Redirect to index after session expiration on /generate

[redshiftzero]

Status

Ready for review

Description of Changes

Fixes #4490.

Previous logic when sessions expire on /generate:

1. On /generate page, codename is added to the session.
2. When expiration occurs, session is cleared.
3. A flashed message indicating that the session has expired
   would be added to the current session (this is done via passing
   _flashes on Flask's session object).
4. Execution enters the view function associated with /create.
   But /create expects codename to be in the session (which was
   cleared in step 2), thus a KeyError will occur.

If you're wondering "but why does step 4 even happen" - it's because we don't immediately redirect to the index when a session expires. When the session expires when the @login_required decorator is on the view function corresponding to the request path, execution doesn't end up entering the view function itself, as the logic in @login_required will redirect the user to the login page if logged_in is not in the session object (and logged_in won't be in the session object, because it gets cleared in step 2).

Logic with this diff when sessions expire on /generate:

1. On /generate page, codename is added to the session
2. When expiration occurs, session is cleared and user is immediately redirected to the index.

Testing

1. Follow STR in Expired Source Interface session causes server error on new session #4490, confirm bug is fixed
2. Revert fix, make sure regression test fails

Deployment

No special instructions (deployed via securedrop-app-code deb)

Checklist

If you made changes to the server application code:

• Linting (make lint) and tests (make -C securedrop test) pass in the development container

If you made non-trivial code changes:

• I have written a test plan and validated it for this PR

[codecov-io]

Codecov Report

Merging #4496 into develop will increase coverage by <.01%.
The diff coverage is n/a.

@@             Coverage Diff             @@
##           develop    #4496      +/-   ##
===========================================
+ Coverage    83.21%   83.22%   +<.01%     
===========================================
  Files           45       45              
  Lines         3069     3070       +1     
  Branches       332      332              
===========================================
+ Hits          2554     2555       +1     
  Misses         430      430              
  Partials        85       85

Impacted Files	Coverage Δ
securedrop/securedrop/source_app/__init__.py	92.63% <0%> (+0.07%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d164ece...7fafd7c. Read the comment docs.

[redshiftzero]

After consideration, I'm going to leave this be, this is a simple fix - I was considering moving the setting of expires on the session from setup_g() to two places in the view functions - login and create - but I don't think it's worth the marginal increase in complexity. Ready for review.

[eloquence]

Can confirm in Docker-based development environment:

• This resolves the issue described in Expired Source Interface session causes server error on new session #4490; expired sessions no longer cause a KeyError upon subsequent attempts to generate a codename. Instead I'm redirected to the index with a helpful error message.
• When the fix is reverted, the regression test in test_source.py fails with a KeyError:

==================================================================================================== FAILURES =====================================================================================================
______________________________________________________________________________________ test_source_session_expiration_create ______________________________________________________________________________________

config = <sdconfig.SDConfig object at 0x7f684ffd7450>, source_app = <Flask 'source_app'>

    def test_source_session_expiration_create(config, source_app):
        with source_app.test_client() as app:
    
            seconds_session_expire = 1
            config.SESSION_EXPIRATION_MINUTES = seconds_session_expire / 60.
    
            # Make codename, and then wait for session to expire.
            resp = app.get(url_for('main.generate'))
            assert resp.status_code == 200
    
            time.sleep(seconds_session_expire + 0.1)
    
            # Now when we click create, the session will have expired.
>           resp = app.post(url_for('main.create'), follow_redirects=True)

tests/test_source.py:690: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python2.7/dist-packages/werkzeug/test.py:840: in post
    return self.open(*args, **kw)
/usr/local/lib/python2.7/dist-packages/flask/testing.py:200: in open
    follow_redirects=follow_redirects
/usr/local/lib/python2.7/dist-packages/werkzeug/test.py:803: in open
    response = self.run_wsgi_app(environ, buffered=buffered)
/usr/local/lib/python2.7/dist-packages/werkzeug/test.py:716: in run_wsgi_app
    rv = run_wsgi_app(self.application, environ, buffered=buffered)
/usr/local/lib/python2.7/dist-packages/werkzeug/test.py:923: in run_wsgi_app
    app_rv = app(environ, start_response)
/usr/local/lib/python2.7/dist-packages/flask/app.py:2309: in __call__
    return self.wsgi_app(environ, start_response)
/usr/local/lib/python2.7/dist-packages/flask/app.py:2295: in wsgi_app
    response = self.handle_exception(e)
/usr/local/lib/python2.7/dist-packages/flask/app.py:1741: in handle_exception
    reraise(exc_type, exc_value, tb)
/usr/local/lib/python2.7/dist-packages/flask/app.py:2292: in wsgi_app
    response = self.full_dispatch_request()
/usr/local/lib/python2.7/dist-packages/flask/app.py:1815: in full_dispatch_request
    rv = self.handle_user_exception(e)
/usr/local/lib/python2.7/dist-packages/flask/app.py:1718: in handle_user_exception
    reraise(exc_type, exc_value, tb)
/usr/local/lib/python2.7/dist-packages/flask/app.py:1813: in full_dispatch_request
    rv = self.dispatch_request()
/usr/local/lib/python2.7/dist-packages/flask/app.py:1799: in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
source_app/main.py:56: in create
    session['codename'])
/usr/local/lib/python2.7/dist-packages/werkzeug/local.py:377: in <lambda>
    __getitem__ = lambda x, i: x._get_current_object()[i]
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <SecureCookieSession {'expires': datetime.datetime(2019, 6, 4, 0, 57, 54, 2503...ou are not using Tor Browser, restart your browser.</p>\n  </div>\n</div>'))]}>, key = 'codename'

    def __getitem__(self, key):
        self.accessed = True
>       return super(SecureCookieSession, self).__getitem__(key)
E       KeyError: 'codename'

/usr/local/lib/python2.7/dist-packages/flask/sessions.py:83: KeyError
---------------------------------------------------------------------------------------------- Captured stdout setup ----------------------------------------------------------------------------------------------
seq  name             file                                                      
---  ---------------  ----------------------------------------------------------
0    main             /tmp/pytest-of-www-data/pytest-0/test_source_session_expir
====================================================================================== 1 failed, 37 passed in 111.80 seconds ======================================================================================

[zenmonkeykstop]

Tested in qubes staging environment:

• Followed STR to confirm bug fixed
• Reverted fix, ran regression test with ./bin/dev-shell bin/run-test -k "test_source_session_expiration_create", confirmed test failed
• Restored fix, ran regression test as above, confirmed test passed.

LGTM!