expired token handle (#40)

* expired token handle
(relates #108 mergin plugin issue)

Author: PachKosti

Pipfile

@@ -6,6 +6,7 @@ name = "pypi"
 [packages]
 python-dateutil = "==2.6.0"
 pygeodiff = "==0.7.4"
+pytz = "==2019.3"
 
 
 [dev-packages]

mergin/client.py

@@ -53,6 +53,10 @@ class ClientError(Exception):
     pass
 
 
+class LoginError(Exception):
+    pass
+
+
 class SyncError(Exception):
     def __init__(self, msg, detail=""):
         super().__init__(msg)
@@ -581,8 +585,21 @@ def __init__(self, url, auth_token=None, login=None, password=None, plugin_versi
         urllib.request.install_opener(self.opener)
 
         if login and password:
-            self.login(login, password)
+            self._auth_params = {
+                "login": login,
+                "password": password
+            }
+            if not self._auth_session:
+                self.login(login, password)
+
+    def _check_token(f):
+        def wrapper(self, *args):
+            if (not self._auth_session or self._auth_session['expire'] < datetime.now(timezone.utc)) and self._auth_params:
+                self.login(self._auth_params['login'], self._auth_params['password'])
+            return f(self, *args)
+        return wrapper
 
+    @_check_token
     def _do_request(self, request):
         if self._auth_session:
             delta = self._auth_session["expire"] - datetime.now(timezone.utc)
@@ -686,10 +703,19 @@ def login(self, login, password):
             "login": login,
             "password": password
         }
-        self._auth_params = params
-        resp = self.post("/v1/auth/login", params, {"Content-Type": "application/json"})
-        data = json.load(resp)
-        session = data["session"]
+        try:
+            self._auth_params = params
+            url = urllib.parse.urljoin(self.url, urllib.parse.quote("/v1/auth/login"))
+            data = json.dumps(self._auth_params, cls=DateTimeEncoder).encode("utf-8")
+            request = urllib.request.Request(url, data, {"Content-Type": "application/json"}, method="POST")
+            resp = self.opener.open(request)
+            data = json.load(resp)
+            session = data["session"]
+        except urllib.error.HTTPError as e:
+            if e.headers.get("Content-Type", "") == "application/problem+json":
+                info = json.load(e)
+                raise LoginError(info.get("detail"))
+            raise LoginError(e.read().decode("utf-8"))
         self._auth_session = {
             "token": "Bearer %s" % session["token"],
             "expire": dateutil.parser.parse(session["expire"])
@@ -1154,7 +1180,6 @@ def upload_chunk(chunk_id, data):
                 for chunk in file_meta["chunks"]:
                     data = file.read(UPLOAD_CHUNK_SIZE)
                     upload_chunk(chunk, data)
-
     def project_status(self, directory):
         """
         Get project status, e.g. server and local changes.

mergin/test/test_client.py

@@ -1,8 +1,11 @@
 import os
 import tempfile
 import shutil
+from datetime import datetime, timedelta
 import pytest
-from ..client import MerginClient, ClientError, MerginProject, SyncError
+import pytz
+
+from ..client import MerginClient, ClientError, MerginProject, SyncError, LoginError
 from ..utils import generate_checksum
 
 SERVER_URL = os.environ.get('TEST_MERGIN_URL')
@@ -41,7 +44,7 @@ def test_login(mc):
     with pytest.raises(ValueError, match='Invalid token data'):
         MerginClient(mc.url, auth_token='Bearer .jas646kgfa')
 
-    with pytest.raises(ClientError, match='Invalid username or password'):
+    with pytest.raises(LoginError, match='Invalid username or password'):
         mc.login('foo', 'bar')
 
 
@@ -329,8 +332,13 @@ def test_list_of_push_changes(mc):
     mp = MerginProject(project_dir)
 
     shutil.copy(mp.fpath('inserted_1_A.gpkg'), mp.fpath(f_updated))
-
+    mc._auth_session["expire"] = datetime.now().replace(tzinfo=pytz.utc) - timedelta(days=1)
     pull_changes, push_changes, push_changes_summary = mc.project_status(project_dir)
     assert str(push_changes_summary) == PUSH_CHANGES_SUMMARY
 
+    mc._auth_session["expire"] = datetime.now().replace(tzinfo=pytz.utc) - timedelta(days=1)
+    mc._auth_params = None
+    with pytest.raises(ClientError, match="You don't have the permission to access the requested resource. It is either read-protected or not readable by the server."):
+        mc.project_status(project_dir)
+
 

setup.py

@@ -18,7 +18,8 @@
     platforms='any',
     install_requires=[
         'python-dateutil==2.6.0',
-        'pygeodiff==0.7.4'
+        'pygeodiff==0.7.4',
+        'pytz==2019.3'
     ],
 
     test_suite='nose.collector',