bbangert / beaker Goto Github PK
View Code? Open in Web Editor NEWWSGI middleware for sessions and caching
Home Page: https://beaker.readthedocs.org/
License: Other
WSGI middleware for sessions and caching
Home Page: https://beaker.readthedocs.org/
License: Other
full traceback here: https://gist.github.com/zakdances/d4a8890b2b0eafe1fc84
I'm facing an issue that is a result of race conditions. Beaker sessions seem to mysteriously lose information or retain deleted information.
I'm running a (multithreaded) system which runs timed status checks. Each of these checks is an Ajax request. Each of these requests checks against session for the active user.
A certain operation - opening file contents - requires that I associate a (unique) ID with a filepath (and an html link) so that I can open the right file when its link is clicked. The association is done through another Ajax request. The problem arises when the association is done during the timespan of a previous request. When the previous request returns, it overwrites the session info with the previous content of session.
To illustrate better:
getjobs - before - session: {}
jobinfo - before - session: {}
jobinfo - after - session: {'b7b57eb3-e05c-4854-87a1-96e74d9f4e38': u'/foo/bar.log'}
getjobs - after - session: {}
getjobs - before - session: {}
getjobs - after - session: {}
getjobs - before - session: {}
Sessions are not 'auto', and are saved to database. JobInfo request (above) is the only one calling session.save()
Hi,
I'm using beaker on production for a big website (10k+ concurrent users) for years.
One day, one of our developers received that error Error: 'ascii' codec can't encode character u'\xb7' in position 143: ordinal not in range(128)
and I went down to debug what's happening. I could finally go to the correct line of error:
beaker/beaker/ext/memcached.py
Line 121 in 5c407db
I can continue my debug on our part to see why only after years it's happening now and stuff, but I just have a question: is there any special reason for replacing spaces with a unicode middle dot (·
)? I've put another string for replacement, like 'HELLO', without unicode stuff, it worked well on the development process.
If a browser happens to send an odd cookie your way Beaker crashes with this error:
File "/home/wichert/lib/buildout/eggs/Beaker-1.6.3-py2.7.egg/beaker/session.py", line 676, in __contains__
return key in self._session()
File "/home/wichert/lib/buildout/eggs/Beaker-1.6.3-py2.7.egg/beaker/session.py", line 647, in _session
**params)
File "/home/wichert/lib/buildout/eggs/Beaker-1.6.3-py2.7.egg/beaker/session.py", line 149, in __init__
self.cookie = Cookie.SimpleCookie(input=cookieheader)
File "/usr/lib/python2.7/Cookie.py", line 579, in __init__
if input: self.load(input)
File "/usr/lib/python2.7/Cookie.py", line 632, in load
self.__ParseString(rawdata)
File "/usr/lib/python2.7/Cookie.py", line 665, in __ParseString
self.__set(K, rval, cval)
File "/usr/lib/python2.7/Cookie.py", line 585, in __set
M.set(key, real_value, coded_value)
File "/usr/lib/python2.7/Cookie.py", line 460, in set
raise CookieError("Illegal key value: %s" % key)
CookieError: Illegal key value: cb_/zabbix/actionconf.php_parts
This is essentially Python bug 2988, which was never properly fixed - instead the broken behaviour was just documented. This means Beaker needs to be able to deal with this manually :(
Since 1.6.5 the installation script is installing the "tests" folder into site-packages/ folder, which can easily conflict with other packages. Please either install them in site-packages/beaker/tests or rather just don't install them, as all the top level test_* files were not installed already.
Related logs:
creating /build/python-beaker/pkg/python2-beaker/usr/lib/python2.7/site-packages/tests
creating /build/python-beaker/pkg/python2-beaker/usr/lib/python2.7/site-packages/tests/test_namespacing_files
copying build/lib/tests/test_namespacing_files/__init__.py -> /build/python-beaker/pkg/python2-beaker/usr/lib/python2.7/site-packages/tests/test_namespacing_files
copying build/lib/tests/test_namespacing_files/namespace_get.py -> /build/python-beaker/pkg/python2-beaker/usr/lib/python2.7/site-packages/tests/test_namespacing_files
copying build/lib/tests/test_namespacing_files/namespace_go.py -> /build/python-beaker/pkg/python2-beaker/usr/lib/python2.7/site-packages/tests/test_namespacing_files
I'm using the decorator 'cache_region' and it's not possible to cache a function which has kwargs :
@cache_region('short_term')
def a_function(x, y=None):
return 'whatever'
When invoking the function 'a_function', we get an exception like:
TypeError: cached() got an unexpected keyword argument 'y'
This behavior happens with any decorator for caching functions
When using an decorator for caching, the cached function loose it's docstring and its name becomes 'cached'
It's easy to fix that by using '@wraps' decorator :
https://docs.python.org/2/library/functools.html#functools.wraps
How to use beaker in tornado?
The GitHub project URL is:
which doesn't work. I'm assuming it's the SSL causing the problem b/c http://beaker.groovie.org/ works.
After having a read on http://turbogears.org/2.1/docs/main/Caching.html#configuring-beaker I just need to confirm this.
Do I need a cache.lock_dir directory when using ext:database? The docs make no mention of it unlike the file/memory cache, but I can see the lock_dir being referenced inside the code for sqlalchemy's handler.
It appears that none of the beaker.crypto code is ready for Python 3. In particular, pbkdf2.py does a bunch of isinstance() checks which enforce that the encryption keys are 'str' objects, and calls encode() on them if not. This is of course precisely backwards when working with str and bytes in Python 3.
I've tried making a few patches to the code, but this only serves to reveal additional issues, and I don't have the time to prepare a complete patch for now.
In the meantime, please update the docs to indicate that encrypted cookies (that is, cookie-only sessions) are not supported when running under Python 3.
$ make latex
mkdir -p build/latex build/doctrees
sphinx-build -b latex -d build/doctrees . build/latex
Running Sphinx v1.3.1
loading pickled environment... not yet created
building [mo]: targets for 0 po files that are out of date
building [latex]: all documents
updating environment: 17 added, 0 changed, 0 removed
reading sources... [100%] sessions
looking for now-outdated files... none found
pickling environment... done
checking consistency... /home/asarch/beaker/beaker/beaker/docs/glossary.rst:: WARNING: document isn't included in any toctree
done
WARNING: "latex_documents" config value references unknown document contents
copying TeX support files...
done
build succeeded, 2 warnings.
Build finished; the LaTeX files are in build/latex.
Run make all-pdf' or
make all-ps' in that directory to run these through (pdf)latex.
$ cd build/latex/
$ make all-pdf
make: Nothing to be done for `all-pdf'.
from beaker.cache import cache_regions, cache_region
# configure regions
cache_regions.update({
'short_term':{
'expire':'60',
'type':'memory'
}
})
@cache_region('short_term')
def load():
'''Load from a database given a search term, limit, offset.'''
return []
a = load()
------------------------------
a = load()
File "C:\Python27\lib\site-packages\beaker\cache.py", line 563, in cached
key_length = cache_regions[region]['key_length']
KeyError: 'key_length'
https://bitbucket.org/bbangert/beaker/overview
still says "Beaker Official Mirror". There is no immediately obvious reference to the github repository there. I signed up and submitted a pull request months ago, only to realise now that the canonical source is here on github.
The setup is a traditional web client (angularjs) making requests to a web server (python 2.6.9, gunicorn 19.0.0, beaker 1.6.4).
app handling code looks pretty much like so:
from beaker.middleware import SessionMiddleware
session_opts = {
"session.type": "cookie",
"session.validate_key": "some secret",
"session.cookie_expires": 3600*24*90,
"session.auto": True,
}
app_handler = ...
application = SessionMiddleware(app_handler, session_opts)
The web client makes one HTTP GET and two HTTP POST requests sequentially against the web server. The problem is that the last request doesn't seem to carry the session info that the first request added to the session. Here's what I see in the server logs:
So somehow the session info is cleared after the "POST /foo", which makes no sense to me. Am I missing something? Also, is beaker.session.id supposed to change all the time? I seem to always see a different value.
Thanks!
Beaker has some test failures with Python 3.
Numbers of errors and failures are different with different Python versions:
3.1: 92 tests, 11 skipped, 2 errors, 0 failures (more skipped tests due to WebTest unavailable)
3.2: 107 tests, 1 skipped, 10 errors, 17 failures
3.3: 107 tests, 1 skipped, 13 errors, 17 failures
Full results of test suite of Beaker trunk with Python 3.3:
$ PYTHONPATH="build/lib" nosetests-3.3 -P
FF.............................E....EE.............E..EEEFEEFEE.FF...FFFFFFFFFS..EE......../tmp/beaker/tests/test_session.py:17: BeakerWarning: Invalidating corrupt session 6b159927e00344938ea8cfafbdc53e24; error was: pickle data was truncated. Set invalidate_corrupt=False to propagate this exception.
return Session({}, **options)
.FF.............
======================================================================
ERROR: tests.test_container.test_dbm_container
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_container.py", line 98, in test_dbm_container
_run_container_test(clsmap['dbm'], totaltime, expiretime, delay, False)
File "/tmp/beaker/tests/test_container.py", line 68, in _run_container_test
value.clear_value()
File "/tmp/beaker/build/lib/beaker/container.py", line 427, in clear_value
if self.key in self.namespace:
File "/tmp/beaker/build/lib/beaker/container.py", line 598, in __contains__
return key in self.dbm
nose.proxy.TypeError: TypeError: dbm key must be string, not str
-------------------- >> begin captured stdout << ---------------------
testing <class 'beaker.container.DBMNamespaceManager'> for 10 secs with expiretime None delay 0
--------------------- >> end captured stdout << ----------------------
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
beaker.container: DEBUG: opening dbm file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
beaker.container: DEBUG: clear_value
beaker.container: DEBUG: closing dbm file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
--------------------- >> end captured logging << ---------------------
======================================================================
ERROR: tests.test_container.test_dbm_container_2
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_container.py", line 113, in test_dbm_container_2
test_dbm_container(expiretime=12)
File "/tmp/beaker/tests/test_container.py", line 98, in test_dbm_container
_run_container_test(clsmap['dbm'], totaltime, expiretime, delay, False)
File "/tmp/beaker/tests/test_container.py", line 68, in _run_container_test
value.clear_value()
File "/tmp/beaker/build/lib/beaker/container.py", line 427, in clear_value
if self.key in self.namespace:
File "/tmp/beaker/build/lib/beaker/container.py", line 598, in __contains__
return key in self.dbm
nose.proxy.TypeError: TypeError: dbm key must be string, not str
-------------------- >> begin captured stdout << ---------------------
testing <class 'beaker.container.DBMNamespaceManager'> for 10 secs with expiretime 12 delay 0
--------------------- >> end captured stdout << ----------------------
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
beaker.container: DEBUG: opening dbm file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
beaker.container: DEBUG: clear_value
beaker.container: DEBUG: closing dbm file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
--------------------- >> end captured logging << ---------------------
======================================================================
ERROR: tests.test_container.test_dbm_container_3
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_container.py", line 116, in test_dbm_container_3
test_dbm_container(expiretime=15, delay=2)
File "/tmp/beaker/tests/test_container.py", line 98, in test_dbm_container
_run_container_test(clsmap['dbm'], totaltime, expiretime, delay, False)
File "/tmp/beaker/tests/test_container.py", line 68, in _run_container_test
value.clear_value()
File "/tmp/beaker/build/lib/beaker/container.py", line 427, in clear_value
if self.key in self.namespace:
File "/tmp/beaker/build/lib/beaker/container.py", line 598, in __contains__
return key in self.dbm
nose.proxy.TypeError: TypeError: dbm key must be string, not str
-------------------- >> begin captured stdout << ---------------------
testing <class 'beaker.container.DBMNamespaceManager'> for 10 secs with expiretime 15 delay 2
--------------------- >> end captured stdout << ----------------------
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
beaker.container: DEBUG: opening dbm file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
beaker.container: DEBUG: clear_value
beaker.container: DEBUG: closing dbm file ./cache/container_dbm/a/a9/a94a8fe5ccb19ba61c4c0873d391e987982fbbd3.dbm
--------------------- >> end captured logging << ---------------------
======================================================================
ERROR: tests.test_cookie_domain_only.test_increment
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_domain_only.py", line 34, in test_increment
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1260, in call_application
app_iter = application(self.environ, start_response)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 198, in lint_app
iterator = application(environ, start_response_wrapper)
File "/tmp/beaker/build/lib/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/tmp/beaker/tests/test_cookie_domain_only.py", line 28, in simple_app
start_response('200 OK', [('Content-type', 'text/plain')])
File "/tmp/beaker/build/lib/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/tmp/beaker/build/lib/beaker/session.py", line 717, in persist
self._session().save()
File "/tmp/beaker/build/lib/beaker/session.py", line 576, in save
self._create_cookie()
File "/tmp/beaker/build/lib/beaker/session.py", line 594, in _create_cookie
self.cookie[self.key] = val
File "/usr/lib64/python3.3/http/cookies.py", line 491, in __setitem__
rval, cval = self.value_encode(value)
File "/tmp/beaker/build/lib/beaker/session.py", line 70, in value_encode
sig = HMAC.new(self.secret, val.encode('UTF-8'), SHA1).hexdigest()
AttributeError: 'bytes' object has no attribute 'encode'
======================================================================
ERROR: tests.test_cookie_only.test_increment
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 31, in test_increment
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1260, in call_application
app_iter = application(self.environ, start_response)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 198, in lint_app
iterator = application(environ, start_response_wrapper)
File "/tmp/beaker/build/lib/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/tmp/beaker/tests/test_cookie_only.py", line 25, in simple_app
start_response('200 OK', [('Content-type', 'text/plain')])
File "/tmp/beaker/build/lib/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/tmp/beaker/build/lib/beaker/session.py", line 717, in persist
self._session().save()
File "/tmp/beaker/build/lib/beaker/session.py", line 576, in save
self._create_cookie()
File "/tmp/beaker/build/lib/beaker/session.py", line 594, in _create_cookie
self.cookie[self.key] = val
File "/usr/lib64/python3.3/http/cookies.py", line 491, in __setitem__
rval, cval = self.value_encode(value)
File "/tmp/beaker/build/lib/beaker/session.py", line 70, in value_encode
sig = HMAC.new(self.secret, val.encode('UTF-8'), SHA1).hexdigest()
AttributeError: 'bytes' object has no attribute 'encode'
======================================================================
ERROR: tests.test_cookie_only.test_expires
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 42, in test_expires
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1260, in call_application
app_iter = application(self.environ, start_response)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 198, in lint_app
iterator = application(environ, start_response_wrapper)
File "/tmp/beaker/build/lib/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/tmp/beaker/tests/test_cookie_only.py", line 25, in simple_app
start_response('200 OK', [('Content-type', 'text/plain')])
File "/tmp/beaker/build/lib/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/tmp/beaker/build/lib/beaker/session.py", line 717, in persist
self._session().save()
File "/tmp/beaker/build/lib/beaker/session.py", line 576, in save
self._create_cookie()
File "/tmp/beaker/build/lib/beaker/session.py", line 594, in _create_cookie
self.cookie[self.key] = val
File "/usr/lib64/python3.3/http/cookies.py", line 491, in __setitem__
rval, cval = self.value_encode(value)
File "/tmp/beaker/build/lib/beaker/session.py", line 70, in value_encode
sig = HMAC.new(self.secret, val.encode('UTF-8'), SHA1).hexdigest()
AttributeError: 'bytes' object has no attribute 'encode'
======================================================================
ERROR: tests.test_cookie_only.test_different_sessions
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 50, in test_different_sessions
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1260, in call_application
app_iter = application(self.environ, start_response)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 198, in lint_app
iterator = application(environ, start_response_wrapper)
File "/tmp/beaker/build/lib/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/tmp/beaker/tests/test_cookie_only.py", line 25, in simple_app
start_response('200 OK', [('Content-type', 'text/plain')])
File "/tmp/beaker/build/lib/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/tmp/beaker/build/lib/beaker/session.py", line 717, in persist
self._session().save()
File "/tmp/beaker/build/lib/beaker/session.py", line 576, in save
self._create_cookie()
File "/tmp/beaker/build/lib/beaker/session.py", line 594, in _create_cookie
self.cookie[self.key] = val
File "/usr/lib64/python3.3/http/cookies.py", line 491, in __setitem__
rval, cval = self.value_encode(value)
File "/tmp/beaker/build/lib/beaker/session.py", line 70, in value_encode
sig = HMAC.new(self.secret, val.encode('UTF-8'), SHA1).hexdigest()
AttributeError: 'bytes' object has no attribute 'encode'
======================================================================
ERROR: tests.test_cookie_only.test_increment_with_encryption
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 80, in test_increment_with_encryption
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1260, in call_application
app_iter = application(self.environ, start_response)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 198, in lint_app
iterator = application(environ, start_response_wrapper)
File "/tmp/beaker/build/lib/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/tmp/beaker/tests/test_cookie_only.py", line 25, in simple_app
start_response('200 OK', [('Content-type', 'text/plain')])
File "/tmp/beaker/build/lib/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/tmp/beaker/build/lib/beaker/session.py", line 717, in persist
self._session().save()
File "/tmp/beaker/build/lib/beaker/session.py", line 576, in save
self._create_cookie()
File "/tmp/beaker/build/lib/beaker/session.py", line 590, in _create_cookie
val = self._encrypt_data()
File "/tmp/beaker/build/lib/beaker/session.py", line 262, in _encrypt_data
self.validate_key + nonce, 1)
TypeError: Can't convert 'bytes' object to str implicitly
======================================================================
ERROR: tests.test_cookie_only.test_different_sessions_with_encryption
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 92, in test_different_sessions_with_encryption
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1260, in call_application
app_iter = application(self.environ, start_response)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 198, in lint_app
iterator = application(environ, start_response_wrapper)
File "/tmp/beaker/build/lib/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/tmp/beaker/tests/test_cookie_only.py", line 25, in simple_app
start_response('200 OK', [('Content-type', 'text/plain')])
File "/tmp/beaker/build/lib/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/tmp/beaker/build/lib/beaker/session.py", line 717, in persist
self._session().save()
File "/tmp/beaker/build/lib/beaker/session.py", line 576, in save
self._create_cookie()
File "/tmp/beaker/build/lib/beaker/session.py", line 590, in _create_cookie
val = self._encrypt_data()
File "/tmp/beaker/build/lib/beaker/session.py", line 262, in _encrypt_data
self.validate_key + nonce, 1)
TypeError: Can't convert 'bytes' object to str implicitly
======================================================================
ERROR: tests.test_cookie_only.test_cookie_id
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 123, in test_cookie_id
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1260, in call_application
app_iter = application(self.environ, start_response)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 198, in lint_app
iterator = application(environ, start_response_wrapper)
File "/tmp/beaker/build/lib/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/tmp/beaker/tests/test_cookie_only.py", line 25, in simple_app
start_response('200 OK', [('Content-type', 'text/plain')])
File "/tmp/beaker/build/lib/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/tmp/beaker/build/lib/beaker/session.py", line 717, in persist
self._session().save()
File "/tmp/beaker/build/lib/beaker/session.py", line 576, in save
self._create_cookie()
File "/tmp/beaker/build/lib/beaker/session.py", line 590, in _create_cookie
val = self._encrypt_data()
File "/tmp/beaker/build/lib/beaker/session.py", line 262, in _encrypt_data
self.validate_key + nonce, 1)
TypeError: Can't convert 'bytes' object to str implicitly
======================================================================
ERROR: tests.test_cookie_only.test_invalidate_with_save_does_not_delete_session
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 141, in test_invalidate_with_save_does_not_delete_session
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1260, in call_application
app_iter = application(self.environ, start_response)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 198, in lint_app
iterator = application(environ, start_response_wrapper)
File "/tmp/beaker/build/lib/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/tmp/beaker/tests/test_cookie_only.py", line 135, in invalidate_session_app
start_response('200 OK', [('Content-type', 'text/plain')])
File "/tmp/beaker/build/lib/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/tmp/beaker/build/lib/beaker/session.py", line 717, in persist
self._session().save()
File "/tmp/beaker/build/lib/beaker/session.py", line 576, in save
self._create_cookie()
File "/tmp/beaker/build/lib/beaker/session.py", line 590, in _create_cookie
val = self._encrypt_data()
File "/tmp/beaker/build/lib/beaker/session.py", line 262, in _encrypt_data
self.validate_key + nonce, 1)
TypeError: Can't convert 'bytes' object to str implicitly
======================================================================
ERROR: Test if the data is actually persistent across requests
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_session.py", line 47, in test_save_load_encryption
session.save()
File "/tmp/beaker/build/lib/beaker/session.py", line 415, in save
data = self._encrypt_data(data)
File "/tmp/beaker/build/lib/beaker/session.py", line 262, in _encrypt_data
self.validate_key + nonce, 1)
TypeError: Can't convert 'bytes' object to str implicitly
======================================================================
ERROR: Test if the data fails without the right keys
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_session.py", line 69, in test_decryption_failure
session.save()
File "/tmp/beaker/build/lib/beaker/session.py", line 415, in save
data = self._encrypt_data(data)
File "/tmp/beaker/build/lib/beaker/session.py", line 262, in _encrypt_data
self.validate_key + nonce, 1)
TypeError: Can't convert 'bytes' object to str implicitly
======================================================================
FAIL: tests.test_cache.test_cache_manager
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/usr/lib64/python3.3/site-packages/nose/util.py", line 613, in newfunc
return func(*arg, **kw)
File "/tmp/beaker/build/lib/beaker/util.py", line 64, in maybe
return fn(*args, **kw)
File "/tmp/beaker/tests/test_cache.py", line 218, in test_cache_manager
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1263, in call_application
output.extend(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <generator object cache_manager_app at 0x7fc1da288500> returned a non-<class 'bytes'> object: 'test_key is: test value\n'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: set_value stored time 1379804271.4366035 expire time None
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_cache.test_increment
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/usr/lib64/python3.3/site-packages/nose/util.py", line 613, in newfunc
return func(*arg, **kw)
File "/tmp/beaker/build/lib/beaker/util.py", line 64, in maybe
return fn(*args, **kw)
File "/tmp/beaker/tests/test_cache.py", line 208, in test_increment
res = app.get('/', extra_environ={'beaker.type':type, 'beaker.clear':True})
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d9d20d50> returned a non-<class 'bytes'> object: 'The current value is: 1'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: set_value stored time 1379804271.510165 expire time None
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_cookie_only.test_nosave
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 64, in test_nosave
res = app.get('/nosave')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d50bcd50> returned a non-<class 'bytes'> object: "The current value is: 1 and cookie is {'value': 1, '_id': '953224090084467e921907b09061207c'}"
======================================================================
FAIL: tests.test_cookie_only.test_nosave_with_encryption
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_only.py", line 107, in test_nosave_with_encryption
res = app.get('/nosave')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d50c5d90> returned a non-<class 'bytes'> object: "The current value is: 1 and cookie is {'value': 1, '_id': 'cbecd659685143f1b62cfed057c862ea'}"
======================================================================
FAIL: tests.test_database.test_cache_manager
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/usr/lib64/python3.3/site-packages/nose/util.py", line 613, in newfunc
return func(*arg, **kw)
File "/tmp/beaker/build/lib/beaker/util.py", line 64, in maybe
return fn(*args, **kw)
File "/tmp/beaker/tests/test_database.py", line 106, in test_cache_manager
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1263, in call_application
output.extend(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <generator object cache_manager_app at 0x7fc1d7916820> returned a non-<class 'bytes'> object: 'test_key is: test value\n'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: set_value stored time 1379804369.8651407 expire time None
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_database.test_increment
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/usr/lib64/python3.3/site-packages/nose/util.py", line 613, in newfunc
return func(*arg, **kw)
File "/tmp/beaker/build/lib/beaker/util.py", line 64, in maybe
return fn(*args, **kw)
File "/tmp/beaker/tests/test_database.py", line 96, in test_increment
res = app.get('/', extra_environ={'beaker.clear':True})
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78ad910> returned a non-<class 'bytes'> object: 'The current value is: 1'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: set_value stored time 1379804369.932357 expire time None
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_domain_setting.test_domain
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_domain_setting.py", line 33, in test_domain
res = app.get('/', extra_environ=dict(domain='.hoop.com'))
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78ad9d0> returned a non-<class 'bytes'> object: 'The current value is: 1, session id is 5a09e880a0c542cca54c99f3f6a69635'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_file/5/5a/5a09e880a0c542cca54c99f3f6a69635.cache
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_increment.test_no_save
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_increment.py", line 61, in test_no_save
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78ad650> returned a non-<class 'bytes'> object: 'The current value is: None, session id is 08f64ef65868498da8af75e8299e12df'
======================================================================
FAIL: tests.test_increment.test_increment
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_increment.py", line 69, in test_increment
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d50d6b50> returned a non-<class 'bytes'> object: 'The current value is: 1, session id is 8c5c88a88bff4a06aa9f2bdc024e5d35'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_file/8/8c/8c5c88a88bff4a06aa9f2bdc024e5d35.cache
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_increment.test_increment_auto
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_increment.py", line 79, in test_increment_auto
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78b4a10> returned a non-<class 'bytes'> object: 'The current value is: 1, session id is 7c1623e62468499faa1054870ff7c520'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_file/7/7c/7c1623e62468499faa1054870ff7c520.cache
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_increment.test_different_sessions
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_increment.py", line 91, in test_different_sessions
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78b4290> returned a non-<class 'bytes'> object: 'The current value is: 1, session id is 15ddb7e6d43848f2b8e4730ba94a917b'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_file/1/15/15ddb7e6d43848f2b8e4730ba94a917b.cache
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_increment.test_different_sessions_auto
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_increment.py", line 106, in test_different_sessions_auto
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78c1590> returned a non-<class 'bytes'> object: 'The current value is: 1, session id is 1e49455d3e444a32a89847e49ef7c30a'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_file/1/1e/1e49455d3e444a32a89847e49ef7c30a.cache
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_increment.test_nosave
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_increment.py", line 120, in test_nosave
res = app.get('/nosave')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78c1a50> returned a non-<class 'bytes'> object: 'The current value is: 1, session id is 85a94aaabe254a539cccbb0dde33d997'
======================================================================
FAIL: tests.test_increment.test_revert
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_increment.py", line 133, in test_revert
res = app.get('/nosave')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78c80d0> returned a non-<class 'bytes'> object: 'The current value is: 0, session id is cf35aeda50f641f1a26a0fb7e015939a'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_file/c/cf/cf35aeda50f641f1a26a0fb7e015939a.cache
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_increment.test_load_session_by_id
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_increment.py", line 153, in test_load_session_by_id
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78c8390> returned a non-<class 'bytes'> object: 'The current value is: 1, session id is 9b2177b3eb3944a8b23d93820e0c0e6b'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_file/9/9b/9b2177b3eb3944a8b23d93820e0c0e6b.cache
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_sqla.test_cache_manager
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/usr/lib64/python3.3/site-packages/nose/util.py", line 613, in newfunc
return func(*arg, **kw)
File "/tmp/beaker/build/lib/beaker/util.py", line 64, in maybe
return fn(*args, **kw)
File "/tmp/beaker/tests/test_sqla.py", line 117, in test_cache_manager
res = app.get('/')
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 489, in do_request
res = req.get_response(app, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1292, in send
application, catch_exc_info=True)
File "/usr/lib64/python3.3/site-packages/webob/request.py", line 1263, in call_application
output.extend(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <generator object cache_manager_app at 0x7fc1d78b5e10> returned a non-<class 'bytes'> object: 'test_key is: test value\n'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: set_value stored time 1379804373.5384603 expire time None
--------------------- >> end captured logging << ---------------------
======================================================================
FAIL: tests.test_sqla.test_increment
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.3/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/usr/lib64/python3.3/site-packages/nose/util.py", line 613, in newfunc
return func(*arg, **kw)
File "/tmp/beaker/build/lib/beaker/util.py", line 64, in maybe
return fn(*args, **kw)
File "/tmp/beaker/tests/test_sqla.py", line 107, in test_increment
res = app.get('/', extra_environ={'beaker.clear': True})
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 206, in get
expect_errors=expect_errors)
File "/usr/lib64/python3.3/site-packages/webtest/app.py", line 502, in do_request
res.body
File "/usr/lib64/python3.3/site-packages/webob/response.py", line 345, in _body__get
body = b''.join(app_iter)
File "/usr/lib64/python3.3/site-packages/webtest/lint.py", line 300, in next
% (self.iterator, binary_type, v))
nose.proxy.AssertionError: Iterator <list_iterator object at 0x7fc1d78d8f90> returned a non-<class 'bytes'> object: 'The current value is: 1'
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: set_value stored time 1379804373.5449975 expire time None
--------------------- >> end captured logging << ---------------------
----------------------------------------------------------------------
Ran 107 tests in 122.245s
FAILED (SKIP=1, errors=13, failures=17)
The SessionObject proxy used by pyramd_beaker does not proxy the __len__
method to the Session, so len(session)
doesn't work.
>>> import beaker.session
>>> import pyramid.testing
>>> req = pyramid.testing.DummyRequest()
>>> so = beaker.session.SessionObject(req)
>>> len(so)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
TypeError: object of type 'SessionObject' has no len()
>>> len(so._session())
2
Hi
uwsgi on my machines run as the 'www-data' user, as a result any lock files created via uwsgi are owned and only readable by the 'www-data' user, is there any way these files can be created with permissions open enough to allow my other machine users to modify or delete these files?
sorry
I moved my WSGI application using beaker in another environment to this one, and now my app is hanging on session initialization here:
/usr/lib/python2.7/dist-packages/beaker/util.py
Line 228:
sha1 = None
def encoded_path(root, identifiers, extension=".enc", depth=3, digest_filenames=True):
ident = "_".join(identifiers)
global sha1
if sha1 is None:
from beaker.crypto import sha1
However, if I replace the line:
sha1 = None
With the following from the crypto folder:
from Crypto.Hash import HMAC as hmac, SHA as hmac_sha1
sha1 = hmac_sha1.new
The, everything works just fine.
What's the deal? (Same problem happens with 1.6.3 if I install beaker from the apt-get repositories).
Thanks!
The doc strings on cached functions are not passed through and will be blank when retrieved with tools like sphinx. This could be easily fixed by using functools.wraps
.
Hi, not sure if this is really something to do with you but I thought I'd document it for the devs and users of Beaker.
For the time being, I'm guessing I just need to manually download/install this since it appears the easy_install distro isn't correct.
Let me know if there's anything I can do to help!
DL
The full bug report can be found here: https://sourceforge.net/tracker/?func=detail&aid=3553804&group_id=66150&atid=513503
I've traced some functionality I need to the following file:
beaker/ext/memcached.py
Specifically, the method _format_key() on about line 98 has been updated to use SHA1 hashing however this is not the version being distributed via easy_install.
There current code can be seen here:https://github.com/bbangert/beaker/blob/1d051842058aba1aedd6f13c3de50ca13d14bd1d/beaker/ext/memcached.py
Here is the output from trying to update via the console:
$ easy_install -U beaker
Searching for beaker
Reading http://pypi.python.org/simple/beaker/
Reading http://beaker.groovie.org
Reading http://beaker.rtfd.org/
Best match: Beaker 1.6.3
Processing Beaker-1.6.3-py2.7.egg
Beaker 1.6.3 is already the active version in easy-install.pth
Using /var/modwsgi/foo-project/lib/python2.7/site-packages/Beaker-1.6.3-py2.7.egg
Processing dependencies for beaker
Finished processing dependencies for beaker
I've also confirmed the issue by downloading the files directly from the beaker page (http://pypi.python.org/pypi/Beaker/1.6.3) at http://pypi.python.org/packages/source/B/Beaker/Beaker-1.6.3.tar.gz#md5=bd4a986a3cad26d576e7ee77cce86b4f
Hello, i am implementing session in a xml-rpc pyramid application, everything works fine, but i don't want to use cookies since i am using xml-rpc clients, and i will handle the session id throuthg xml-rpc calls instead of using cookies, if i put a
beaker.session.use_cookies = False
inside the pyramid .ini application i got the error shown bellow.
I don't think this is a pyramid problem, since pyramid_beaker is just a wrapper and the error is triggered at SessionObject definition inside session.py
I use Beaker-1.6.4-py2.6.egg
Look at use_cookies = True param.
self.__dict__['_sess'] = Session(req, use_cookies=True,
**params)
Traceback (most recent call last):
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid-1.3.2-py2.6.egg/pyramid/tweens.py", line 20, in excview_tween
response = handler(request)
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid_tm-0.4-py2.6.egg/pyramid_tm/__init__.py", line 95, in tm_tween
response = handler(request)
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid-1.3.2-py2.6.egg/pyramid/router.py", line 164, in handle_request
response = view_callable(context, request)
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid-1.3.2-py2.6.egg/pyramid/config/views.py", line 609, in __call__
return view(context, request)
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid-1.3.2-py2.6.egg/pyramid/config/views.py", line 307, in attr_view
return view(context, request)
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid-1.3.2-py2.6.egg/pyramid/config/views.py", line 280, in predicate_wrapper
return view(context, request)
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid-1.3.2-py2.6.egg/pyramid/config/views.py", line 333, in rendered_view
result = view(context, request)
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid_rpc-0.3.1-py2.6.egg/pyramid_rpc/api.py", line 82, in _nonclass_view
response = self.mapply(view, params, keywords)
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/pyramid_rpc-0.3.1-py2.6.egg/pyramid_rpc/api.py", line 137, in mapply
return ob(*args)
File "/home/ndiaz/pyramid/Partner/partner/__init__.py", line 113, in say_hello
print request.session
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/session.py", line 677, in __repr__
return self._session().__repr__()
File "/home/ndiaz/pyramid/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/session.py", line 655, in _session
**params)
TypeError: type object got multiple values for keyword argument 'use_cookies'
Can we get a quick explanation on how to write invalidation code without the need to actually pass decorated functions?
Sometimes it just makes sense to wrote something like region_invalidate('somrthingA-B-C-D') without passing actual function reference - is this possible?
Hello and thank you for developing Beaker.
The pickle.loads() [1] method is used on data generated by crypto.aesDecrypt() that can parse an user-submitted cookie. Pickle is considered insecure to be executed on untrusted data [2], [3]
An attacker that is able to craft a valid encrypted cookie (e.g. by having obtained a leaked copy of encrypt_key or using a vulnerability in aesDecrypt) should have a limited impact, i.e. mangling session data. Pickle might allow such attacker to execute arbitrary code instead.
A solution could be to use json.loads() and json.dumps() instead of pickle.
[1] https://github.com/bbangert/beaker/blob/master/beaker/session.py#L283
[2] """The pickle module is not intended to be secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source."""
[3] http://docs.python.org/library/pickle.html
Thank you!
classifiers:
'Programming Language :: Python :: 3',
'Programming Language :: Python :: 3.2',
so I assume 3.3 is not supported yet.
DeprecationWarning)
SS....................................................S..SSS....SSS.............F../mnt/gen2/TmpDir/portage/dev-python/beaker-1.7.0-r1/work/beaker-1.7.0dev-python3_4/tests/test_session.py:19: BeakerWarning: Invalidating corrupt session a585bf81f5284b58854808d56c90cf7d; error was: pickle data was truncated. Set invalidate_corrupt=False to propagate this exception.
return Session({}, **options)
.SS.............
======================================================================
FAIL: Test if cookies are sent out properly when ``use_cookies``
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.4/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/mnt/gen2/TmpDir/portage/dev-python/beaker-1.7.0-r1/work/beaker-1.7.0dev-python3_4/tests/test_session.py", line 221, in test_cookies_enabled
assert 'secure' in session.request['cookie_out']
nose.proxy.AssertionError:
# test for secure
{'_accessed_time': 1439640172.395836, '_creation_time': 1439640172.395836} = get_session(use_cookies=True, secure=True)
>> assert 'secure' in {'_accessed_time': 1439640172.395836, '_creation_time': 1439640172.395836}.request['cookie_out']
----------------------------------------------------------------------
Ran 99 tests in 153.765s
FAILED (SKIP=11, failures=1)
To my knowledge this passed earlier in the year. The python used here is 3.4.3 and I suspect 3.4.2 was used then.
Do you require any further information
The second assert fails under Python3.4 because str(b'a') actually returns "b'a'"
from beaker._compat import u_, bytes_
def test_bytes_conv():
assert bytes_(u'a') == b'a'
assert bytes_(b'a') == b'a'
Recently setup a project on a production server and encountered the exception below. Same setup with 1.6.3 doesn't throw an error. I'm assuming it has something to do with this change in 1.6.4:
Add ability to specify schema for database-backed sessions.
Traceback (most recent call last):
File "/home/mcmweb/venv/lib/python2.6/site-packages/Werkzeug-0.8.3-py2.6.egg/werkzeug/serving.py", line 159, in run_wsgi
execute(app)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Werkzeug-0.8.3-py2.6.egg/werkzeug/serving.py", line 146, in execute
application_iter = app(environ, start_response)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Paste-1.7.5.1-py2.6.egg/paste/registry.py", line 379, in __call__
app_iter = self.application(environ, start_response)
File "/home/mcmweb/venv/lib/python2.6/site-packages/BlazeWeb-0.4.6-py2.6.egg/blazeweb/middleware.py", line 152, in __call__
return self.wsgiapp(environ, start_response)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Werkzeug-0.8.3-py2.6.egg/werkzeug/wsgi.py", line 411, in __call__
return self.app(environ, start_response)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/middleware.py", line 155, in __call__
return self.wrap_app(environ, session_start_response)
File "/home/mcmweb/venv/lib/python2.6/site-packages/SQLAlchemyBWC-0.2.5-py2.6.egg/sqlalchemybwc/lib/middleware.py", line 113, in __call__
return self.application(environ, start_response)
File "/home/mcmweb/venv/lib/python2.6/site-packages/BlazeWeb-0.4.6-py2.6.egg/blazeweb/application.py", line 382, in __call__
return self.wsgi_app(environ, start_response)
File "/home/mcmweb/venv/lib/python2.6/site-packages/BlazeWeb-0.4.6-py2.6.egg/blazeweb/application.py", line 319, in wsgi_app
return response(environ, start_response)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Werkzeug-0.8.3-py2.6.egg/werkzeug/wrappers.py", line 1083, in __call__
start_response(status, headers)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/middleware.py", line 149, in session_start_response
session.persist()
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/session.py", line 717, in persist
self._session().save()
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/session.py", line 405, in save
**self.namespace_args)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/ext/database.py", line 98, in __init__
self.cache = DatabaseNamespaceManager.tables.get(table_key, make_cache)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/util.py", line 171, in get
return self.sync_get(key, createfunc, *args, **kwargs)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/util.py", line 182, in sync_get
return self._create(key, createfunc, *args, **kwargs)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/util.py", line 189, in _create
self[key] = obj = createfunc(*args, **kwargs)
File "/home/mcmweb/venv/lib/python2.6/site-packages/Beaker-1.6.4-py2.6.egg/beaker/ext/database.py", line 91, in make_cache
schema=schema_name if schema_name else meta.schema
AttributeError: 'MetaData' object has no attribute 'schema'
This appears to be because in container.py, when calling set_value on the namespace manager, no expiretime is passed through, just a tuple that contains the expire_argument.
def delete(self):
"""Deletes the session from the persistent storage, and sends
an expired cookie out"""
if self.use_cookies:
self._delete_cookie()
self.clear()
Hi,
I got the following error on Python 3.2 and 3.3:
File "/opt/lang/python/3.2.2/lib/python3.2/http/cookies.py", line 486, in __setitem__
rval, cval = self.value_encode(value)
File "/opt/lang/python/3.2.2/lib/python3.2/site-packages/Beaker-1.6.4-py3.2.egg/beaker/session.py", line 70, in value_encode
sig = HMAC.new(self.secret, val.encode('UTF-8'), SHA1).hexdigest()
AttributeError: 'bytes' object has no attribute 'encode'
The following is a monkey patch to avoid this error,
but I'm not sure that it is correct solution.
from beaker.crypto import hmac as HMAC, hmac_sha1 as SHA1
from beaker.session import SignedCookie
def value_encode(self, val):
#sig = HMAC.new(self.secret, val.encode('UTF-8'), SHA1).hexdigest()
sig = HMAC.new(self.secret, val, SHA1).hexdigest()
return str(val), ("%s%s" % (sig, val))
SignedCookie.value_encode = value_encode
And, even with monkey patching, Beaker's SessionMiddleware
doesn't save session correctly on Python3.
(Pyton 3.3.3, MacOSX)
Here is my sample code (which works very well on Python2.7!):
# -*- coding: utf-8 -*-
import sys
import waitress
from beaker.middleware import SessionMiddleware
def testapp(environ, start_response):
session = environ.get('beaker.session')
count = session.get('count', 0) + 1
session['count'] = count
session.save()
content = "count=%s" % count
#
start_response('200 OK', [('Content-Type', 'text/plain')])
return [content.encode('utf-8')]
config = {
'session.type': 'cookie',
'session.validate_key': 'mysecretstring',
}
app = SessionMiddleware(testapp, config=config)
## monkey patch for Python3
python3 = sys.version_info[0] == 3
if python3:
from beaker.crypto import hmac as HMAC, hmac_sha1 as SHA1
from beaker.session import SignedCookie
def value_encode(self, val):
#sig = HMAC.new(self.secret, val.encode('UTF-8'), SHA1).hexdigest()
sig = HMAC.new(self.secret, val, SHA1).hexdigest()
return str(val), ("%s%s" % (sig, val))
SignedCookie.value_encode = value_encode
## ----
waitress.serve(app, port=8080)
Could you help me?
Is there any reason the tests folder therefore the testsuite never made it into the tarball staged at pypi?
The source has no MANIFEST.in
Currently, the self/cls argument to methods/classmethods is not considered part of the cache key. In cases where classmethods are used as alternate constructors, this can lead to problems where the same classmethod invoked on two different classes (one inheriting from the other) with the same other arguments will return the same object.
Consider the following example:
from beaker.cache import CacheManager, cache_region
from beaker.util import parse_cache_config_options
cache = CacheManager(**parse_cache_config_options(
{
"cache.regions": "short_term",
"cache.type": "memory",
"cache.short_term.expire": 60
}))
class Zombie(object):
def __init__(self, data):
self.data = data
@classmethod
@cache_region("short_term")
def from_dict(cls, data):
return cls(data)
class DancingZombie(Zombie):
def dance(self):
print "This is thriller! Thriller night!"
z1 = Zombie.from_dict({"name": "Michael"})
z2 = DancingZombie.from_dict({"name": "Michael"})
assert z2 is not z1 # Fails
z2.dance() # Fails too
I'm unsure whether the correct fix is to remove the "cls" check from beaker.util.has_self_arg (I can't think of any valid use cases for it right now, but I suppose there must be or you wouldn't have coded it in in the first place) or to add a skip_self optional arg (defaulting to True) to override it.
Either way, I'm marking this issue as an enhancement because technically, the cache_region decorator works exactly as designed/documented.
(in the meantime, a workaround is to call your classmethod's first arg cls_ instead of cls -- but it's ugly ;) )
Hello,
When I restart an application and generate a new encrypt_key without deleting the existing cookies from logged-in browsers I get the following error:
File "/usr/lib/python2.7/dist-packages/beaker/session.py", line 651, in __getattr__ return getattr(self._session(), attr) File "/usr/lib/python2.7/dist-packages/beaker/session.py", line 644, in _session self.__dict__['_sess'] = CookieSession(req, **params) File "/usr/lib/python2.7/dist-packages/beaker/session.py", line 531, in __init__ self['_accessed_time'] > self.timeout: KeyError: '_accessed_time'
Maybe Beaker should detect this condition and ignore the old cookie, or delete it, or raise a specific exception.
Thanks!
mkdir -p build/latex build/doctrees
sphinx-build -b latex -d build/doctrees . build/latex
Running Sphinx v1.3.1
loading pickled environment... not yet created
building [mo]: targets for 0 po files that are out of date
building [latex]: all documents
updating environment: 17 added, 0 changed, 0 removed
reading sources... [100%] sessions
../../CHANGELOG:11: WARNING: Title underline too short.
../../CHANGELOG:11: WARNING: Title underline too short.
../../CHANGELOG:356: WARNING: Inline strong start-string without end-string.
../../CHANGELOG:515: WARNING: Inline strong start-string without end-string.
../../CHANGELOG:515: WARNING: Inline strong start-string without end-string.
/home/asarch/beaker/beaker/beaker/docs/modules/pbkdf2.rst:9: WARNING: autodoc: failed to import function u'crypt' from module u'beaker.crypto.pbkdf2'; the following exception was raised:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/sphinx/ext/autodoc.py", line 392, in import_object
obj = self.get_attr(obj, part)
File "/usr/lib/python2.7/site-packages/sphinx/ext/autodoc.py", line 288, in get_attr
return safe_getattr(obj, name, *defargs)
File "/usr/lib/python2.7/site-packages/sphinx/util/inspect.py", line 115, in safe_getattr
raise AttributeError(name)
AttributeError: crypt
/home/asarch/beaker/beaker/beaker/docs/modules/pbkdf2.rst:10: WARNING: autodoc: failed to import class u'PBKDF2' from module $'beaker.crypto.pbkdf2'; the following exception was raised:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/sphinx/ext/autodoc.py", line 392, in import_object
obj = self.get_attr(obj, part)
File "/usr/lib/python2.7/site-packages/sphinx/ext/autodoc.py", line 288, in get_attr
return safe_getattr(obj, name, *defargs)
File "/usr/lib/python2.7/site-packages/sphinx/util/inspect.py", line 115, in safe_getattr
raise AttributeError(name)
AttributeError: PBKDF2
looking for now-outdated files... none found
pickling environment... done
checking consistency... /home/asarch/beaker/beaker/beaker/docs/glossary.rst:: WARNING: document isn't included in any toctree
done
WARNING: "latex_documents" config value references unknown document contents
copying TeX support files...
done
build succeeded, 9 warnings.
Build finished; the LaTeX files are in build/latex.
Run make all-pdf' or
make all-ps' in that directory to run these through (pdf)latex.
pylibmc's documentation on ThreadMappedPool specifies
You must be sure to call ThreadMappedPool.relinquish() before exiting a thread that has used the pool, from that thread! Otherwise, some clients will never be reclaimed and you will have stale, useless connections.
Beaker's memcached extension creates a ThreadMappedPool
beaker/beaker/ext/memcached.py
Line 179 in 95cf84a
but I couldn't find anywhere where "relinquish" is ever called.
Is there some reason that beaker's use of ThreadMappedPool doesn't require ever relinquishing its connections?
I am using beaker with pyramid_beaker in a pyramid application. I found out that I could forge a cookie session_id with the simple value ‘123’ and make it valid once I log in to the application.
Here is the beaker configuration set in the development.ini of the pyramid application:
# Options For Sessions and Caching:
session.type = file
session.data_dir = %(here)s/../../data/sessions/data
session.lock_dir = %(here)s/../../data/sessions/lock
# Session Options:
session.key = session_id
session.secure = false
session.timeout = 3600
session.cookie_expires = true
session.cookie_domain = .mydomain.local
session.httponly = true
# Encryption Options:
session.encrypt_key = c]?wvL",ni3J.)d8(e~z8b-9Le=Anh'.QMytBj^Kukfi<79C$Cg22)cX;__xs6?S
session.validate_key = \2R('?pL]\Z_8?(o`.?.?^.RF6t*5pCh6PH`~aon%H`PX$;E}"((mu-@(?G<=!:+
# pyramid_beaker specific option
session.cookie_on_exception = true
You can notice there is no session.secret
set because I followed the recomendation in the documentation: "These options should then be used instead of the secret option listed above." (http://beaker.readthedocs.org/en/latest/configuration.html#encryption-options)
And here is the login form view:
def login(self):
message_html = _('view.login.welcome-message', default='Please log in.')
login_url = self.request.route_url('login')
login = ''
password = ''
referrer = self.request.url
if referrer == login_url:
referrer = self.request.route_url('home')
came_from = self.request.POST.get('came_from', referrer)
csrf_token = self.request.session.get_csrf_token()
if 'form.submitted' in self.request.POST:
login = self.request.POST.get('login')
password = self.request.POST.get('password')
if csrf_token == self.request.POST.get('csrf_token'):
if login in USERS:
manager = BCRYPTPasswordManager()
if manager.check(USERS[login], password):
headers = remember(self.request, login)
return HTTPFound(location=came_from, headers=headers)
message_html = _('view.login.failed-login-message', default='Login failed!')
return {
'message_html': message_html,
'url': login_url,
'login': login,
'password': password,
'came_from': came_from,
'csrf_token': csrf_token,
}
Now, my problem is that my application might be vulnerable to a session fixation attack (See http://security.stackexchange.com/a/35097/25414).
I asked how to fix that on StackOverflow (http://stackoverflow.com/q/16303414/1919510) and I received an interesting comment:
"If the cookie value isn't signed then you aren't setting session.secret in your ini settings."
(http://stackoverflow.com/questions/16303414/how-to-prevent-user-to-set-the-value-of-the-session-id-cookie-used-by-pyramid-be#comment23379513_16309210)
This is true, I was not using session.secret
. Using both session.secret
and the encryption options (encrypt_key
and validate_key
) prevent me to forge a cookie with value 123 and then fix the session fixation attack problem.
So, is the beaker documentation clear or should I use session.secret eventually?
I've recently come across http://vudang.com/2013/01/python-web-framework-from-lfr-to-rce/, which details possible vulnerabilities related to unpickling cookies.
I've noticed that pickle is used in https://github.com/rcarmo/beaker/blob/master/beaker/session.py#L288, and was wondering if you had any plans to change that.
This drove me crazy for too long. I thought I was doing something wrong, and finally went though all my code and found an error in Beaker's docs...
The docs read:
cookie_expires (optional, bool, datetime, timedelta, int)
Determines when the cookie used to track the client-side of the session will expire. When set to a boolean value, it will either expire at the end of the browsers session, or never expire
Defaults to never expiring
This is incorrect.
The default value in beaker/session.py::Session(dict) [line 74] for cookie_expires is True
However, according to the code [ def _set_cookie_expires(self) , line 187 ] the following logic occurs:
datetime.datetime(2038, 1, 18, 22, 14, 7)
expires
is set to None
, which causes a Session-only cookieThe docs should read:
Determines when the cookie used to track the client-side of the session will expire. When set to a boolean value, it will either expire at the end of the browsers session (
True
), or never expire (False
).
Defaults toFalse
-- expiring at the end of a browser session.
I'm assuming the docs are wrong, and not the code, because it would make sense to default to a session-only cookie as a security precaution.
The "never expires" is also a bit of a stretch It sets a cookie that expires in 2038. Might be good to either note that, or change the code so it expires in 10years from whatever date you're on.
( btw, I never would have noticed this if it weren't for Apple's Safari having an internal process crash every 30 minutes , which redraws all the windows within a new browser session. )
I am trying to use bottle's object functionality to be able to import subapps and then mount them into the global default application. However, when I try to include beaker for session management I run into issues:
from bottle import Bottle
from beaker.middleware import SessionMiddleware
session_opts = {
'session.type': 'file',
'session.cookie_expires': 300,
'session.data_dir': './data',
'session.auto': True
}
app = Bottle()
app = SessionMiddleware(app, session_opts)
#Import Subapp
from subapp import subapp #Assumes subapp.py and associated import
app.mount('/subapp', subapp) #Assumes subapp.py and associated import
@app.route('/')
def hello():
return 'Hello World'
app.run()
Error:
Traceback (most recent call last):
File "example.py", line 14, in <module>
@app.route('/')
AttributeError: 'SessionMiddleware' object has no attribute 'route'
Is this behaviour supported by beaker? If so, can you advise what I am doing wrong here?
Hello awesome beaker people (great library by the way)! I was trying out the new type hints feature in python3.5 and I am getting errors when using the cache decorator. Here is an example:
from beaker.cache import CacheManager
from beaker.util import parse_cache_config_options
cache_opts = {
'cache.type': 'file',
'cache.data_dir': '/tmp/cache/data',
'cache.lock_dir': '/tmp/cache/lock'
}
cache = CacheManager(**parse_cache_config_options(cache_opts))
@cache.cache(expire=60)
def test_fn(num: int) -> int:
return num + 1
results = test_fn(1)
With the corresponding stack trace:
Traceback (most recent call last):
File "/home/nick/beakerTest.py", line 14, in <module>
def test_fn(num: int) -> int:
File "/home/nick/.virtualenvs/beakerTest/lib/python3.5/site-packages/beaker/cache.py", line 547, in decorate
skip_self = util.has_self_arg(func)
File "/home/nick/.virtualenvs/beakerTest/lib/python3.5/site-packages/beaker/util.py", line 90, in has_self_arg
args = inspect.getargspec(func)
File "/usr/lib/python3.5/inspect.py", line 1044, in getargspec
raise ValueError("Function has keyword-only arguments or annotations"
ValueError: Function has keyword-only arguments or annotations, use getfullargspec() API which can support them
beaker.session.Session._delete_cookie()
contains a buggy date calculation.
expires = datetime.utcnow().replace(year=2003)
On February 29th of a leap year this raises:
ValueError: day is out of range for month
The apparent goal is to set a date in the past. Can't it just use a fixed date like '2003-01-01'?
The code in https://github.com/bbangert/beaker/blob/master/beaker/crypto/pbkdf2.py is a direct copy of Django's: https://github.com/django/django/blob/master/django/utils/crypto.py#L108-L191
Per Django's license, the copyright for it must be reproduced.
It would be nice if the pyca/cryptography package could be used with beaker instead of the pycrypto etc. files.
https://github.com/pyca/cryptography
tests.test_cookie_domain_only.test_increment() and tests.test_domain_setting.test_domain() fail, also with Python 2 (both 2.6 and 2.7). Failures of these tests with Python 3 are different and reported in bug #51.
Results of test suite of Beaker trunk with Python 2.7:
$ nosetests-2.7
...................................................F.................F........S............/tmp/beaker/tests/test_session.py:17: BeakerWarning: Invalidating corrupt session 06db956e01e8455f83a73765f47cbf9f; error was: pickle data was truncated. Set invalidate_corrupt=False to propagate this exception.
return Session({}, **options)
................
======================================================================
FAIL: tests.test_cookie_domain_only.test_increment
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python2.7/site-packages/nose/case.py", line 197, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_cookie_domain_only.py", line 40, in test_increment
assert 'Domain=.hoop.com' in res.headers['Set-Cookie']
AssertionError:
assert 'current value is: 2' in res
assert 'Domain=.hoop.com' in res.headers['Set-Cookie']
res = <webtest.app.TestApp object at 0x29ef3d0>.get('/')
>> assert 'Domain=.hoop.com' in res.headers['Set-Cookie']
assert 'current value is: 3' in res
======================================================================
FAIL: tests.test_domain_setting.test_domain
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python2.7/site-packages/nose/case.py", line 197, in runTest
self.test(*self.arg)
File "/tmp/beaker/tests/test_domain_setting.py", line 37, in test_domain
assert 'current value is: 2' in res
AssertionError:
assert 'current value is: 1' in res
assert 'Domain=.hoop.com' in res.headers['Set-Cookie']
res = <webtest.app.TestApp object at 0x299ea50>.get('/')
>> assert 'current value is: 2' in res
assert [] == res.headers.getall('Set-Cookie')
res = <webtest.app.TestApp object at 0x299ea50>.get('/', extra_environ=dict(domain='.hoop.co.uk'))
-------------------- >> begin captured logging << --------------------
beaker.container: DEBUG: data file ./cache/container_file/c/c1/c1ecb886dee84125b87ec11e03402e29.cache
beaker.container: DEBUG: data file ./cache/container_file/c/c4/c4b662e9f67b44e59459c9cb422b25a4.cache
--------------------- >> end captured logging << ---------------------
----------------------------------------------------------------------
Ran 107 tests in 151.616s
FAILED (SKIP=1, failures=2)
The latest docs up on readthedocs don't have the regenerate_id() method documented:
https://readthedocs.org/search/project/?q=regenerate_id&selected_facets=project_exact%3Abeaker
First off, this is a great library. Thanks for making this!
I'm trying to implement a 'show all of my sessions' functionality in my app. So that the user can log out all others except the current one. I store sessions in a sqlite database using the SqlAlchemy backend.
My current method is to the open the session database using another database connection and iterate over the rows. For each row, the 'namespace' column is the ID of the session.
I then use 'session.load()' to pull out the session. This approach is working, except that load() seems to set the _creation_time to the current time.
Am I missing something?
Is there a better way to do what I want using Beaker?
Thanks!
Are there any docs/notes/scribbles about using Beaker with a Paste wsgi pipeline?
(specifically I'm wondering why there is no factory for the CacheMiddleware ... but perhaps I just need to look at the flow of Becker more. Feel free to tell me to rtfm :)
* python3_4: running distutils-r1_run_phase python_test
....................................................................................S.............F../mnt/gen2/TmpDir/portage/dev-python/beaker-1.7.0-r1/work/beaker-1.7.0dev-python3_4/tests/test_session.py:19: BeakerWarning: Invalidating corrupt session d32656da7e614fd4af4652a5a1d1ce50; error was: pickle data was truncated. Set invalidate_corrupt=False to propagate this exception.
return Session({}, **options)
................
======================================================================
FAIL: Test if cookies are sent out properly when ``use_cookies``
----------------------------------------------------------------------
Traceback (most recent call last):
File "/usr/lib64/python3.4/site-packages/nose/case.py", line 198, in runTest
self.test(*self.arg)
File "/mnt/gen2/TmpDir/portage/dev-python/beaker-1.7.0-r1/work/beaker-1.7.0dev-python3_4/tests/test_session.py", line 221, in test_cookies_enabled
assert 'secure' in session.request['cookie_out']
AssertionError
----------------------------------------------------------------------
Ran 117 tests in 155.353s
FAILED (SKIP=1, failures=1)
I may have had this pass 3 weeks ago but I have no records of proof.
Can you replicate?
Do you require any further info?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.