From ad7f099aefc17d04a2a04deb7fd3055adc8cd84a Mon Sep 17 00:00:00 2001
From: Todd Willey <todd@ansolabs.com>
Date: Tue, 27 Jul 2010 01:03:05 -0400
Subject: Flag for SessionToken ttl setting.

---
 nova/compute/model.py        | 12 ++++++++++--
 nova/flags.py                |  2 ++
 nova/tests/model_unittest.py | 11 ++++++++++-
 3 files changed, 22 insertions(+), 3 deletions(-)

(limited to 'nova')

diff --git a/nova/compute/model.py b/nova/compute/model.py
index bae93b6c1..212830d3c 100644
--- a/nova/compute/model.py
+++ b/nova/compute/model.py
@@ -235,6 +235,7 @@ class SessionToken(datastore.BasicModel):
 
     def __init__(self, session_token):
         self.token = session_token
+        self.default_ttl = FLAGS.auth_token_ttl
         super(SessionToken, self).__init__()
 
     @property
@@ -243,7 +244,7 @@ class SessionToken(datastore.BasicModel):
 
     def default_state(self):
         now = datetime.datetime.utcnow()
-        diff = datetime.timedelta(hours=1)
+        diff = datetime.timedelta(seconds=self.default_ttl)
         expires = now + diff
         return {'user': None, 'session_type': None, 'token': self.token,
                 'expiry': expires.strftime(utils.TIME_FORMAT)}
@@ -282,7 +283,7 @@ class SessionToken(datastore.BasicModel):
     def update_expiry(self, **kwargs):
         """updates the expirty attribute, but doesn't save"""
         if not kwargs:
-            kwargs['hours'] = 1
+            kwargs['seconds'] = self.default_ttl
         time = datetime.datetime.utcnow()
         diff = datetime.timedelta(**kwargs)
         expires = time + diff
@@ -293,6 +294,13 @@ class SessionToken(datastore.BasicModel):
         expires = utils.parse_isotime(self['expiry'])
         return expires <= now
 
+    def ttl(self):
+        """number of seconds remaining before expiration"""
+        now = datetime.datetime.utcnow()
+        expires = utils.parse_isotime(self['expiry'])
+        delta = expires - now
+        return (delta.seconds + (delta.days * 24 * 3600))
+
 
 if __name__ == "__main__":
     import doctest
diff --git a/nova/flags.py b/nova/flags.py
index 06ea1e007..3c1a0acaf 100644
--- a/nova/flags.py
+++ b/nova/flags.py
@@ -75,6 +75,8 @@ DEFINE_string('vpn_key_suffix',
               '-key',
               'Suffix to add to project name for vpn key')
 
+DEFINE_integer('auth_token_ttl', 3600, 'Seconds for auth tokens to linger')
+
 # UNUSED
 DEFINE_string('node_availability_zone',
                     'nova',
diff --git a/nova/tests/model_unittest.py b/nova/tests/model_unittest.py
index 88ba5e6e9..24c08a908 100644
--- a/nova/tests/model_unittest.py
+++ b/nova/tests/model_unittest.py
@@ -16,7 +16,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
-from datetime import datetime
+from datetime import datetime, timedelta
 import logging
 import time
 from twisted.internet import defer
@@ -290,3 +290,12 @@ class ModelTestCase(test.TrialTestCase):
     def test_session_token_is_expired_when_not_expired(self):
         instance = yield model.SessionToken.generate("testuser")
         self.assertFalse(instance.is_expired())
+
+    @defer.inlineCallbacks
+    def test_session_token_ttl(self):
+        instance = yield model.SessionToken.generate("testuser")
+        now = datetime.utcnow()
+        delta = timedelta(hours=1)
+        instance['expiry'] = (now + delta).strftime(utils.TIME_FORMAT)
+        # give 5 seconds of fuzziness
+        self.assert_(abs(instance.ttl() - FLAGS.auth_token_ttl) < 5)
-- 
cgit