--- a/pvl/login/server.py Mon Jan 13 21:14:52 2014 +0200
+++ b/pvl/login/server.py Mon Jan 13 22:21:42 2014 +0200
@@ -235,7 +235,7 @@
yield 'cloud', None, "Network address", pubtkt.cip
if pubtkt.udata :
- yield 'comment', None, "Associated data", pubtkt.udata
+ yield 'comment', None, "User data", pubtkt.udata
for token in pubtkt.tokens :
yield 'flag', None, "Access token", token
@@ -476,8 +476,8 @@
login_domain = 'test.paivola.fi'
login_server = 'login.test.paivola.fi'
- login_valid = datetime.timedelta(seconds=60)
- login_grace = datetime.timedelta(seconds=30)
+ login_valid = datetime.timedelta(minutes=60)
+ login_grace = datetime.timedelta(minutes=15)
login_scheme = 'https'
cookie_name = 'auth_pubtkt'
@@ -515,7 +515,7 @@
def auth (self, username, password) :
"""
- Perform authentication, returning a PubTkt, signed, or None.
+ Perform authentication, returning a PubTkt (unsiigned) or None.
Raises auth.AuthError.
"""
@@ -525,14 +525,11 @@
if not auth :
return None
- tokens = list(self._auth.access(auth))
- udata = self._auth.userdata(auth)
-
return pubtkt.PubTkt.new(username,
valid = self.login_valid,
grace = self.login_grace,
- tokens = tokens,
- udata = udata,
+ tokens = list(self._auth.access(auth)),
+ udata = self._auth.userdata(auth),
)
def sign (self, pubtkt) :
@@ -546,8 +543,15 @@
"""
Renew and re-sign the given pubtkt.
"""
+
+ auth = self._auth.renew(pubtkt.uid)
+
+ if not auth :
+ raise pubtkt.RenewError("Unable to re-authenticate")
- # XXX: inplace
- pubtkt.renew(self.login_valid, self.login_grace)
-
- return pubtkt
+ return pubtkt.update(
+ valid = self.login_valid,
+ grace = self.login_grace,
+ tokens = list(self._auth.access(auth)),
+ udata = self._auth.userdata(auth),
+ )