def test_validate_key():
from permissions import validate_key
import config
key1 = sha1(config.ACCESS_CONTROL_KEY + \
datetime.utcnow().strftime('%Y%m%d%H')).hexdigest()
assert validate_key(key1)
hour_ago = datetime.utcnow() - timedelta(hours=1)
key2 = sha1(config.ACCESS_CONTROL_KEY + \
hour_ago.strftime('%Y%m%d%H')).hexdigest()
assert validate_key(key2)
hours_ago = datetime.utcnow() - timedelta(hours=2)
key3 = sha1(config.ACCESS_CONTROL_KEY + \
hours_ago.strftime('%Y%m%d%H')).hexdigest()
assert not validate_key(key3)
hour_forward = datetime.utcnow() + timedelta(hours=1)
key4 = sha1(config.ACCESS_CONTROL_KEY + \
hours_ago.strftime('%Y%m%d%H')).hexdigest()
assert not validate_key(key4)
key5 = sha1(config.ACCESS_CONTROL_KEY + 'something' + \
datetime.utcnow().strftime('%Y%m%d%H')).hexdigest()
assert not validate_key(key5)
def dispatch_request(self, request):
if not validate_key(request.args.get('key', '')):
raise Forbidden
endpoint, kw = self.url_map.bind_to_environ(request.environ).match()
return getattr(self, endpoint)(request, **kw)
