def set_secure_cookie(self, name, value, key=None, timestamp=True, **kwargs):
if key is None:
key = config.get('cookie_secret')
value = str(value)
if timestamp:
value += struct.pack('<I', int(time.time()))
return self.set_cookie(name, crypto.encrypt_string(value, key=key), **kwargs)
def initialize(self):
super(RequestHandler, self).initialize()
self._force_rollback = False
self._session = None
self._force_redirect = None
flash_cookie = self.get_cookie('flash')
if flash_cookie:
self.flash = Flash.load(url_unescape(flash_cookie))
else:
self.flash = Flash()
host = self.request.host.lower()
self.production = (host == 'graffspotting.com' or host.endswith('.graffspotting.com'))
mobile = None
mobile_cookie = self.get_cookie('m', None)
if mobile_cookie is None:
if detect_mobile(self.request.headers.get('User-Agent')):
self.set_cookie('m', '1')
mobile = True
if host == 'graffspotting.com':
self._force_redirect = 'm.graffspotting.com'
return
else:
mobile = False
self.set_cookie('m', '0')
elif host == 'm.graffspotting.com' and mobile_cookie == '0':
self._force_redirect = 'graffspotting.com'
return
elif host == 'graffspotting.com' and mobile_cookie == '1':
self._force_redirect = 'm.graffspotting.com'
return
if mobile is None:
mobile = mobile_cookie == '1'
user_id = self.get_secure_cookie('s')
if user_id:
user_id, = struct.unpack('<I', user_id)
self.user = db.User.by_id(self.session, user_id)
else:
self.user = None
# ensure the user has a unique visitor cookie
if self.get_secure_cookie('v', None) is None:
self.set_secure_cookie('v', os.urandom(10))
self.env = {
'config': config,
'debug': self.settings['debug'],
'esc': url_escape,
'flash': self.flash,
'gmaps_api_key': config.get('gmaps_api_key', 'AIzaSyCTd_7j6ZeXATLOfTvpAqaqCkxM0zFP5Oc'),
'is_error': False,
'mobile': mobile,
'today': datetime.date.today(),
'user': self.user
}
def get_secure_cookie(self, name, default=None, key=None, timestamp=True):
if key is None:
key = config.get('cookie_secret')
val = self.get_cookie(name, default)
if val == default:
return val
try:
val = crypto.decrypt_string(val, key=key)
if timestamp:
val = val[:-struct.calcsize('<I')] # chop off the timestamp
return val
except ValueError:
self.clear_cookie(name)
return default
import base64
import binascii
import hashlib
import os
import struct
from Crypto.Cipher import DES3
from graff import config
crypto_secret = config.get('crypto_secret', None)
if crypto_secret is not None:
crypto_secret = crypto_secret.decode('hex')
elif config.get('memory', False):
default_secret = os.urandom(16)
else:
crypto_secret = '?' * 16
##
# from "tempest"
##
PADDING_CHAR = '\0'
BLOCK_SIZE = DES3.block_size
HASH_SIZE = 8
HALF_HASH_SIZE = 4 # hash size to use for 'half-aligned' buffers
IV_SIZE = 8
BASE64_BLOCK_SIZE = 8
BASE64_PADDING_CHAR = '='
BLOB_LEN_SIZE = 4
import datetime
import hashlib
import os
from sqlalchemy import create_engine, func, Column, ForeignKey
from sqlalchemy.types import Integer, String, Float, DateTime, Boolean
from sqlalchemy.orm import sessionmaker, relationship, backref
from sqlalchemy.ext.declarative import declarative_base
import warnings
from graff import config
from graff import crypto
from graff import geo
if config.get('memory', True):
engine = create_engine('sqlite:///:memory:')
now = func.datetime()
else:
engine = create_engine('mysql+mysqldb://' +
config.get('db_user', 'graff') + ':' +
config.get('db_pass', 'gr4ff') + '@' +
config.get('db_host', '127.0.0.1') + '/' +
config.get('db_schema', 'graff'), pool_recycle=3600)
now = func.now()
Session = sessionmaker(bind=engine)
class _Base(object):
@property
def encid(self):
if hasattr(self, 'secret_key'):
settings = {}
if os.isatty(sys.stdin.fileno()):
import optparse
parser = optparse.OptionParser()
parser.add_option('-c', '--config', help='Path to the config file')
parser.add_option('-d', '--debug', action='store_true', default=False)
parser.add_option('-p', '--port', type='int', default=9000)
parser.add_option('-n', '--num-procs', type='int', default=0)
parser.add_option('--memory', default=False, action='store_true', help='use a sqlite:///:memory: table for the database')
opts, args = parser.parse_args()
config.load_config(opts.config, memory=opts.memory)
config.setdefault('cookie_secret', os.urandom(16) if opts.memory else '----------------')
settings['debug'] = opts.debug
else:
config.load_config(None, memory=False)
assert config.get('cookie_secret') is not None
settings['cookie_secret'] = config.get('cookie_secret')
import tornado.httpserver
import tornado.ioloop
import tornado.web
from graff.handlers import handlers
from graff.ui import modules
def p(name):
return os.path.realpath(os.path.join(os.path.dirname(__file__), '..', name))
settings['static_path'] = p('static')
settings['template_path'] = p('templates')
settings['ui_modules'] = modules
del p
