Beispiel #1
0
def test_validate_key():
    from permissions import validate_key
    import config
    
    key1 = sha1(config.ACCESS_CONTROL_KEY + \
                datetime.utcnow().strftime('%Y%m%d%H')).hexdigest()
    assert validate_key(key1)

    hour_ago = datetime.utcnow() - timedelta(hours=1)
    key2 = sha1(config.ACCESS_CONTROL_KEY + \
                hour_ago.strftime('%Y%m%d%H')).hexdigest()
    assert validate_key(key2)

    hours_ago = datetime.utcnow() - timedelta(hours=2)
    key3 = sha1(config.ACCESS_CONTROL_KEY + \
                hours_ago.strftime('%Y%m%d%H')).hexdigest()
    assert not validate_key(key3)

    hour_forward = datetime.utcnow() + timedelta(hours=1)
    key4 = sha1(config.ACCESS_CONTROL_KEY + \
                hours_ago.strftime('%Y%m%d%H')).hexdigest()
    assert not validate_key(key4)

    key5 = sha1(config.ACCESS_CONTROL_KEY + 'something' + \
                datetime.utcnow().strftime('%Y%m%d%H')).hexdigest()
    assert not validate_key(key5)
Beispiel #2
0
 def dispatch_request(self, request):
     if not validate_key(request.args.get('key', '')):
         raise Forbidden
     endpoint, kw = self.url_map.bind_to_environ(request.environ).match()
     return getattr(self, endpoint)(request, **kw)