def test_random_token():
random_data = (
b"\xc3_.S\x17u\xa0_b\xa8P\xd9\xe0|j\xe0#\xb9\x9f\xef\x11\xdb\xdf\xf6"
b"\xa1\xd9[R\xd6\xde'\xef")
urandom = pretend.call_recorder(lambda size: random_data)
assert (random_token(
_urandom=urandom) == "w18uUxd1oF9iqFDZ4Hxq4CO5n-8R29_2odlbUtbeJ-8")
assert urandom.calls == [pretend.call(32)]
def test_random_token():
random_data = (
b"\xc3_.S\x17u\xa0_b\xa8P\xd9\xe0|j\xe0#\xb9\x9f\xef\x11\xdb\xdf\xf6"
b"\xa1\xd9[R\xd6\xde'\xef"
)
urandom = pretend.call_recorder(lambda size: random_data)
assert (random_token(_urandom=urandom)
== "w18uUxd1oF9iqFDZ4Hxq4CO5n-8R29_2odlbUtbeJ-8")
assert urandom.calls == [pretend.call(32)]
def _ensure_csrf_token(request):
# Store a token in the session if one doesn't exist there already
# Note: We have to use the private request._session because
# request.session is not guaranteed to exist when this function is
# called.
if not request._session.get("user.csrf"):
request._session["user.csrf"] = random_token()
# Store the fact that CSRF is in use for this request on the request
request._csrf = True
def _ensure_csrf_token(request):
# Store a token in the session if one doesn't exist there already
# Note: We have to use the private request._session because
# request.session is not guaranteed to exist when this function is
# called.
if not request._session.get("user.csrf"):
request._session["user.csrf"] = random_token()
# Store the fact that CSRF is in use for this request on the request
request._csrf = True
def csrf_cycle(session):
# Store a token in the session if one doesn't exist there already
# Note: We have to use the session inside of the environ dictionary
# because request.session does not exist when this function runs
session["user.csrf"] = random_token()
def csrf_cycle(session):
# Store a token in the session if one doesn't exist there already
# Note: We have to use the session inside of the environ dictionary
# because request.session does not exist when this function runs
session["user.csrf"] = random_token()
