def set_user_token(session: Session, username: str) -> str: token = make_token() expires_at = datetime.now() + timedelta(days=1) session.query(User).filter(User.name == username)\ .update({ User.token: token, User.token_expires_at: expires_at }) session.commit() return token
def print_token(username, secret_key, lifetime, permission, aggregation): claims = {} for query_kind, permission_type in permission: if query_kind in claims.keys(): claims[query_kind]["permissions"].append(permission_type) else: claims[query_kind] = { "permissions": [permission_type], "spatial_aggregation": [], } for query_kind, aggregation_type in aggregation: if query_kind in claims.keys(): claims[query_kind]["spatial_aggregation"].append(aggregation_type) else: claims[query_kind] = { "permissions": [], "spatial_aggregation": [aggregation_type], } print(make_token(username, secret_key, timedelta(days=lifetime), claims))
}, "meaningful_locations_aggregate": { "permissions": {"run": True, "poll": True, "get_result": True}, "spatial_aggregation": ["admin3", "admin2", "admin1"], }, "meaningful_locations_between_label_od_matrix": { "permissions": {"run": True, "poll": True, "get_result": True}, "spatial_aggregation": ["admin3", "admin2", "admin1"], }, "geography": { "permissions": {"run": True, "poll": True, "get_result": True}, "spatial_aggregation": ["admin3", "admin2", "admin1"], }, "unique_subscriber_counts": { "permissions": {"run": True, "poll": True, "get_result": True}, "spatial_aggregation": ["admin3", "admin2", "admin1"], }, "location_introversion": { "permissions": {"run": True, "poll": True, "get_result": True}, "spatial_aggregation": ["admin3", "admin2", "admin1"], }, "total_network_objects": { "permissions": {"run": True, "poll": True, "get_result": True}, "spatial_aggregation": ["admin3", "admin2", "admin1"], }, } TOKEN = make_token( username="******", secret_key="secret", lifetime=timedelta(days=1), claims=claims )
def send_form(self, template, **kw): """protection against CSFR attack""" kw['token'] = utils.make_token() self.response.headers.add_header('Set-Cookie', 'token=%s; Path=/' % kw['token']) self.render(template, **kw)