def test_nonces_dont_keep_growing(self): u = self.make_user('*****@*****.**') # Subsequent calls for make_for overwrite existing nonce # values of the same type. value1 = UserNonce.make_for(u, "type1").value value2 = UserNonce.make_for(u, "type1").value self.assertNotEquals(value1, value2) self.assertEquals(1, UserNonce.all().ancestor(u).count())
def validate_signature_for(self, user_data): nonce_entity = UserNonce.get_for(user_data, "https_transfer") if nonce_entity is None: return False nonce = nonce_entity.value expected = BaseSecureToken.sign_payload(user_data, self.timestamp, nonce) return expected == self.signature
def make_token_signature(user_data, timestamp): if not user_data.credential_version: raise TokenError("Can't make password reset token for " "user with no password.") nonce = UserNonce.make_for(user_data, "pw_reset").value return BaseSecureToken.sign_payload(user_data, timestamp, nonce, user_data.credential_version)
def validate_signature_for(self, user_data): nonce_entity = UserNonce.get_for(user_data, "pw_reset") if nonce_entity is None: return False nonce = nonce_entity.value expected = BaseSecureToken.sign_payload(user_data, self.timestamp, nonce, user_data.credential_version) return expected == self.signature
def test_nonce_values_are_user_specific(self): bob = self.make_user('*****@*****.**') joe = self.make_user('*****@*****.**') UserNonce.make_for(bob, "type") self.assertTrue(UserNonce.get_for(joe, "type") is None)
def test_nonce_types_distinct(self): u = self.make_user('*****@*****.**') type1 = UserNonce.make_for(u, "type1") self.assertTrue(UserNonce.get_for(u, "type2") is None) self.assertEquals(type1.value, UserNonce.get_for(u, "type1").value)
def make_token_signature(user_data, timestamp): nonce = UserNonce.make_for(user_data, "https_transfer").value return BaseSecureToken.sign_payload(user_data, timestamp, nonce)