summaryrefslogtreecommitdiffstats
path: root/virtualenv
diff options
context:
space:
mode:
authorThomas NOEL <tnoel@entrouvert.com>2013-10-31 16:12:13 (GMT)
committerThomas NOEL <tnoel@entrouvert.com>2013-10-31 16:12:13 (GMT)
commitb43a78203cb1102f8484fef1585d86c14a1bd148 (patch)
treeb748aa5027bdb65794d77e117200afc559204b69 /virtualenv
parentf6dbea879f23aab0cbf7db77a7fe659b5e828f18 (diff)
downloadunivnautes-old-b43a78203cb1102f8484fef1585d86c14a1bd148.zip
univnautes-old-b43a78203cb1102f8484fef1585d86c14a1bd148.tar.gz
univnautes-old-b43a78203cb1102f8484fef1585d86c14a1bd148.tar.bz2
pffedportal: use sessions.backends.file
Diffstat (limited to 'virtualenv')
-rwxr-xr-xvirtualenv/bin/cp_del_sessions.sh14
-rwxr-xr-xvirtualenv/bin/univnautes-cleanup.sh5
-rwxr-xr-xvirtualenv/pffedportal/cleanup_sessions.py48
-rwxr-xr-xvirtualenv/pffedportal/del_sessions_by_pfsenseid.py26
-rw-r--r--virtualenv/pffedportal/settings.py9
-rwxr-xr-xvirtualenv/rc.d/univnautes.sh4
6 files changed, 61 insertions, 45 deletions
diff --git a/virtualenv/bin/cp_del_sessions.sh b/virtualenv/bin/cp_del_sessions.sh
deleted file mode 100755
index fdc80a5..0000000
--- a/virtualenv/bin/cp_del_sessions.sh
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/usr/local/bin/bash
-
-# cp_del_sessions.sh delete all pffedportal (django) sessions relative
-# to a (list of) sessionid from the pfsense captive portal.
-
-# syntax: cp_del_sessions.sh [sessionid_from_pfsense] [...]
-
-# activate virtualenv
-cd /usr/local/univnautes
-. bin/activate
-cd pffedportal
-# engiiiine starrrrt
-python del_sessions_by_pfsenseid.py $*
-
diff --git a/virtualenv/bin/univnautes-cleanup.sh b/virtualenv/bin/univnautes-cleanup.sh
index 34425a3..c931805 100755
--- a/virtualenv/bin/univnautes-cleanup.sh
+++ b/virtualenv/bin/univnautes-cleanup.sh
@@ -1,13 +1,14 @@
#!/bin/sh
# clean out old data from the database (sessions)
-# Cf https://docs.djangoproject.com/en/dev/ref/django-admin/#cleanup
cd /usr/local/univnautes
. bin/activate
cd pffedportal
-python ./manage.py cleanup
+python ./cleanup_sessions.py
+
+# Cf https://docs.djangoproject.com/en/dev/ref/django-admin/#cleanup
cd ..
cd pfidp
python ./manage.py cleanup
diff --git a/virtualenv/pffedportal/cleanup_sessions.py b/virtualenv/pffedportal/cleanup_sessions.py
new file mode 100755
index 0000000..47976e4
--- /dev/null
+++ b/virtualenv/pffedportal/cleanup_sessions.py
@@ -0,0 +1,48 @@
+#!/usr/bin/env python
+
+'''
+delete all django sessions:
+* if pfsenseid exists in session but is not in captiveportal.db
+* if session is expired
+'''
+
+# initialise django environnement for pffedportal
+# note : the script must be launch into the pffedportal direcory
+import os
+os.environ['DJANGO_SETTINGS_MODULE'] = "settings"
+
+import csv
+import datetime
+from django.conf import settings
+from django.contrib.sessions.backends.file import SessionStore
+
+# load pfsenseid list from captiveportal.db
+pfsenseids = [l[5] for l in csv.reader(open('/var/db/captiveportal.db'))]
+
+storage_path = settings.SESSION_FILE_PATH
+file_prefix = settings.SESSION_COOKIE_NAME
+
+for session_file in os.listdir(storage_path):
+ if not session_file.startswith(file_prefix):
+ continue
+ session_key = session_file[len(file_prefix):]
+ session = SessionStore(session_key)
+ # When an expired session is loaded, its file is removed, and a
+ # new file is immediately created. Prevent this by disabling
+ # the create() method.
+ session.create = lambda: None
+
+ session_data = session.load()
+
+ # pfsenseid doesn't exist in captiveportal.db
+ if session_data.get('pfsenseid') and session_data['pfsenseid'] not in pfsenseids:
+ session.delete()
+ continue
+
+ # expired
+ modification = os.stat(session._key_to_file()).st_ctime
+ age = datetime.datetime.now() - datetime.datetime.fromtimestamp(modification)
+ if age.seconds > session.get_expiry_age():
+ session.delete()
+ continue
+
diff --git a/virtualenv/pffedportal/del_sessions_by_pfsenseid.py b/virtualenv/pffedportal/del_sessions_by_pfsenseid.py
deleted file mode 100755
index 3ec7e4b..0000000
--- a/virtualenv/pffedportal/del_sessions_by_pfsenseid.py
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/usr/bin/env python
-
-'''
-delete all pffedportal (django) sessions relative to a (list of) sessionid from
-the pfsense captive portal.
-syntax : del_sessions_by_pfsenseid.py [sessionid_from_pfsense] [...]
-'''
-
-# initialise django environnement for pffedportal
-# note : the script must be launch into the pffedportal direcory
-import os
-os.environ['DJANGO_SETTINGS_MODULE'] = "settings"
-
-import sys
-from django.contrib.sessions.models import Session
-
-pfsenseids = sys.argv[1::]
-
-# delete each session containing a sessionid in argv
-for s in Session.objects.all():
- d = s.get_decoded()
- if 'pfsenseid' in d:
- if d['pfsenseid'] in pfsenseids:
- print "delete session %s (pfsenseid=%s)" % (s.pk, d['pfsenseid'])
- s.delete()
-
diff --git a/virtualenv/pffedportal/settings.py b/virtualenv/pffedportal/settings.py
index 06268ae..4f5c11c 100644
--- a/virtualenv/pffedportal/settings.py
+++ b/virtualenv/pffedportal/settings.py
@@ -105,7 +105,14 @@ INSTALLED_APPS = (
'base',
)
-SESSION_COOKIE_NAME = "pffedportalsessionid"
+SESSION_COOKIE_NAME = 'pffedportalsessionid'
+
+SESSION_ENGINE = 'django.contrib.sessions.backends.file'
+SESSION_FILE_PATH = '/var/tmp/pffedportalsessions'
+try:
+ os.mkdir(SESSION_FILE_PATH)
+except:
+ pass
AUTH_FRONTENDS = ('authentic2.authsaml2.frontend.AuthSAML2Frontend',)
diff --git a/virtualenv/rc.d/univnautes.sh b/virtualenv/rc.d/univnautes.sh
index 3412074..a2d1926 100755
--- a/virtualenv/rc.d/univnautes.sh
+++ b/virtualenv/rc.d/univnautes.sh
@@ -113,8 +113,8 @@ _cronstart() {
log "update-metadata cron started (every $REFRESH seconds)"
/usr/local/bin/minicron $REFRESH /var/run/update-map-cron.pid $MAPUPDATER
log "update-map cron started (every $REFRESH seconds)"
- /usr/local/bin/minicron $REFRESH /var/run/cleanup-cron.pid $CLEANUP
- log "cleanup cron started (every $REFRESH seconds)"
+ /usr/local/bin/minicron 300 /var/run/cleanup-cron.pid $CLEANUP
+ log "cleanup cron started (every 300 seconds)"
/usr/local/bin/minicron 86400 /var/run/tcpdump-restart-cron.pid $TCPDUMPRESTART
log "tcpdump-restart cron started (every 86400 seconds)"
}