From 34bb81a826d023ce39714e1a6e027b19cf96a5fd Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Wed, 18 Jun 2014 00:04:08 -0400
Subject: [PATCH] Rework remote_login and remove protect decorator

The protect decorator was not really being used for anything, remove it.

Change the way UserSession's remote_login() works.
If called now it either sets a REMOTE_USER (if found) or nukes the current
user data in the session.
This means this function can be safely called only in a login plugin now.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 ipsilon/ipsilon                | 2 --
 ipsilon/util/page.py           | 4 ----
 ipsilon/util/user.py           | 7 +++++--
 templates/install/ipsilon.conf | 1 -
 4 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/ipsilon/ipsilon b/ipsilon/ipsilon
index fec19e4..8cabc85 100755
--- a/ipsilon/ipsilon
+++ b/ipsilon/ipsilon
@@ -60,8 +60,6 @@ admin_config = datastore.get_admin_config()
 for option in admin_config:
     cherrypy.config[option] = admin_config[option]
 
-cherrypy.tools.protect = cherrypy.Tool('before_handler', page.protect)
-
 templates = os.path.join(cherrypy.config['base.dir'], 'templates')
 template_env = Environment(loader=FileSystemLoader(templates))
 
diff --git a/ipsilon/util/page.py b/ipsilon/util/page.py
index ae1f116..e90ec2d 100755
--- a/ipsilon/util/page.py
+++ b/ipsilon/util/page.py
@@ -33,10 +33,6 @@ def admin_protect(fn):
     return check
 
 
-def protect():
-    UserSession().remote_login()
-
-
 class Page(object):
     def __init__(self, site, form=False):
         if 'template_env' not in site:
diff --git a/ipsilon/util/user.py b/ipsilon/util/user.py
index f47c072..7c53526 100755
--- a/ipsilon/util/user.py
+++ b/ipsilon/util/user.py
@@ -111,7 +111,9 @@ class UserSession(object):
 
     def remote_login(self):
         if cherrypy.request.login:
-            return self.login(cherrypy.request.login)
+            self.login(cherrypy.request.login)
+        else:
+            self.nuke_data('user')
 
     def login(self, username):
         if self.user == username:
@@ -120,8 +122,9 @@ class UserSession(object):
         # REMOTE_USER changed, replace user
         self.nuke_data('user')
         self.save_data('user', 'name', username)
+        self.user = username
 
-        cherrypy.log('LOGIN SUCCESSFUL: %s', username)
+        cherrypy.log('LOGIN SUCCESSFUL: %s' % username)
 
     def logout(self, user):
         if user is not None:
diff --git a/templates/install/ipsilon.conf b/templates/install/ipsilon.conf
index 8ab17d1..bbc4de6 100644
--- a/templates/install/ipsilon.conf
+++ b/templates/install/ipsilon.conf
@@ -13,4 +13,3 @@ tools.sessions.storage_path = "${datadir}/sessions"
 tools.sessions.timeout = 60
 tools.sessions.httponly = ${secure}
 tools.sessions.secure = ${secure}
-tools.protect.on = True
-- 
2.20.1