def create_token(self, session_id, session_key, end_date=None, token_expire_seconds=None):
session_key_256 = make_sha256(session_key)
# Delete all active tokens
self.delete_session_key_tokens(session_key_256)
token = '%s-%s' % (session_id, make_unique_hash(length=70))
token_256 = make_sha256(token)
data = {
'lock_key': make_token_lock(self.request, token, session_id),
'session_id': session_id,
'session_key': session_key_256}
if end_date:
data['end_date'] = date_to_timestamp(end_date)
if token_expire_seconds:
data['token_expire_seconds'] = int(token_expire_seconds)
info = compact_dump(data)
# Save token
file_path = self.get_token_file_path(token_256)
put_binary_on_file(file_path, info)
# Save reference
reference_path = self.get_reference_file_path(session_key_256)
put_binary_on_file(reference_path, token_256 + NEW_LINE, mode='ab')
return token
def make_unique_hash():
key = '.'.join((
uuid4().hex,
str(NOW_DATE()),
str(PROCESS_ID),
str(DOMAIN_NAME)))
return make_sha256(key)
def make_token_lock(request, token, session_id):
return make_sha256(
bytes_join(
'-',
[to_unicode(request.user_agent or ''),
to_unicode(request.ip_address),
to_unicode(token),
to_unicode(session_id)]))
def get_token_authorization(self, token):
if token and '-' in token:
token_256 = make_sha256(token)
file_path = self.get_token_file_path(token_256)
last_read_time = last_read_file_time(file_path)
if last_read_time:
info = self.get_token_info(token_256)
if info:
now = NOW_TIME()
token_expire_seconds = info.get('token_expire_seconds') or self.token_expire_seconds
expire = last_read_time + token_expire_seconds
end_date = info.get('end_date')
if expire > now and (not end_date or end_date > now):
token_lock = make_token_lock(self.request, token, info['session_id'])
valid_token = compare_digest(info['lock_key'], token_lock)
valid_session_id = compare_digest(info['session_id'], token.split('-', 1)[0])
if valid_token and valid_session_id:
return info['session_id']
# Compromised or ended! Force revalidation
self.delete_session_key_tokens(info['session_key'])
def unlock(self, name):
name_256 = make_sha256(name)
pattern_name = name_256 + '.'
folder_path = join_paths(self.path, name_256[0])
# Lookup for locked positions
files = []
for filename in get_dir_filenames(folder_path):
if filename.startswith(pattern_name):
position = int(filename.split('.', 1)[1])
files.append((position, filename))
if files:
files.sort()
for position, filename in files:
file_path = join_paths(folder_path, filename)
if remove_file(
file_path,
retries=self.retries,
retry_errno=self.retry_errno):
return True
# If no position found, delete base lock
return remove_file_quietly(self.get_file_path(name), retries=self.retries, retry_errno=self.retry_errno)
def format_name(self, name):
return to_bytes(make_sha256(name))
def get_reference_path(self, name):
first_name = name.split(' ', 1)[0]
first_name_256 = make_sha256(first_name)
return join_paths(self.reference_path, first_name_256[0], first_name_256)
def get_file_path(self, name):
name_256 = make_sha256(name)
return join_paths(self.path, name_256[0], name_256)
def format_position_name(self, name_256, position):
name = '%s.%s' % (name_256, position)
return to_bytes(make_sha256(name))
def format_name(self, name):
return to_bytes(make_sha256('locks %s' % name))
def make_token_lock(request, token, session_id):
return make_sha256('-'.join((request.user_agent or '', request.ip_address, token, session_id)))
def expire_session_key_with_token(self, token):
token_256 = make_sha256(token)
token_info = self.get_token_info(token_256)
if token_info:
self.delete_session_key_tokens(token_info['session_key'])
return token_info
