15.2.147. camcops_server.cc_modules.cc_session

camcops_server/cc_modules/cc_session.py

Copyright (C) 2012, University of Cambridge, Department of Psychiatry. Created by Rudolf Cardinal (rnc1001@cam.ac.uk).

This file is part of CamCOPS.

CamCOPS is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

CamCOPS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with CamCOPS. If not, see <https://www.gnu.org/licenses/>.

Implements sessions for web clients (humans).

class camcops_server.cc_modules.cc_session.CamcopsSession(ip_addr=None, last_activity_utc=None)[source]

Class representing an HTTPS session.

__init__(ip_addr=None, last_activity_utc=None)
Parameters

  • ip_addr – client IP address

  • last_activity_utc – date/time of last activity that occurred

classmethod delete_old_sessions(req: CamcopsRequest) None[source]

Delete all expired sessions.

classmethod get_oldest_last_activity_allowed(req: CamcopsRequest) pendulum.datetime.DateTime[source]

What is the latest time that the last activity (for a session) could have occurred, before the session would have timed out?

Calculated as now - session_timeout.

classmethod get_session(req: CamcopsRequest, session_id_str: Optional[str], session_token: Optional[str]) CamcopsSession[source]

Retrieves, or makes, a new camcops_server.cc_modules.cc_session.CamcopsSession for this Pyramid Request, given a specific session_id and session_token.

classmethod get_session_for_tablet(ts: TabletSession) CamcopsSession[source]

For a given camcops_server.cc_modules.cc_tabletsession.TabletSession (used by tablet client devices), returns a corresponding camcops_server.cc_modules.cc_session.CamcopsSession.

This also performs user authorization.

User authentication is via the camcops_server.cc_modules.cc_session.CamcopsSession.

classmethod get_session_using_cookies(req: CamcopsRequest) CamcopsSession[source]

Makes, or retrieves, a new camcops_server.cc_modules.cc_session.CamcopsSession for this Pyramid Request.

The session is found using the ID/token information in the request’s cookies.

get_task_filter() camcops_server.cc_modules.cc_taskfilter.TaskFilter[source]

Returns the camcops_server.cc_modules.cc_taskfilter.TaskFilter in use for this session.

property last_activity_utc_iso: str

Returns a formatted version of the date/time at which the last activity took place for this session.

login(user: camcops_server.cc_modules.cc_user.User) None[source]

Log in. Associates the user with the session and makes a new token.

2021-05-01: If this is an API session, we don’t interfere with other sessions. But if it is a human logging in, we log out any other non-API sessions from the same user (per security recommendations: one session per authenticated user – with exceptions that we make for API sessions).

logout() None[source]

Log out, wiping session details.

property username: Optional[str]

Returns the user’s username, or None.

camcops_server.cc_modules.cc_session.generate_token(num_bytes: int = 16) str[source]

Make a new session token that’s not in use.

It doesn’t matter if it’s already in use by a session with a different ID, because the ID/token pair is unique. (Removing that constraint gets rid of an in-principle-but-rare locking problem.)