sts-sponsors team mailing list archive

Thread
Date

[Merge] ~emdw/maas:timeout-configuration into maas:master

To: mp+435525@xxxxxxxxxxxxxxxxxx
From: Eline Maaike De Weerd <mp+435525@xxxxxxxxxxxxxxxxxx>
Date: Tue, 10 Jan 2023 16:49:29 -0000
Reply-to: mp+435525@xxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Eline Maaike De Weerd has proposed merging ~emdw/maas:timeout-configuration into maas:master.

Commit message:
added session_timeout to config items, and a maas sessionstore as session_engine in the settings



Requested reviews:
  MAAS Maintainers (maas-maintainers)

For more details, see:
https://code.launchpad.net/~emdw/maas/+git/maas/+merge/435525
-- 
Your team MAAS Maintainers is requested to review the proposed merge of ~emdw/maas:timeout-configuration into maas:master.

diff --git a/src/maasserver/djangosettings/settings.py b/src/maasserver/djangosettings/settings.py
index b838bd1..9cf2d4d 100644
--- a/src/maasserver/djangosettings/settings.py
+++ b/src/maasserver/djangosettings/settings.py
@@ -293,6 +293,7 @@ INSTALLED_APPS = (
     "piston3",
 )
 
+SESSION_ENGINE = "maasserver.sessiontimeout"
 
 # See http://docs.djangoproject.com/en/dev/topics/logging for more details on
 # how to customize the logging configuration. At present all logging config is
diff --git a/src/maasserver/forms/__init__.py b/src/maasserver/forms/__init__.py
index 7c8aca6..4fc8031 100644
--- a/src/maasserver/forms/__init__.py
+++ b/src/maasserver/forms/__init__.py
@@ -1715,6 +1715,7 @@ class MAASForm(ConfigForm):
     maas_name = get_config_field("maas_name")
     theme = get_config_field("theme")
     enable_analytics = get_config_field("enable_analytics")
+    session_length = get_config_field("session_length")
 
 
 class ProxyForm(ConfigForm):
diff --git a/src/maasserver/forms/settings.py b/src/maasserver/forms/settings.py
index ea3598e..8b9bd27 100644
--- a/src/maasserver/forms/settings.py
+++ b/src/maasserver/forms/settings.py
@@ -1054,6 +1054,20 @@ CONFIG_ITEMS = {
             "max_value": 90,
         },
     },
+    "session_length": {
+        "default": 1209600,
+        "form": forms.IntegerField,
+        "form_kwargs": {
+            "label": "Session timeout (seconds)",
+            "required": False,
+            "help_text": (
+                "Configure timeout of session (seconds). "
+                "Minimum 10s, maximum 2 weeks (1209600s)."
+            ),
+            "min_value": 10,
+            "max_value": 1209600,
+        },
+    },
 }
 
 
diff --git a/src/maasserver/forms/tests/test_settings.py b/src/maasserver/forms/tests/test_settings.py
index 010dbfb..a3e854c 100644
--- a/src/maasserver/forms/tests/test_settings.py
+++ b/src/maasserver/forms/tests/test_settings.py
@@ -123,3 +123,14 @@ class TestMAASThemeConfigSettings(MAASServerTestCase):
         value = [1, 2, 3]
         field = get_config_field("theme")
         self.assertEqual(str(value), field.clean(value))
+
+
+class TestMAASSessionTimeoutSettings(MAASServerTestCase):
+    def test_default_value(self):
+        form = get_config_form("session_length")
+        self.assertEqual({"session_length": 1209600}, form.initial)
+
+    def test_session_config(self):
+        value = 300
+        field = get_config_field("session_length")
+        self.assertEqual(value, field.clean(value))
diff --git a/src/maasserver/models/config.py b/src/maasserver/models/config.py
index 55dc312..6f840b1 100644
--- a/src/maasserver/models/config.py
+++ b/src/maasserver/models/config.py
@@ -146,6 +146,8 @@ def get_default_config():
         "vault_enabled": False,
         # Windows settings
         "windows_kms_host": None,
+        # Session timeout length (s)
+        "session_length": 1209600,
     }
 
 
diff --git a/src/maasserver/sessiontimeout.py b/src/maasserver/sessiontimeout.py
new file mode 100644
index 0000000..1c70766
--- /dev/null
+++ b/src/maasserver/sessiontimeout.py
@@ -0,0 +1,19 @@
+""" Custom sessionstore for a user-configurable session timeout. """
+
+from django.contrib.sessions.backends.db import SessionStore as DBStore
+
+from maasserver.models import Config
+
+
+def _get_timeout() -> int:
+    timeout = Config.objects.get_config("session_length")
+    return timeout
+
+
+class SessionStore(DBStore):
+    def __init__(self, session_key=None):
+        super().__init__(session_key)
+        self["_session_expiry"] = _get_timeout()
+
+    def get_session_cookie_age(self) -> int:
+        return _get_timeout()

Follow ups

[Merge] ~emdw/maas:timeout-configuration into maas:master
From: MAAS Lander, 2023-01-17
[Merge] ~emdw/maas:timeout-configuration into maas:master
From: Eline Maaike De Weerd, 2023-01-17
Re: [Merge] ~emdw/maas:timeout-configuration into maas:master
From: Adam Collard, 2023-01-17
Re: [UNITTESTS] -b timeout-configuration lp:~emdw/maas/+git/maas into -b master lp:~maas-committers/maas - TESTS PASS
From: MAAS Lander, 2023-01-16
Re: [Merge] ~emdw/maas:timeout-configuration into maas:master
From: Adam Collard, 2023-01-16
Re: [UNITTESTS] -b timeout-configuration lp:~emdw/maas/+git/maas into -b master lp:~maas-committers/maas - TESTS PASS
From: MAAS Lander, 2023-01-13
Re: [Merge] ~emdw/maas:timeout-configuration into maas:master
From: Adam Collard, 2023-01-12
Re: [Merge] ~emdw/maas:timeout-configuration into maas:master
From: Jack Lloyd-Walters, 2023-01-12
Re: [UNITTESTS] -b timeout-configuration lp:~emdw/maas/+git/maas into -b master lp:~maas-committers/maas - TESTS PASS
From: MAAS Lander, 2023-01-11
Re: [UNITTESTS] -b timeout-configuration lp:~emdw/maas/+git/maas into -b master lp:~maas-committers/maas - TESTS FAILED
From: MAAS Lander, 2023-01-10