mangono-addon-redis_session_store 2.2.0__py3-none-any.whl

mangono_addon_redis_session_store-2.2.0.dist-info/METADATA

@@ -0,0 +1,32 @@
+Metadata-Version: 2.4
+Name: mangono-addon-redis_session_store
+Version: 2.2.0
+Project-URL: Homepage, http://mangono.fr/
+Author-Email: mangono <opensource+odoo@mangono.fr>
+License-Expression: AGPL-3.0
+Classifier: Framework :: Odoo
+Classifier: Framework :: Odoo :: 12.0
+Classifier: Framework :: Odoo :: 13.0
+Classifier: Framework :: Odoo :: 14.0
+Classifier: Framework :: Odoo :: 15.0
+Classifier: Framework :: Odoo :: 16.0
+Classifier: Framework :: Odoo :: 17.0
+Classifier: Framework :: Odoo :: 18.0
+Classifier: Framework :: Odoo :: 19.0
+Classifier: License :: OSI Approved :: GNU Affero General Public License v3
+Classifier: Programming Language :: Python
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Requires-Dist: redis==5.2.1
+Requires-Dist: environ-odoo-config<2,>=0.6.5
+Requires-Dist: typing-extensions
+Requires-Dist: wrapt==1.17.3
+Description-Content-Type: text/plain
+Description: Use Redis Session instead of File system to store sessions
+

mangono_addon_redis_session_store-2.2.0.dist-info/RECORD

@@ -0,0 +1,14 @@
+odoo/addons/redis_session_store/__init__.py,sha256=OY0COk3W8fkudSBfPqdrOVDba4pPQaMsxF6J3S0NjdY,1146
+odoo/addons/redis_session_store/__manifest__.py,sha256=0FZYxlcFNZh2zTsnoZ7kHKh9Rm3QHGwEIHHl8rKLIdg,488
+odoo/addons/redis_session_store/env_config.py,sha256=dHWpucfThhyRaUSzdP1NCNWSk0GMyrHvnDA-yYrUEqs,2730
+odoo/addons/redis_session_store/json_encoding.py,sha256=Zb9MqFWi9aCCaWml5ErXlNtmDqmfUK1C6fD0MRRa_ok,1219
+odoo/addons/redis_session_store/odoo_monkey_patch.py,sha256=5MpZASEbF6ZjMUPP_trxbZg5HmS7EL_VVA793THykfY,2243
+odoo/addons/redis_session_store/redis_session.py,sha256=sLlOeJ3NWJQ0SP8uF-7l1uPyXKZRApR4lJny9b68Q7c,9670
+odoo/addons/redis_session_store/environ_odoo_config/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+odoo/addons/redis_session_store/environ_odoo_config/auto_load.py,sha256=FpE2fsxPn04E20xVSe7cumf1weUl5-x4NpsIFbZIfHE,256
+odoo/addons/redis_session_store/environ_odoo_config/mapper.py,sha256=rsh5D6tF4ucsdBgBAQmm5e4mRMWKz4AoaaAXltT60yE,452
+mangono_addon_redis_session_store-2.2.0.dist-info/METADATA,sha256=fbFTKnvHL5qjC1mi6PHovCBAeE8Tlue9TajSASeM_us,1305
+mangono_addon_redis_session_store-2.2.0.dist-info/WHEEL,sha256=UYBUuRA3yPiZ7Eiy54KdZLBuO4pAoV-5dppQ0JKx5y4,98
+mangono_addon_redis_session_store-2.2.0.dist-info/entry_points.txt,sha256=VCn3ggBV8ioYxOYvqhOc1cDvuOEnskUk5_JSE1FHevE,278
+mangono_addon_redis_session_store-2.2.0.dist-info/top_level.txt,sha256=QE6RBQ0QX5f4eFuUcGgU5Kbq1A_qJcDs-e_vpr6pmfU,4
+mangono_addon_redis_session_store-2.2.0.dist-info/RECORD,,

mangono_addon_redis_session_store-2.2.0.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: Mangono Wheel Builder0.4.0
+Root-Is-Purelib: true
+Tag: py3-none-any
+

mangono_addon_redis_session_store-2.2.0.dist-info/entry_points.txt

@@ -0,0 +1,6 @@
+[environ_odoo_config.mapper]
+redis_mapper = odoo.addons.redis_session_store.environ_odoo_config.mapper:redis_mapper
+
+[environ_odoo_config.auto_server_wide_module]
+redis_session_store = odoo.addons.redis_session_store.environ_odoo_config.auto_load:auto_load_redis_session_store
+

mangono_addon_redis_session_store-2.2.0.dist-info/top_level.txt

@@ -0,0 +1 @@
+odoo

odoo/addons/redis_session_store/__init__.py

@@ -0,0 +1,34 @@
+import logging
+from environ_odoo_config import odoo_utils
+
+_logger = logging.getLogger("odoo.session.REDIS")
+
+try:
+    import redis
+
+    _logger.info("Lib redis installed")
+except ImportError:
+    redis = None
+
+
+def _post_load_module():
+    if not redis:
+        raise ImportError("Please install package redis")
+    import odoo.release
+
+    if "redis_session_store" not in odoo_utils.get_server_wide_modules(odoo.release.serie):
+        return
+    from environ_odoo_config.environ import Environ
+    from .env_config import RedisEnvConfig
+
+    redis_config = RedisEnvConfig(Environ.new())
+    server_info = redis_config.connect().info()
+    # In case this is a Materia KV Redis compatible databaseOdooSessionClass
+    if not server_info.get("redis_version") and server_info.get("Materia KV "):
+        server_info = {"redis_version": f"Materia KV - {server_info['Materia KV ']}"}
+    if not server_info:
+        raise ValueError("Can't display server info")
+    _logger.info("Redis Session enable [%s]", server_info.get("redis_version", "No version provided"))
+    from . import odoo_monkey_patch
+
+    odoo_monkey_patch.patch_odoo(redis_config)

odoo/addons/redis_session_store/__manifest__.py

@@ -0,0 +1,18 @@
+{
+    "name": "Redis Session Store",
+    "version": "2.2.0",
+    "depends": ["base"],
+    "author": "mangono",
+    "website": "http://mangono.fr/",
+    "license": "AGPL-3",
+    "description": """Use Redis Session instead of File system to store sessions""",
+    "summary": "",
+    "category": "Tools",
+    "auto_install": False,
+    "installable": False,
+    "application": False,
+    "post_load": "_post_load_module",
+    "external_dependencies": {
+        "python": ["redis"],
+    },
+}

odoo/addons/redis_session_store/env_config.py

@@ -0,0 +1,73 @@
+from __future__ import annotations
+
+import redis
+from environ_odoo_config.config_section.api import OdooConfigGroup, RepeatableKey, SimpleKey
+from environ_odoo_config.environ import Environ
+from environ_odoo_config.odoo_version import OdooVersion
+
+DEFAULT_SESSION_TIMEOUT = 60 * 60 * 24 * 3  # 3 days in seconds
+DEFAULT_SESSION_TIMEOUT_ANONYMOUS = 60 * 2  # 2 minutes in seconds
+DEFAULT_SESSION_TIMEOUT_ON_INACTIVITY = "True"
+DEFAULT_SESSION_TIMEOUT_IGNORED_URLS = ["/longpolling", "/calendar/notify"]
+
+
+class RedisEnvConfig(OdooConfigGroup):
+    _ini_section = "redis_session"
+
+    host: str = SimpleKey("REDIS_HOST", ini_dest="redis_host", py_default="localhost")
+    port: int = SimpleKey("REDIS_PORT", ini_dest="redis_port", py_default=6379)
+    prefix: str = SimpleKey("REDIS_PREFIX", ini_dest="redis_prefix")
+    url: str = SimpleKey("REDIS_URL", ini_dest="redis_url")
+    password: str = SimpleKey("REDIS_PASSWORD", ini_dest="redis_password")
+    redis_ssl: bool = SimpleKey(
+        "REDIS_SSL",
+        ini_dest="redis_ssl",
+        py_default=True,
+    )
+    expiration: int = SimpleKey(
+        "ODOO_SESSION_REDIS_EXPIRATION", ini_dest="redis_expiration", py_default=DEFAULT_SESSION_TIMEOUT
+    )
+    anon_expiration: int = SimpleKey(
+        "ODOO_SESSION_REDIS_EXPIRATION_ANONYMOUS",
+        ini_dest="redis_anon_expiration",
+        py_default=DEFAULT_SESSION_TIMEOUT_ANONYMOUS,
+    )
+    timeout_on_inactivity: bool = SimpleKey(
+        "ODOO_SESSION_REDIS_TIMEOUT_ON_INACTIVITY",
+        ini_dest="redis_timeout_on_inactivity",
+        py_default=DEFAULT_SESSION_TIMEOUT_ON_INACTIVITY,
+    )
+    ignored_urls: set[str] = RepeatableKey(
+        "ODOO_SESSION_REDIS_TIMEOUT_IGNORED_URLS",
+        ini_dest="redis_ignored_urls",
+        ini_default=DEFAULT_SESSION_TIMEOUT_IGNORED_URLS,
+    )
+    db: int = SimpleKey("REDIS_DB_INDEX", py_default=0)
+    disable_gc: bool = SimpleKey("ODOO_DISABLE_SESSION_GC")
+
+    @property
+    def enable(self) -> bool:
+        return bool(self.host and self.password)
+
+    def _post_parse_env(self, environ: Environ):
+        if self.for_version > OdooVersion.V16:
+            self.disable_gc = True
+
+    def connect(self) -> redis.Redis:
+        """
+        Return the connection to the Redis server.
+        If `self.url` is filled, then `url` all other connection info are exclude.
+
+        expiration, and anon_expiration are not passed to the connection.
+
+        :return: A connection to the Redis server.
+        """
+        if self.url:
+            return redis.Redis.from_url(self.url)
+        return redis.Redis(
+            host=self.host,
+            port=self.port,
+            db=self.db,
+            password=self.password,
+            ssl=self.redis_ssl,
+        )

odoo/addons/redis_session_store/environ_odoo_config/auto_load.py

@@ -0,0 +1,8 @@
+from environ_odoo_config.environ import Environ
+
+from odoo.addons.redis_session_store.env_config import RedisEnvConfig
+
+
+def auto_load_redis_session_store(environ: Environ) -> bool:
+    redis_config = RedisEnvConfig(environ)
+    return redis_config.enable

odoo/addons/redis_session_store/environ_odoo_config/mapper.py

@@ -0,0 +1,17 @@
+from __future__ import annotations
+
+from typing import Any
+
+from environ_odoo_config.environ import Environ
+
+
+def redis_mapper(curr_env: Environ | dict[str, Any]) -> Environ:
+    return _kv_clevercloud_redis(Environ(curr_env))
+
+
+def _kv_clevercloud_redis(curr_env: Environ) -> Environ:
+    """ """
+    return curr_env + {
+        "REDIS_HOST": curr_env.gets("REDIS_HOST", "KV_HOST"),
+        "REDIS_PORT": curr_env.gets("REDIS_PORT", "KV_PORT"),
+    }

odoo/addons/redis_session_store/json_encoding.py

@@ -0,0 +1,42 @@
+from __future__ import annotations
+
+import json
+from datetime import date, datetime
+
+import dateutil
+
+
+def _object_decoder(obj):
+    if "_type" not in obj:
+        return obj
+    type_ = obj["_type"]
+    if type_ == "datetime_isoformat":
+        return dateutil.parser.parse(obj["value"])
+    elif type_ == "date_isoformat":
+        return dateutil.parser.parse(obj["value"]).date()
+    elif type_ == "set":
+        return set(obj["value"])
+    return obj
+
+
+class SessionEncoder(json.JSONEncoder):
+    """Encode date/datetime objects
+
+    So that we can later recompose them if they were stored in the session
+    """
+
+    def default(self, obj):
+        if isinstance(obj, datetime):
+            return {"_type": "datetime_isoformat", "value": obj.isoformat()}
+        elif isinstance(obj, date):
+            return {"_type": "date_isoformat", "value": obj.isoformat()}
+        elif isinstance(obj, set):
+            return {"_type": "set", "value": tuple(obj)}
+        return json.JSONEncoder.default(self, obj)
+
+
+class SessionDecoder(json.JSONDecoder):
+    """Decode json, recomposing recordsets and date/datetime"""
+
+    def __init__(self, **kwargs):
+        super().__init__(object_hook=_object_decoder, **kwargs)

odoo/addons/redis_session_store/odoo_monkey_patch.py

@@ -0,0 +1,74 @@
+from __future__ import annotations
+
+import logging
+import random
+from typing import Any
+
+import wrapt
+
+import odoo
+from odoo import http as odoo_http
+from odoo.http import request
+from odoo.tools import func as odoo_func
+
+from .env_config import RedisEnvConfig
+from .redis_session import RedisSessionStore
+
+_logger = logging.getLogger("odoo.session.REDIS")
+
+
+def _get_session_class(major_odoo_version: int):
+    if major_odoo_version < 16:
+        return odoo_http.OpenERPSession
+    return odoo_http.Session
+
+
+def _reset_cached_properties(major_odoo_version: int, obj: Any):
+    if major_odoo_version >= 19:
+        odoo_func.reset_cached_properties(obj)
+    else:
+        odoo_func.lazy_property.reset_all(obj)
+
+
+def session_gc(session_store):
+    # session_gc is called at setup_session so we keep the randomness bit to only vacuum once in a while.
+    if random.random() < 0.001:
+        session_store.vacuum()
+
+
+def _update_expiration():
+    if (
+        hasattr(odoo_http.root.session_store, "update_expiration")
+        and request
+        and request.session
+        and request.session.uid
+        and not request.env["res.users"].browse(request.session.uid)._is_public()
+    ):
+        odoo_http.root.session_store.update_expiration(request.session)
+
+
+def patch_odoo(redis_config: RedisEnvConfig):
+    _patch_odoo_http_root(redis_config)
+    _patch_odoo_authenticate(redis_config)
+
+
+def _patch_odoo_http_root(redis_config: RedisEnvConfig):
+    _reset_cached_properties(redis_config.for_version.value, odoo.http.root)
+    type(odoo_http.root).session_store = RedisSessionStore(
+        redis_config, session_class=_get_session_class(redis_config.for_version.value)
+    )
+    # Keep compatibility with odoo env config.
+    # There is no more session_gc global function, so no more patch needed.
+    # Now see FilesystemSessionStore#vacuum.
+    if not redis_config.disable_gc:
+        odoo_http.session_gc = session_gc
+
+
+def _patch_odoo_authenticate(redis_config: RedisEnvConfig):
+    @wrapt.patch_function_wrapper(
+        "odoo.addons.base",
+        "models.ir_http.IrHttp._authenticate",
+    )
+    def _patch_IrHttp__authenticate(wrapped, instance, args, kwargs):
+        _update_expiration()
+        return wrapped(*args, **kwargs)

odoo/addons/redis_session_store/redis_session.py

@@ -0,0 +1,240 @@
+from __future__ import annotations
+
+import base64
+import json
+import logging
+import os
+import re
+import time
+import warnings
+from hashlib import sha512
+
+import odoo
+from odoo import http
+from odoo.service import security
+
+from . import json_encoding
+from .env_config import RedisEnvConfig
+
+# The amount of bytes of the session that will remain static and can be used
+# for calculating the csrf token and be stored inside the database.
+STORED_SESSION_BYTES = 42
+# After a session is rotated, the session should be kept for a couple of
+# seconds to account for network delay between multiple requests which are
+# made at the same time and all use the same old cookie.
+SESSION_DELETION_TIMER = 120
+MAJOR = odoo.release.version_info[0]
+try:
+    with warnings.catch_warnings(record=True):
+        import werkzeug.contrib.sessions as sessions
+except ImportError:
+    from odoo.tools._vendor import sessions
+
+
+_logger = logging.getLogger("odoo.session.REDIS")
+
+
+# this is equal to the duration of the session garbage collector in
+# odoo.http.session_gc()
+
+
+_logger = logging.getLogger(__name__)
+_base64_urlsafe_re = re.compile(r"^[A-Za-z0-9_-]{84}$")
+_session_identifier_re = re.compile(r"^[A-Za-z0-9_-]{%s}$" % STORED_SESSION_BYTES)  # noqa
+
+
+class RedisSessionStore(sessions.SessionStore):
+    """SessionStore that saves session to redis"""
+
+    def __init__(
+        self,
+        redis_config: RedisEnvConfig,
+        session_class,
+    ):
+        super().__init__(session_class=session_class)
+        self.redis = redis_config.connect()
+        self.expiration = redis_config.expiration
+        self.anon_expiration = redis_config.anon_expiration
+        self.timeout_on_inactivity = redis_config.timeout_on_inactivity
+        self.ignored_urls = redis_config.ignored_urls
+        self.support_expire = b"expire" in self.redis.command_list()
+        self.prefix = "session:"
+        if redis_config.prefix:
+            self.prefix = f"{self.prefix}:{redis_config.prefix}:"
+
+    def build_key(self, sid):
+        return f"{self.prefix}{sid}"
+
+    def is_valid_key(self, key):
+        return _base64_urlsafe_re.match(key) is not None
+
+    def get_expiration(self, session):
+        # session.expiration allow to set a custom expiration for a session
+        # such as a very short one for monitoring requests
+        if not self.support_expire:
+            return -1
+        session_expiration = getattr(session, "expiration", 0)
+        expiration = session_expiration or self.anon_expiration
+        if session.uid:
+            expiration = session_expiration or self.expiration
+        return expiration
+
+    def update_expiration(self, session):
+        if not self.support_expire or not self.timeout_on_inactivity:
+            return
+        path = http.request.httprequest.path
+        if any(path.startswith(url) for url in self.ignored_urls):
+            return
+        key = self.build_key(session.sid)
+        expiration = self.get_expiration(session)
+
+        return self.redis.expire(key, expiration)
+
+    def save(self, session):
+        key = self.build_key(session.sid)
+        expiration = self.get_expiration(session)
+        if _logger.isEnabledFor(logging.DEBUG):
+            if session.uid:
+                user_msg = f"user '{session.login}' (id: {session.uid})"
+            else:
+                user_msg = "anonymous user"
+            _logger.debug(
+                "saving session with key '%s' and expiration of %s seconds for %s",
+                key,
+                expiration,
+                user_msg,
+            )
+
+        data = json.dumps(dict(session), cls=json_encoding.SessionEncoder).encode("utf-8")
+        result = self.redis.set(key, data)
+        if result and self.support_expire:
+            return self.redis.expire(key, expiration)
+        return -1
+
+    def delete(self, session):
+        key = self.build_key(session.sid)
+        _logger.debug("deleting session with key %s", key)
+        return self.redis.delete(key)
+
+    def delete_old_sessions(self, session):
+        pass
+
+    def get(self, sid):
+        if not self.is_valid_key(sid):
+            _logger.debug(
+                "session with invalid sid '%s' has been asked, returning a new one",
+                sid,
+            )
+            return self.new()
+
+        key = self.build_key(sid)
+        saved = self.redis.get(key)
+        if not saved:
+            _logger.debug(
+                "session with non-existent key '%s' has been asked, returning a new one",
+                key,
+            )
+            return self.new()
+        try:
+            data = json.loads(saved.decode("utf-8"), cls=json_encoding.SessionDecoder)
+        except ValueError:
+            _logger.debug(
+                "session for key '%s' has been asked but its json content could not be read, it has been reset",
+                key,
+            )
+            data = {}
+        return self.session_class(data, sid, False)
+
+    def list(self):
+        keys = self.redis.keys(f"{self.prefix}*")
+        _logger.debug("a listing redis keys has been called")
+        return [key[len(self.prefix) :] for key in keys]
+
+    def rotate(self, session, env, soft=False):
+        if soft:
+            # Multiple network requests can occur at the same time, all using the old session.
+            # We don't want to create a new session for each request, it's better to reference the one already made.
+            static = session.sid[:STORED_SESSION_BYTES]
+            recent_session = self.get(session.sid)
+            if "next_sid" in recent_session:
+                # A new session has already been saved on disk by a concurrent request,
+                # the _save_session is going to simply use session.sid to set a new cookie.
+                session.sid = recent_session["next_sid"]
+                return
+            next_sid = static + self.generate_key()[STORED_SESSION_BYTES:]
+            session["next_sid"] = next_sid
+            session["deletion_time"] = time.time() + SESSION_DELETION_TIMER
+            self.save(session)
+            # Now prepare the new session
+            session["gc_previous_sessions"] = True
+            session.sid = next_sid
+            del session["deletion_time"]
+            del session["next_sid"]
+        else:
+            self.delete(session)
+            session.sid = self.generate_key()
+        if session.uid:
+            assert env, "saving this session requires an environment"
+            session.session_token = security.compute_session_token(session, env)
+        session.should_rotate = False
+        session["create_time"] = time.time()
+        self.save(session)
+
+    def vacuum(self, *args, **kwargs):
+        """
+        Vacuum all expired keys.
+        """
+        # For MateriaKV, there is currently no active expiration. But `DBSIZE` seems to trigger the database gc.
+        # https://www.clever.cloud/developers/doc/addons/materia-kv/
+        # Useless for pure Redis config since there is an active expiration process. See :
+        # https://redis.io/docs/latest/commands/expire/#how-redis-expires-keys
+        self.redis.dbsize()
+        _logger.debug("retrieving dbsize to trigger keys vacuum")
+        return True
+
+    def get_missing_session_identifiers(self, identifiers: list[str]) -> list[str]:
+        """
+        :param identifiers: session identifiers whose file existence must be checked
+                            identifiers are a part session sid (first 42 chars)
+        :type identifiers: iterable
+        :return: the identifiers which are not present on the filesystem
+        :rtype: set
+        """
+        existing_keys = set()
+        for key in identifiers:
+            if self.redis.exists(self.build_key(key)):
+                existing_keys.add(key)
+        # Remove the identifiers for which a key is present on the session store.
+        missing_keys = set(identifiers) - existing_keys
+        return list(missing_keys)
+
+    def delete_from_identifiers(self, identifiers: list[str]):
+        for identifier in identifiers:
+            # Avoid to remove a session if it does not match an identifier.
+            # This prevents malicious user to delete sessions from a different
+            # database by specifying a custom ``res.device.log``.
+            if not _session_identifier_re.match(identifier):
+                raise ValueError(
+                    f"Identifier format incorrect, did you pass in a string instead of a list? {identifier}"
+                )
+            redis_key = self.build_key(identifier)
+            self.redis.delete(redis_key)
+
+    def generate_key(self, salt=None):
+        # The generated key is case sensitive (base64) and the length is 84 chars.
+        # In the worst-case scenario, i.e. in an insensitive filesystem (NTFS for example)
+        # taking into account the proportion of characters in the pool and a length
+        # of 42 (stored part in the database), the entropy for the base64 generated key
+        # is 217.875 bits which is better than the 160 bits entropy of a hexadecimal key
+        # with a length of 40 (method ``generate_key`` of ``SessionStore``).
+        # The risk of collision is negligible in practice.
+        # Formulas:
+        #   - L: length of generated word
+        #   - p_char: probability of obtaining the character in the pool
+        #   - n: size of the pool
+        #   - k: number of generated word
+        #   Entropy = - L * sum(p_char * log2(p_char))
+        #   Collision ~= (1 - exp((-k * (k - 1)) / (2 * (n**L))))
+        key = str(time.time()).encode() + os.urandom(64)
+        hash_key = sha512(key).digest()[:-1]  # prevent base64 padding
+        return base64.urlsafe_b64encode(hash_key).decode("utf-8")