added basic auth logout to client #542

sandialabs · Dec 7, 2015 · 49ad787 · 49ad787
1 parent e763e13
commit 49ad787
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 9 deletions.
diff --git a/feed-server/slycat-feed-server.py b/feed-server/slycat-feed-server.py
@@ -214,6 +214,8 @@ def get(self, *args, **kwargs):
       tornado.websocket.WebSocketHandler.get(self, *args, **kwargs)
     except tornado.web.HTTPError as e:
       self.set_status(e.status, e.reason)
+    except couch.NotFound:
+      raise tornado.web.HTTPError(404, reason="Session not found, could be expired, authorization required.")
     except Exception as e:
       raise
 

diff --git a/packages/slycat/web/server/handlers.py b/packages/slycat/web/server/handlers.py
@@ -669,16 +669,19 @@ def login(un, pw):
 
 def logout():
   # See if the client has a valid session.
-  if "slycatauth" in cherrypy.request.cookie:
-    sid = cherrypy.request.cookie["slycatauth"].value
-    couchdb = slycat.web.server.database.couchdb.connect()
-    session = couchdb.get("session", sid)
-    if session is not None:
-      cherrypy.response.status = "204 session deleted." + json.dumps(session) + str(couchdb.delete(session))
+  try:
+    if "slycatauth" in cherrypy.request.cookie:
+      sid = cherrypy.request.cookie["slycatauth"].value
+      couchdb = slycat.web.server.database.couchdb.connect()
+      session = couchdb.get("session", sid)
+      if session is not None:
+        cherrypy.response.status = "204 session deleted." + json.dumps(session) + str(couchdb.delete(session))
+      else:
+        cherrypy.response.status = "204 session not deleted." + json.dumps(session) + sid + str(session.get("_id") is sid) + ":::::" + session.get("_id") + ":::::" + sid
     else:
-      cherrypy.response.status = "204 session not deleted." + json.dumps(session) + sid + str(session.get("_id") is sid) + ":::::" + session.get("_id") + ":::::" + sid
-  else:
-    cherrypy.response.status = "404 no auth found"
+      cherrypy.response.status = "401 no auth found"
+  except Exception as e:
+    raise
 
 @cherrypy.tools.json_in(on = True)
 def put_model_inputs(mid):

diff --git a/web-server/plugins/slycat-standard-authentication.py b/web-server/plugins/slycat-standard-authentication.py
@@ -30,10 +30,21 @@ def authenticate(realm, rules=None):
     # See if the client already has a valid session.
     if "slycatauth" in cherrypy.request.cookie:
       sid = cherrypy.request.cookie["slycatauth"].value
+      couchdb = slycat.web.server.database.couchdb.connect()
+      session = None
+      try:
+        session = couchdb.get("session", sid)
+      except:
+        pass
       if sid in authenticate.sessions:
         started = authenticate.sessions[sid]["created"]
         if datetime.datetime.utcnow() - started > cherrypy.request.app.config["slycat"]["session-timeout"]:
           del authenticate.sessions[sid]
+        elif session is None:
+          cherrypy.log.error("@%s: deleting local session." % (remote_ip))
+          del authenticate.sessions[sid]
+          cherrypy.response.headers["www-authenticate"] = "Basic realm=\"%s\"" % realm
+          raise cherrypy.HTTPError(401, "Authentication required.")
         else:
           # Ensure that the user is logged correctly ...
           cherrypy.request.login = authenticate.sessions[sid]["creator"]