def test_encrypt_then_decrypt_multi(mocked_os_urandom, key): d = {'username': '******', 'role': u'admin', 'expiration': 1404737752.972032} for cnt in xrange(200): d[str(cnt)] = cnt enc = encrypt_cookie(key, d) dec = decrypt_cookie(key, enc) assert d == dec
def test_encrypt_then_decrypt_multi(mocked_os_urandom, key): d = {'username': '******', 'role': u'admin', 'expiration': 1404737752.972032} for cnt in xrange(200): d[str(cnt)] = cnt enc = encrypt_cookie(key, d) dec = decrypt_cookie(key, enc) assert d == dec
def _require(role='readonly'): """Ensure the user has the required role (or higher). Order is: admin > editor > readonly :returns: session """ m = {'admin': 15, 'editor': 10, 'readonly': 5} try: enc = bottle.request.get_cookie('fireletd') s = decrypt_cookie(session_random_key, enc) except Exception as e: raise AuthAlert("Expired or invalid cookie.") expiration = s['expiration'] now = time.time() if expiration < now: bottle.response.delete_cookie('fireletd') raise AuthAlert("Expired cookie.") if expiration < now + (SESSION_DURATION / 2): # Renew expiration by refreshing the cookie setup_session_cookie(s['username'], s['role']) if not s: log.warn("User needs to be authenticated.") # TODO: not really explanatory in a multiuser session. raise AuthAlert("User needs to be authenticated.") myrole = s.get('role', None) if not myrole: raise AuthAlert("User needs to be authenticated.") if m[myrole] >= m[role]: return s log.info("An account with %r level or higher is required.", role) raise AuthAlert("Insufficient access permissions.")
def _require(role='readonly'): """Ensure the user has the required role (or higher). Order is: admin > editor > readonly :returns: session """ m = {'admin': 15, 'editor': 10, 'readonly': 5} try: enc = bottle.request.get_cookie('fireletd') s = decrypt_cookie(session_random_key, enc) except Exception as e: raise AuthAlert("Expired or invalid cookie.") expiration = s['expiration'] now = time.time() if expiration < now: bottle.response.delete_cookie('fireletd') raise AuthAlert("Expired cookie.") if expiration < now + (SESSION_DURATION / 2): # Renew expiration by refreshing the cookie setup_session_cookie(s['username'], s['role']) if not s: log.warn("User needs to be authenticated.") # TODO: not really explanatory in a multiuser session. raise AuthAlert("User needs to be authenticated.") myrole = s.get('role', None) if not myrole: raise AuthAlert("User needs to be authenticated.") if m[myrole] >= m[role]: return s log.info("An account with %r level or higher is required.", role) raise AuthAlert("Insufficient access permissions.")
def test_encrypt_then_decrypt(mocked_os_urandom, key): d = dict(longvalue="longstring" * 33, a=1, b=2, c=3) enc = encrypt_cookie(key, d) dec = decrypt_cookie(key, enc) assert d == dec
def test_decrypt_cookie(mocked_os_urandom, key, encrypted_cookie): d = decrypt_cookie(key, encrypted_cookie) assert d == dict(a=1, b='two', c='\0')
def test_encrypt_then_decrypt(mocked_os_urandom, key): d = dict(longvalue="longstring" * 33, a=1, b=2, c=3) enc = encrypt_cookie(key, d) dec = decrypt_cookie(key, enc) assert d == dec
def test_decrypt_cookie(mocked_os_urandom, key, encrypted_cookie): d = decrypt_cookie(key, encrypted_cookie) assert d == dict(a=1, b='two', c='\0')