[Trac-tickets] Re: [The Trac Project] #3154: Problem with storing authenticated sessions in DB

Tue, 16 May 2006 03:26:18 -0700 

#3154: Problem with storing authenticated sessions in DB
------------------------------------+---------------------------------------
 Reporter:  [EMAIL PROTECTED]  |        Owner:  cboos   
     Type:  defect                  |       Status:  assigned
 Priority:  normal                  |    Milestone:  0.10    
Component:  general                 |      Version:  devel   
 Severity:  major                   |   Resolution:          
 Keywords:                          |  
------------------------------------+---------------------------------------
Comment (by cboos):

 Can you test the following patch?
 {{{
 Index: trac/web/session.py
 ===================================================================
 --- trac/web/session.py (revision 3296)
 +++ trac/web/session.py (working copy)
 @@ -113,16 +113,20 @@

          db = self.env.get_db_cnx()
          cursor = db.cursor()
 -        cursor.execute("SELECT COUNT(*) FROM session WHERE sid=%s "
 -                       "AND authenticated=1", (self.req.authname,))
 -        if cursor.fetchone()[0]:
 +        cursor.execute("SELECT COUNT(*) FROM session "
 +                       "WHERE sid=%s OR sid=%s ", (sid,
 self.req.authname))
 +        sessions = cursor.fetchone()[0]
 +        self.env.log.debug('For %s -- %s, nb sessions=%d' % \
 +                           (sid, self.req.authname, sessions))
 +
 +        if sessions == 2:
              # If there's already an authenticated session for the user,
 we
              # simply delete the anonymous session
              cursor.execute("DELETE FROM session WHERE sid=%s "
                             "AND authenticated=0", (sid,))
              cursor.execute("DELETE FROM session_attribute WHERE sid=%s "
                             "AND authenticated=0", (sid,))
 -        else:
 +        elif sessions == 1:
              # Otherwise, update the session records so that the session
 ID is
              # the user name, and the authenticated flag is set
              self.env.log.debug('Promoting anonymous session %s to '
 @@ -134,6 +138,11 @@
              cursor.execute("UPDATE session_attribute SET sid=%s,"
                             "authenticated=1 WHERE sid=%s",
                             (self.req.authname, sid))
 +        else:
 +            # Maybe we didn't have an anonymous session for this sid
 +            cursor.execute("INSERT INTO session
 (sid,last_visit,authenticated)"
 +                           " VALUES(%s,%s,1)",
 +                           (self.req.authname, int(time.time())))
          self._new = False
          db.commit()

 }}}

-- 
Ticket URL: <http://projects.edgewall.com/trac/ticket/3154>
The Trac Project <http://trac.edgewall.com/>
_______________________________________________
Trac-Tickets mailing list
[email protected]
http://lists.edgewall.com/mailman/listinfo/trac-tickets

Reply via email to