From dfd1ca4ae9cc8d4adef12057835b5aa5993bb4b1 Mon Sep 17 00:00:00 2001
From: Matthew Jones <mat@matburt.net>
Date: Tue, 15 Dec 2015 15:37:26 -0500
Subject: [PATCH] Relocate AUTH_TOKEN_* settings reference

---
 awx/api/authentication.py       | 4 ++--
 awx/api/views.py                | 2 +-
 awx/main/middleware.py          | 3 ++-
 awx/main/models/organization.py | 9 +++++----
 awx/main/tests/users.py         | 3 ++-
 5 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/awx/api/authentication.py b/awx/api/authentication.py
index 72dccc61f4..85ad62963e 100644
--- a/awx/api/authentication.py
+++ b/awx/api/authentication.py
@@ -15,7 +15,7 @@ from rest_framework import HTTP_HEADER_ENCODING
 
 # AWX
 from awx.main.models import UnifiedJob, AuthToken
-
+from awx.main.conf import tower_settings
 
 class TokenAuthentication(authentication.TokenAuthentication):
     '''
@@ -90,7 +90,7 @@ class TokenAuthentication(authentication.TokenAuthentication):
 
         # Token invalidated due to session limit config being reduced
         # Session limit reached invalidation will also take place on authentication
-        if settings.AUTH_TOKEN_PER_USER != -1:
+        if tower_settings.AUTH_TOKEN_PER_USER != -1:
             if not token.in_valid_tokens(now=now):
                 token.invalidate(reason='limit_reached')
                 raise exceptions.AuthenticationFailed(AuthToken.reason_long('limit_reached'))
diff --git a/awx/api/views.py b/awx/api/views.py
index a307144ed4..b1c65f2f23 100644
--- a/awx/api/views.py
+++ b/awx/api/views.py
@@ -595,7 +595,7 @@ class AuthTokenView(APIView):
             # Note: This header is normally added in the middleware whenever an
             # auth token is included in the request header.
             headers = {
-                'Auth-Token-Timeout': int(settings.AUTH_TOKEN_EXPIRATION)
+                'Auth-Token-Timeout': int(tower_settings.AUTH_TOKEN_EXPIRATION)
             }
             return Response({'token': token.key, 'expires': token.expires}, headers=headers)
         return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
diff --git a/awx/main/middleware.py b/awx/main/middleware.py
index 3377ec8cb6..39e8bc7565 100644
--- a/awx/main/middleware.py
+++ b/awx/main/middleware.py
@@ -15,6 +15,7 @@ from django.conf import settings
 
 from awx import __version__ as version
 from awx.main.models import ActivityStream, Instance
+from awx.main.comf import tower_settings
 from awx.api.authentication import TokenAuthentication
 
 
@@ -117,6 +118,6 @@ class AuthTokenTimeoutMiddleware(object):
         if not TokenAuthentication._get_x_auth_token_header(request):
             return response
 
-        response['Auth-Token-Timeout'] = int(settings.AUTH_TOKEN_EXPIRATION)
+        response['Auth-Token-Timeout'] = int(tower_settings.AUTH_TOKEN_EXPIRATION)
         return response
         
diff --git a/awx/main/models/organization.py b/awx/main/models/organization.py
index f20f69f70b..0462902c75 100644
--- a/awx/main/models/organization.py
+++ b/awx/main/models/organization.py
@@ -18,6 +18,7 @@ from django.utils.translation import ugettext_lazy as _
 # AWX
 from awx.main.fields import AutoOneToOneField
 from awx.main.models.base import * # noqa
+from awx.main.conf import tower_settings
 
 __all__ = ['Organization', 'Team', 'Permission', 'Profile', 'AuthToken']
 
@@ -242,7 +243,7 @@ class AuthToken(BaseModel):
         if not now:
             now = tz_now()
         if not self.pk or not self.is_expired(now=now):
-            self.expires = now + datetime.timedelta(seconds=settings.AUTH_TOKEN_EXPIRATION)
+            self.expires = now + datetime.timedelta(seconds=tower_settings.AUTH_TOKEN_EXPIRATION)
             if save:
                 self.save()
 
@@ -259,12 +260,12 @@ class AuthToken(BaseModel):
         if now is None:
             now = tz_now()
         invalid_tokens = AuthToken.objects.none()
-        if settings.AUTH_TOKEN_PER_USER != -1:
+        if tower_settings.AUTH_TOKEN_PER_USER != -1:
             invalid_tokens = AuthToken.objects.filter(
                 user=user,
                 expires__gt=now,
                 reason='',
-            ).order_by('-created')[settings.AUTH_TOKEN_PER_USER:]
+            ).order_by('-created')[tower_settings.AUTH_TOKEN_PER_USER:]
         return invalid_tokens
 
     def generate_key(self):
@@ -293,7 +294,7 @@ class AuthToken(BaseModel):
         valid_n_tokens_qs = self.user.auth_tokens.filter(
             expires__gt=now,
             reason='',
-        ).order_by('-created')[0:settings.AUTH_TOKEN_PER_USER]
+        ).order_by('-created')[0:tower_settings.AUTH_TOKEN_PER_USER]
         valid_n_tokens = valid_n_tokens_qs.values_list('key', flat=True)
 
         return bool(self.key in valid_n_tokens)
diff --git a/awx/main/tests/users.py b/awx/main/tests/users.py
index 322c73c522..1ce2c648c8 100644
--- a/awx/main/tests/users.py
+++ b/awx/main/tests/users.py
@@ -16,6 +16,7 @@ from django.test.utils import override_settings
 # AWX
 from awx.main.models import * # noqa
 from awx.main.tests.base import BaseTest
+from awx.main.conf import tower_settings
 
 __all__ = ['AuthTokenTimeoutTest', 'AuthTokenLimitTest', 'AuthTokenProxyTest', 'UsersTest', 'LdapTest']
 
@@ -38,7 +39,7 @@ class AuthTokenTimeoutTest(BaseTest):
 
         response = self._generic_rest(dashboard_url, expect=200, method='get', return_response_object=True, client_kwargs=kwargs)
         self.assertIn('Auth-Token-Timeout', response)
-        self.assertEqual(response['Auth-Token-Timeout'], str(settings.AUTH_TOKEN_EXPIRATION))
+        self.assertEqual(response['Auth-Token-Timeout'], str(tower_settings.AUTH_TOKEN_EXPIRATION))
 
 class AuthTokenLimitTest(BaseTest):
     def setUp(self):