#3154: Problem with storing authenticated sessions in DB
------------------------------------+---------------------------------------
Reporter: [EMAIL PROTECTED] | Owner: cboos
Type: defect | Status: assigned
Priority: normal | Milestone: 0.10
Component: general | Version: devel
Severity: major | Resolution:
Keywords: |
------------------------------------+---------------------------------------
Comment (by cboos):
Can you test the following patch?
{{{
Index: trac/web/session.py
===================================================================
--- trac/web/session.py (revision 3296)
+++ trac/web/session.py (working copy)
@@ -113,16 +113,20 @@
db = self.env.get_db_cnx()
cursor = db.cursor()
- cursor.execute("SELECT COUNT(*) FROM session WHERE sid=%s "
- "AND authenticated=1", (self.req.authname,))
- if cursor.fetchone()[0]:
+ cursor.execute("SELECT COUNT(*) FROM session "
+ "WHERE sid=%s OR sid=%s ", (sid,
self.req.authname))
+ sessions = cursor.fetchone()[0]
+ self.env.log.debug('For %s -- %s, nb sessions=%d' % \
+ (sid, self.req.authname, sessions))
+
+ if sessions == 2:
# If there's already an authenticated session for the user,
we
# simply delete the anonymous session
cursor.execute("DELETE FROM session WHERE sid=%s "
"AND authenticated=0", (sid,))
cursor.execute("DELETE FROM session_attribute WHERE sid=%s "
"AND authenticated=0", (sid,))
- else:
+ elif sessions == 1:
# Otherwise, update the session records so that the session
ID is
# the user name, and the authenticated flag is set
self.env.log.debug('Promoting anonymous session %s to '
@@ -134,6 +138,11 @@
cursor.execute("UPDATE session_attribute SET sid=%s,"
"authenticated=1 WHERE sid=%s",
(self.req.authname, sid))
+ else:
+ # Maybe we didn't have an anonymous session for this sid
+ cursor.execute("INSERT INTO session
(sid,last_visit,authenticated)"
+ " VALUES(%s,%s,1)",
+ (self.req.authname, int(time.time())))
self._new = False
db.commit()
}}}
--
Ticket URL: <http://projects.edgewall.com/trac/ticket/3154>
The Trac Project <http://trac.edgewall.com/>
_______________________________________________
Trac-Tickets mailing list
[email protected]
http://lists.edgewall.com/mailman/listinfo/trac-tickets