diff options
| author | Todd Willey <todd@ansolabs.com> | 2010-07-27 01:03:05 -0400 |
|---|---|---|
| committer | Todd Willey <todd@ansolabs.com> | 2010-07-27 01:03:05 -0400 |
| commit | ad7f099aefc17d04a2a04deb7fd3055adc8cd84a (patch) | |
| tree | 512b9ab019e7cb76b9da358e80b1741f9b37cc24 /nova | |
| parent | 74ce3aef4dafca8b0fc6bf0404725afdefe335ec (diff) | |
| download | nova-ad7f099aefc17d04a2a04deb7fd3055adc8cd84a.tar.gz nova-ad7f099aefc17d04a2a04deb7fd3055adc8cd84a.tar.xz nova-ad7f099aefc17d04a2a04deb7fd3055adc8cd84a.zip | |
Flag for SessionToken ttl setting.
Diffstat (limited to 'nova')
| -rw-r--r-- | nova/compute/model.py | 12 | ||||
| -rw-r--r-- | nova/flags.py | 2 | ||||
| -rw-r--r-- | nova/tests/model_unittest.py | 11 |
3 files changed, 22 insertions, 3 deletions
diff --git a/nova/compute/model.py b/nova/compute/model.py index bae93b6c1..212830d3c 100644 --- a/nova/compute/model.py +++ b/nova/compute/model.py @@ -235,6 +235,7 @@ class SessionToken(datastore.BasicModel): def __init__(self, session_token): self.token = session_token + self.default_ttl = FLAGS.auth_token_ttl super(SessionToken, self).__init__() @property @@ -243,7 +244,7 @@ class SessionToken(datastore.BasicModel): def default_state(self): now = datetime.datetime.utcnow() - diff = datetime.timedelta(hours=1) + diff = datetime.timedelta(seconds=self.default_ttl) expires = now + diff return {'user': None, 'session_type': None, 'token': self.token, 'expiry': expires.strftime(utils.TIME_FORMAT)} @@ -282,7 +283,7 @@ class SessionToken(datastore.BasicModel): def update_expiry(self, **kwargs): """updates the expirty attribute, but doesn't save""" if not kwargs: - kwargs['hours'] = 1 + kwargs['seconds'] = self.default_ttl time = datetime.datetime.utcnow() diff = datetime.timedelta(**kwargs) expires = time + diff @@ -293,6 +294,13 @@ class SessionToken(datastore.BasicModel): expires = utils.parse_isotime(self['expiry']) return expires <= now + def ttl(self): + """number of seconds remaining before expiration""" + now = datetime.datetime.utcnow() + expires = utils.parse_isotime(self['expiry']) + delta = expires - now + return (delta.seconds + (delta.days * 24 * 3600)) + if __name__ == "__main__": import doctest diff --git a/nova/flags.py b/nova/flags.py index 06ea1e007..3c1a0acaf 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -75,6 +75,8 @@ DEFINE_string('vpn_key_suffix', '-key', 'Suffix to add to project name for vpn key') +DEFINE_integer('auth_token_ttl', 3600, 'Seconds for auth tokens to linger') + # UNUSED DEFINE_string('node_availability_zone', 'nova', diff --git a/nova/tests/model_unittest.py b/nova/tests/model_unittest.py index 88ba5e6e9..24c08a908 100644 --- a/nova/tests/model_unittest.py +++ b/nova/tests/model_unittest.py @@ -16,7 +16,7 @@ # License for the specific language governing permissions and limitations # under the License. -from datetime import datetime +from datetime import datetime, timedelta import logging import time from twisted.internet import defer @@ -290,3 +290,12 @@ class ModelTestCase(test.TrialTestCase): def test_session_token_is_expired_when_not_expired(self): instance = yield model.SessionToken.generate("testuser") self.assertFalse(instance.is_expired()) + + @defer.inlineCallbacks + def test_session_token_ttl(self): + instance = yield model.SessionToken.generate("testuser") + now = datetime.utcnow() + delta = timedelta(hours=1) + instance['expiry'] = (now + delta).strftime(utils.TIME_FORMAT) + # give 5 seconds of fuzziness + self.assert_(abs(instance.ttl() - FLAGS.auth_token_ttl) < 5) |