changeset 3128:73b5228715e8

core (memory): avoid session locking if profileAuthenticate is called twice quickly
author Goffi <goffi@goffi.org>
date Mon, 27 Jan 2020 19:52:49 +0100
parents 2798c86412e1
children 95befc85e816
files sat/memory/memory.py
diffstat 1 files changed, 9 insertions(+), 10 deletions(-) [+]
line wrap: on
line diff
--- a/sat/memory/memory.py	Mon Jan 27 19:52:46 2020 +0100
+++ b/sat/memory/memory.py	Mon Jan 27 19:52:49 2020 +0100
@@ -389,8 +389,7 @@
         @return (D): a deferred None in case of success, a failure otherwise.
         @raise exceptions.PasswordError: the password does not match
         """
-        session_data = self.auth_sessions.profileGetUnique(profile)
-        if not password and session_data:
+        if not password and self.auth_sessions.profileGetUnique(profile):
             # XXX: this allows any frontend to connect with the empty password as soon as
             # the profile has been authenticated at least once before. It is OK as long as
             # submitting a form with empty passwords is restricted to local frontends.
@@ -404,10 +403,7 @@
                         "The provided profile password doesn't match."
                     )
                 )
-            if (
-                not session_data
-            ):  # avoid to create two profile sessions when password if specified
-                return self.newAuthSession(password, profile)
+            return self.newAuthSession(password, profile)
 
         d = self.asyncGetParamA(
             C.PROFILE_PASS_PATH[1], C.PROFILE_PASS_PATH[0], profile_key=profile
@@ -418,6 +414,7 @@
     def newAuthSession(self, key, profile):
         """Start a new session for the authenticated profile.
 
+        If there is already an existing session, no new one is created
         The personal key is loaded encrypted from a PersistentDict before being decrypted.
 
         @param key: the key to decrypt the personal key
@@ -427,10 +424,12 @@
 
         def gotPersonalKey(personal_key):
             """Create the session for this profile and store the personal key"""
-            self.auth_sessions.newSession(
-                {C.MEMORY_CRYPTO_KEY: personal_key}, profile=profile
-            )
-            log.debug("auth session created for profile %s" % profile)
+            session_data = self.auth_sessions.profileGetUnique(profile)
+            if not session_data:
+                self.auth_sessions.newSession(
+                    {C.MEMORY_CRYPTO_KEY: personal_key}, profile=profile
+                )
+                log.debug("auth session created for profile %s" % profile)
 
         d = PersistentDict(C.MEMORY_CRYPTO_NAMESPACE, profile).load()
         d.addCallback(lambda data: BlockCipher.decrypt(key, data[C.MEMORY_CRYPTO_KEY]))