witten
/
luminotes
Archived
1
0
Fork 0

When the user is logged in and hitting the root page ("/") without https, do a redirect to https.

This commit is contained in:
Dan Helfman 2007-08-02 23:25:57 +00:00
parent 5ceed4bf32
commit 9e0b611790
5 changed files with 50 additions and 3 deletions

View File

@ -72,7 +72,7 @@ unit tests
If you're interested in running unit tests, install:
* nose 0.9.0
* nose 0.9.0
Then you can run unit tests by running:

View File

@ -17,6 +17,7 @@ class Root( object ):
def __init__( self, scheduler, database, settings ):
self.__scheduler = scheduler
self.__database = database
self.__settings = settings
self.__notebooks = Notebooks( scheduler, database )
self.__users = Users( scheduler, database, settings[ u"global" ].get( u"luminotes.http_url", u"" ) )
@ -25,6 +26,11 @@ class Root( object ):
"""
Provide the information necessary to display the web site's front page.
"""
# if the user is logged in and not using https, then redirect to the https version of the page (if available)
https_url = self.__settings[ u"global" ].get( u"luminotes.https_url" )
if cherrypy.session.get( "user_id" ) and https_url and not cherrypy.request.browser_url.startswith( https_url ):
return dict( redirect = https_url )
return dict()
@expose( view = Json )

View File

@ -13,7 +13,13 @@ class Test_controller( object ):
cherrypy.lowercase_api = True
self.scheduler = Scheduler()
self.database = Database( self.scheduler, database_path = None )
self.settings = { u"global": { u"luminotes.http_url" : u"http://luminotes.com" } }
self.settings = {
u"global": {
u"luminotes.http_url" : u"http://luminotes.com",
u"luminotes.https_url" : u"https://luminotes.com",
},
}
cherrypy.root = Root( self.scheduler, self.database, self.settings )
cherrypy.config.update( Common.settings )
cherrypy.config.update( { u"server.log_to_screen": False } )

View File

@ -584,7 +584,6 @@ class Test_notebooks( Test_controller ):
note_id = self.note.object_id,
), session_id = self.session_id )
print result
assert result.get( "note" ) == None
def test_delete_note_without_login( self ):

View File

@ -1,4 +1,6 @@
import cherrypy
from model.User import User
from controller.Scheduler import Scheduler
from Test_controller import Test_controller
@ -6,10 +8,36 @@ class Test_root( Test_controller ):
def setUp( self ):
Test_controller.setUp( self )
self.username = u"mulder"
self.password = u"trustno1"
self.email_address = u"outthere@example.com"
self.user = None
self.session_id = None
thread = self.make_user()
self.scheduler.add( thread )
self.scheduler.wait_for( thread )
def make_user( self ):
self.database.next_id( self.scheduler.thread )
self.user = User( ( yield Scheduler.SLEEP ), self.username, self.password, self.email_address, [] )
self.database.save( self.user )
def test_index( self ):
result = self.http_get( "/" )
assert result
def test_index_after_login( self ):
self.login()
result = self.http_get(
"/",
session_id = self.session_id,
)
assert result.get( u"redirect" )
assert result.get( u"redirect" ).startswith( self.settings[ u"global" ][ u"luminotes.https_url" ] )
def test_next_id( self ):
result = self.http_get( "/next_id" )
@ -32,3 +60,11 @@ class Test_root( Test_controller ):
headers = result.get( u"headers" )
status = headers.get( u"status" )
assert u"404" in status
def login( self ):
result = self.http_post( "/users/login", dict(
username = self.username,
password = self.password,
login_button = u"login",
) )
self.session_id = result[ u"session_id" ]