, usegmt=True),
httponly=True, #httponly=True,
) )
options['max-age'] = lifetime options['max-age'] = lifetime
domain = self.params['cookie_domain'] domain = self.params['cookie_domain']
@ -198,7 +197,6 @@ class Authenticator(DummyFolder):
@register('auth', Root) @register('auth', Root)
def authView(context, request): def authView(context, request):
print('*** auth', context, request['PATH_INFO'])
return Authenticator(request) return Authenticator(request)
@register('login', Authenticator) @register('login', Authenticator)
@ -213,5 +211,5 @@ def callback(context, request):
@register('logout', Authenticator) @register('logout', Authenticator)
def logout(context, request): def logout(context, request):
print('*** logout', context, request['PATH_INFO'], request.getTraversalStack()) context.logout()
return DefaultView(context, request) return DefaultView(context, request)

4
scopes/server/browser.py
View file

@ -1,9 +1,12 @@
# scopes.server.browser # scopes.server.browser
import json import json
import logging
from zope.interface import implementer from zope.interface import implementer
from scopes.interfaces import IContainer, IReference, IView from scopes.interfaces import IContainer, IReference, IView
logger = logging.getLogger('server.browser')
views = {} # registry for all views: {name: {prefix: viewClass, ...}, ...} views = {} # registry for all views: {name: {prefix: viewClass, ...}, ...}
def register(name, *contextTypes): def register(name, *contextTypes):
@ -29,6 +32,7 @@ def getView(request, ob, name):
factory = nameEntry.get('') factory = nameEntry.get('')
if factory is None: if factory is None:
return None return None
logger.debug('getView: %s %s', ob, request['PATH_INFO'])
return factory(ob, request) return factory(ob, request)