Starts a cookie-based session for a logged-in user. This method assumes that the user has been correctly authenticated and that a corresponding user exists in the database. In order to refresh a session, it’s safe to call this method repeatedly (i.e., without having to issue a logo
(username)
| 22 | |
| 23 | |
| 24 | def login(username): |
| 25 | """Starts a cookie-based session for a logged-in user. |
| 26 | |
| 27 | This method assumes that the user has been correctly authenticated and |
| 28 | that a corresponding user exists in the database. |
| 29 | |
| 30 | In order to refresh a session, it’s safe to call this method repeatedly |
| 31 | (i.e., without having to issue a logout beforehand). |
| 32 | |
| 33 | Args: |
| 34 | username: (str) The username that the session shall be associated with. |
| 35 | |
| 36 | Raises: |
| 37 | db.users.UserDoesNotExistError |
| 38 | """ |
| 39 | user = auth.get_account(username) |
| 40 | flask.session['username'] = username |
| 41 | flask.session[ |
| 42 | 'credentials_last_changed'] = user.credentials_last_changed.isoformat() |
| 43 | # Persist the session even after the browser has been closed. |
| 44 | flask.session.permanent = True |
| 45 | logger.info_sensitive('Started session for user %s', username) |
| 46 | |
| 47 | |
| 48 | def is_auth_valid(satisfies_role=None): |
nothing calls this directly
no test coverage detected