def test_encrypt_then_decrypt_multi(mocked_os_urandom, key):
d = {'username': '******', 'role': u'admin', 'expiration': 1404737752.972032}
for cnt in xrange(200):
d[str(cnt)] = cnt
enc = encrypt_cookie(key, d)
dec = decrypt_cookie(key, enc)
assert d == dec
def test_encrypt_then_decrypt_multi(mocked_os_urandom, key):
d = {'username': '******', 'role': u'admin', 'expiration': 1404737752.972032}
for cnt in xrange(200):
d[str(cnt)] = cnt
enc = encrypt_cookie(key, d)
dec = decrypt_cookie(key, enc)
assert d == dec
def _require(role='readonly'):
"""Ensure the user has the required role (or higher).
Order is: admin > editor > readonly
:returns: session
"""
m = {'admin': 15, 'editor': 10, 'readonly': 5}
try:
enc = bottle.request.get_cookie('fireletd')
s = decrypt_cookie(session_random_key, enc)
except Exception as e:
raise AuthAlert("Expired or invalid cookie.")
expiration = s['expiration']
now = time.time()
if expiration < now:
bottle.response.delete_cookie('fireletd')
raise AuthAlert("Expired cookie.")
if expiration < now + (SESSION_DURATION / 2):
# Renew expiration by refreshing the cookie
setup_session_cookie(s['username'], s['role'])
if not s:
log.warn("User needs to be authenticated.")
# TODO: not really explanatory in a multiuser session.
raise AuthAlert("User needs to be authenticated.")
myrole = s.get('role', None)
if not myrole:
raise AuthAlert("User needs to be authenticated.")
if m[myrole] >= m[role]:
return s
log.info("An account with %r level or higher is required.", role)
raise AuthAlert("Insufficient access permissions.")
def _require(role='readonly'):
"""Ensure the user has the required role (or higher).
Order is: admin > editor > readonly
:returns: session
"""
m = {'admin': 15, 'editor': 10, 'readonly': 5}
try:
enc = bottle.request.get_cookie('fireletd')
s = decrypt_cookie(session_random_key, enc)
except Exception as e:
raise AuthAlert("Expired or invalid cookie.")
expiration = s['expiration']
now = time.time()
if expiration < now:
bottle.response.delete_cookie('fireletd')
raise AuthAlert("Expired cookie.")
if expiration < now + (SESSION_DURATION / 2):
# Renew expiration by refreshing the cookie
setup_session_cookie(s['username'], s['role'])
if not s:
log.warn("User needs to be authenticated.")
# TODO: not really explanatory in a multiuser session.
raise AuthAlert("User needs to be authenticated.")
myrole = s.get('role', None)
if not myrole:
raise AuthAlert("User needs to be authenticated.")
if m[myrole] >= m[role]:
return s
log.info("An account with %r level or higher is required.", role)
raise AuthAlert("Insufficient access permissions.")
def test_encrypt_then_decrypt(mocked_os_urandom, key):
d = dict(longvalue="longstring" * 33, a=1, b=2, c=3)
enc = encrypt_cookie(key, d)
dec = decrypt_cookie(key, enc)
assert d == dec
def test_decrypt_cookie(mocked_os_urandom, key, encrypted_cookie):
d = decrypt_cookie(key, encrypted_cookie)
assert d == dict(a=1, b='two', c='\0')
def test_encrypt_then_decrypt(mocked_os_urandom, key):
d = dict(longvalue="longstring" * 33, a=1, b=2, c=3)
enc = encrypt_cookie(key, d)
dec = decrypt_cookie(key, enc)
assert d == dec
def test_decrypt_cookie(mocked_os_urandom, key, encrypted_cookie):
d = decrypt_cookie(key, encrypted_cookie)
assert d == dict(a=1, b='two', c='\0')
