source: main/waeup.kofa/branches/uli-rm-bootstrap/src/waeup/kofa/beaker.py @ 17650

Last change on this file since 17650 was 12110, checked in by Henrik Bettermann, 10 years ago

svn propset svn:keywords "Id"

  • Property svn:keywords set to Id
File size: 1.9 KB
Line 
1"""Configure dolmen.beaker.
2
3One main advantage of using dolmen.beaker is that session data for a
4certain user can be stored almost automatically in a cookie, thus
5reducing the number of needed ZODB operations.
6
7Security Advisory
8-----------------
9
10To prevent users from playing around with their session data, these
11data is encrypted by some keys stored in a dict registered as a global
12utility.
13
14These keys are set each time the Zope instance starts. If they change,
15all existing cookies will become unreadable and therefore the stored
16sessions will be lost. Already logged-in users will have to login
17again and all other session based operations might have to be
18restarted.
19
20Changing the keys might therefore have sideeffects.
21
22On the other hand static keys stored in SVN might become known to
23users and enable them to manipulate their session data.
24
25For better security the keys (or one of the keys) could therefore be
26gathered from 'outside' (a file in filesystem, some environment var,
27or whatever).
28"""
29import grok
30from zope.app.appsetup.interfaces import IDatabaseOpenedWithRootEvent
31from zope.component import getUtility
32
33#: Our configuration for dolmen.beaker sessions.
34#:
35#: See http://gitweb.dolmen-project.org/dolmen.beaker.git?a=blob;f=src/dolmen/beaker/utilities.py
36#:
37#: for default configuration.
38BEAKER_CONFIG = dict(
39    data_dir=None,
40    invalidate_corrupt=True,
41    key='waeup.kofa.session.id',
42    log_file=None,
43    secret="KofaRocks",
44    timeout=600,
45    type="cookie",
46    validate_key="thisMightBeChanged",
47    )
48
49@grok.subscribe(IDatabaseOpenedWithRootEvent)
50def set_beaker_conf(event):
51    # Set beaker conf once when ZODB was opened
52    try:
53        from dolmen.beaker.interfaces import ISessionConfig
54    except ImportError:
55        # we seem to work without dolmen.beaker
56        return
57
58    config = getUtility(ISessionConfig)
59    config.update(BEAKER_CONFIG)
60    return
Note: See TracBrowser for help on using the repository browser.