Python is_csrf_secure Examples

Programming Language: Python

Namespace/Package Name: gaecookie.decorator

Method/Function: is_csrf_secure

Examples at hotexamples.com: 4

Python is_csrf_secure - 4 examples found. These are the top rated real world Python examples of gaecookie.decorator.is_csrf_secure extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: middleware.py Project: priscilamelosilva/Membros

 def set_up(self):
     CSRF_TOKEN_COOKIE = 'XSRF-RANDOM'
     CSRF_ANGULAR_COOKIE = 'XSRF-TOKEN'
     CSRF_ANGULAR_AJAX_HEADER = 'X-XSRF-TOKEN'
     csrf_code = facade.retrive_cookie_data(
         self.handler.request, CSRF_TOKEN_COOKIE).execute().result
     if csrf_code:
         if self.handler.request.method != 'GET':
             angular_cookie_value = self.handler.request.headers.get(
                 CSRF_ANGULAR_AJAX_HEADER)
             if csrf_code == angular_cookie_value:
                 return False
             form_input = self.dependencies.get(CSRF_CODE_KEY)
             if csrf_code == form_input:
                 return False
     else:
         csrf_code = urandom(16).encode('hex')
         facade.write_cookie(self.handler.response, CSRF_TOKEN_COOKIE,
                             csrf_code).execute()
         self.handler.response.set_cookie(CSRF_ANGULAR_COOKIE, csrf_code)
     fcn = self.dependencies['_fcn']
     self.dependencies[CSRF_CODE_KEY] = csrf_code
     is_secure = is_csrf_secure(fcn)
     if is_secure:
         self.handler.response.status = '403 forbiden access'
         self.handler.response.write('Forbiden access')
     return is_secure

Example #2

Show file

File: decorator_tests.py Project: renzon/gaecookie

    def test_unsecure_function(self):
        @no_csrf
        def unsecure():
            self.executed = True

        self.assertFalse(is_csrf_secure(unsecure))
        unsecure()
        self.assertTrue(self.executed)

Example #3

Show file

File: middleware.py Project: GuidoBR/learning-python

 def set_up(self):
     CSRF_TOKEN_COOKIE = 'XSRF-RANDOM'
     CSRF_ANGULAR_COOKIE = 'XSRF-TOKEN'
     CSRF_ANGULAR_AJAX_HEADER = 'X-XSRF-TOKEN'
     csrf_code = facade.retrive_cookie_data(self.handler.request, CSRF_TOKEN_COOKIE).execute().result
     if csrf_code:
         if self.handler.request.method != 'GET':
             angular_cookie_value = self.handler.request.headers.get(CSRF_ANGULAR_AJAX_HEADER)
             if csrf_code == angular_cookie_value:
                 return False
             form_input = self.dependencies.get(CSRF_CODE_KEY)
             if csrf_code == form_input:
                 return False
     else:
         csrf_code = urandom(16).encode('hex')
         facade.write_cookie(self.handler.response, CSRF_TOKEN_COOKIE, csrf_code).execute()
         self.handler.response.set_cookie(CSRF_ANGULAR_COOKIE, csrf_code)
     fcn = self.dependencies['_fcn']
     self.dependencies[CSRF_CODE_KEY] = csrf_code
     is_secure = is_csrf_secure(fcn)
     if is_secure:
         self.handler.response.status = '403 forbiden access'
         self.handler.response.write('Forbiden access')
     return is_secure

Example #4

Show file

File: decorator_tests.py Project: renzon/gaecookie

    def test_secure_function(self):
        def secure():
            pass

        self.assertTrue(is_csrf_secure(secure))