Previously, we were just relying on the cookie expiration
for sessions to expire. We were not cleaning up Session
records either.
Rework timing to depend on an AURREMEMBER cookie which is
now emitted on login during BasicAuthBackend processing.
If the SID does still have a session but it's expired,
we now delete the session record before returning.
Otherwise, we update the session's LastUpdateTS to
the current time.
In addition, stored the unauthenticated result value
in a variable to reduce redundancy.
Signed-off-by: Kevin Morris <kevr@0cost.org>
There's a space between every 4 characters in the fingerprint
in PHP; we were missing it in FastAPI. This commit fixes that
inconsistency.
Signed-off-by: Kevin Morris <kevr@0cost.org>
We've seen a bug in the past where unique SID generation fails and
still ends up raising an exception.
This commit reworks how we deal with database exceptions internally,
tries for 36 iterations to set a fresh unique SID, and raises a 500
HTTPException if we were unable to.
Signed-off-by: Kevin Morris <kevr@0cost.org>
This was missed during the initial porting of the /login route.
Modifications:
-------------
- A form is now used for the [Logout] link and some css was
needed to deal with positioning.
Closes#186
Signed-off-by: Kevin Morris <kevr@0cost.org>
We were running into data race issues where the `fn.is_file()`
check would occur twice before writing the file in the `else`
clause. For this reason, a new aurweb.lock.Lock class has been
added which doubles as a thread and process lock. We can use
this elsewhere in the future, but we are also able to use it
to solve this kind of data race issue.
That being said, we still need the lock file state to tell us
when the first caller acquired the lock.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Changes:
- util/sendmail now populates email files in the 'test-emails' directory.
- util/sendmail does this in a serialized fashion based off of
the test suite and name retrieved from PYTEST_CURRENT_TEST
in the format: `<test_suite>_<test_function>.n.txt` where n
is increased by one every time sendmail is run.
- pytest conftest fixtures have been added for test email setup;
it wipes out old emails for the particular test function being run.
- New aurweb.testing.email.Email class allows developers to test
against emails stored by util/sendmail. Simple pass the serial
you want to test against, starting at serial = 1; e.g. Email(serial).
Signed-off-by: Kevin Morris <kevr@0cost.org>
Introduces:
- aurweb.testing.alpm.AlpmDatabase
- Used to mock up and manage a remote repository.
- templates/testing/alpm_package.j2
- Used to generate a single ALPM package desc.
- Removed aurblup sharness test
Signed-off-by: Kevin Morris <kevr@0cost.org>
This can be used to update config values for the entirety
of a config. When config values are set through this tool,
$AUR_CONFIG is overridden with a copy of the config file
with all sections and options found in $AUR_CONFIG
+ $AUR_CONFIG_DEFAULTS.
Signed-off-by: Kevin Morris <kevr@0cost.org>
Host a specific FastAPI nginx frontend as well as a PHP
nginx frontend, configurable by the (PHP|FASTAPI)_NGINX_PORT
environment variables.
Signed-off-by: Kevin Morris <kevr@0cost.org>
