def get_secure_cookie(self, name): """ Return the signed cookie with the key ``name``, if it exists and has a valid signature. Otherwise, return None. """ if not name in self.cookies: return None try: value, expires, ts, signature = self.cookies[name].value.rsplit('|', 3) expires = int(expires) ts = int(ts) except (AttributeError, ValueError): return None v = base64.b64encode(str(value)) sig = generate_signature(self.connection.server.cookie_secret, expires, ts, v) if signature != sig or ts < time() - expires or ts > time() + expires: return None # Process value vtype = value[:1] if vtype == "j": value = json.loads(value[1:]) elif vtype == "u": value = value[1:].decode("utf-8") else: value = value[1:] return value
def get_secure_cookie(self, name): """ Return the signed cookie with the key ``name`` if it exists and has a valid signature. Otherwise, return None. """ if not name in self.cookies: return None try: value, expires, ts, signature = self.cookies[name].value.rsplit( '|', 3) expires = int(expires) ts = int(ts) except (AttributeError, ValueError): return None v = base64.b64encode(str(value)) sig = generate_signature(self.connection.server.cookie_secret, expires, ts, v) if signature != sig or ts < time() - expires or ts > time() + expires: return None # Process value vtype = value[:1] if vtype == b"j": value = json.loads(value[1:]) elif vtype == b"u": value = value[1:].decode("utf-8") else: value = value[1:] return value
def set_secure_cookie(self, name, value, expires=30*86400, **kwargs): """ Set a timestamp on a cookie and sign it, ensuring that it can't be altered by the client. To use this, the :class:`~pants.http.HTTPServer` *must* have a ``cookie_secret`` set. Cookies set with this function may be read with :func:`~pants.http.HTTPServer.get_secure_cookie`. ========= =========== ============ Argument Default Description ========= =========== ============ name The name of the cookie to set. value The value of the cookie. expires ``2592000`` *Optional.* How long, in seconds, the cookie should last before expiring. The default value is equivalent to 30 days. ========= =========== ============ Additional arguments, such as ``path`` and ``httponly`` may be set by providing them as keyword arguments. """ ts = str(int(time())) v = base64.b64encode(str(value)) signature = generate_signature( self.connection.server.cookie_secret, expires, ts, v) value = "%s|%d|%s|%s" % (value, expires, ts, signature) self.cookies_out[name] = value m = self.cookies_out[name] if kwargs: for k,v in kwargs.iteritems(): m[k] = v m['expires'] = expires
def set_secure_cookie(self, name, value, expires=30 * 86400, **kwargs): """ Set a timestamp on a cookie and sign it, ensuring that it can't be altered by the client. To use this, the :class:`HTTPServer` *must* have a :attr:`~HTTPServer.cookie_secret` set. Cookies set with this function may be read with :meth:`get_secure_cookie`. If the provided value is a dictionary, list, or tuple the value will be serialized into JSON and encoded as UTF-8. Unicode strings will also be encoded as UTF-8. Byte strings will be passed as is. All other types will result in a :class:`TypeError`. ========= =========== ============ Argument Default Description ========= =========== ============ name The name of the cookie to set. value The value of the cookie. expires ``2592000`` *Optional.* How long, in seconds, the cookie should last before expiring. The default value is equivalent to 30 days. ========= =========== ============ Additional arguments, such as ``path`` and ``secure`` may be set by providing them as keyword arguments. The ``HttpOnly`` attribute will be set by default on secure cookies.. """ if isinstance(value, (dict, list, tuple)): value = b"j" + json.dumps(value) elif isinstance(value, unicode): value = b"u" + value.encode("utf-8") elif not isinstance(value, str): raise TypeError("Invalid value for secure cookie: %r" % (value, )) else: value = b"s" + value ts = str(int(time())) v = base64.b64encode(value) signature = generate_signature(self.connection.server.cookie_secret, expires, ts, v) value = "%s|%d|%s|%s" % (value, expires, ts, signature) self.cookies_out[name] = value m = self.cookies_out[name] m['httponly'] = True if kwargs: for k, v in kwargs.iteritems(): if k.lower() == 'httponly' and not v: del m['httponly'] else: m[k] = v m['expires'] = expires
def set_secure_cookie(self, name, value, expires=30*86400, **kwargs): """ Set a timestamp on a cookie and sign it, ensuring that it can't be altered by the client. To use this, the :class:`HTTPServer` *must* have a :attr:`~HTTPServer.cookie_secret` set. Cookies set with this function may be read with :meth:`get_secure_cookie`. If the provided value is a dictionary, list, or tuple the value will be serialized into JSON and encoded as UTF-8. Unicode strings will also be encoded as UTF-8. Byte strings will be passed as is. All other types will result in a :class:`TypeError`. ========= =========== ============ Argument Default Description ========= =========== ============ name The name of the cookie to set. value The value of the cookie. expires ``2592000`` *Optional.* How long, in seconds, the cookie should last before expiring. The default value is equivalent to 30 days. ========= =========== ============ Additional arguments, such as ``path`` and ``secure`` may be set by providing them as keyword arguments. The ``HttpOnly`` attribute will be set by default on secure cookies.. """ if isinstance(value, (dict, list, tuple)): value = b"j" + json.dumps(value) elif isinstance(value, unicode): value = b"u" + value.encode("utf-8") elif not isinstance(value, str): raise TypeError("Invalid value for secure cookie: %r" % (value,)) else: value = b"s" + value ts = str(int(time())) v = base64.b64encode(value) signature = generate_signature( self.connection.server.cookie_secret, expires, ts, v) value = "%s|%d|%s|%s" % (value, expires, ts, signature) self.cookies_out[name] = value m = self.cookies_out[name] m['httponly'] = True if kwargs: for k, v in kwargs.iteritems(): if k.lower() == 'httponly' and not v: del m['httponly'] else: m[k] = v m['expires'] = expires
def set_secure_cookie(self, name, value, expires=30*86400, **kwargs): """ Set a timestamp on a cookie and sign it, ensuring that it can't be altered by the client. To use this, the :class:`~pants.http.HTTPServer` *must* have a ``cookie_secret`` set. Cookies set with this function may be read with :func:`~pants.http.HTTPServer.get_secure_cookie`. If the provided value is a dictionary, list, or tuple the value will be converted to a string with JSON. Other values will be converted to strings using ``str(value)``. ========= =========== ============ Argument Default Description ========= =========== ============ name The name of the cookie to set. value The value of the cookie. expires ``2592000`` *Optional.* How long, in seconds, the cookie should last before expiring. The default value is equivalent to 30 days. ========= =========== ============ Additional arguments, such as ``path`` and ``secure`` may be set by providing them as keyword arguments. The ``HttpOnly`` attribute will be set by default on secure cookies.. """ if isinstance(value, (dict, list, tuple, int, long, float, bool)): value = "j" + json.dumps(value) elif isinstance(value, unicode): value = "u" + value.encode("utf-8") else: value = "s" + str(value) ts = str(int(time())) v = base64.b64encode(value) signature = generate_signature( self.connection.server.cookie_secret, expires, ts, v) value = "%s|%d|%s|%s" % (value, expires, ts, signature) self.cookies_out[name] = value m = self.cookies_out[name] m['httponly'] = True if kwargs: for k, v in kwargs.iteritems(): if k.lower() == 'httponly' and not v: del m['httponly'] else: m[k] = v m['expires'] = expires
def get_secure_cookie(self, name): """ Return the signed cookie with the key ``name``, if it exists and has a valid signature. Otherwise, return None. """ try: value, expires, ts, signature = self.cookies[name].value.split('|') expires = int(expires) ts = int(ts) except (AttributeError, ValueError): return None v = base64.b64encode(str(value)) sig = generate_signature(self.connection.server.cookie_secret, expires, ts, v) if signature != sig or ts < time() - expires or ts > time() + expires: return None return value