Python splitTicket Examples

Programming Language: Python

Namespace/Package Name: plone.session.tktauth

Method/Function: splitTicket

Examples at hotexamples.com: 3

Python splitTicket - 3 examples found. These are the top rated real world Python examples of plone.session.tktauth.splitTicket extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: __init__.py Project: pretaweb/pretaweb.plominolib

def decode(secret_key, urlsafe_string, timeout):
    """
    Decode the url safe string and validate with secret key and timeout
    Return tuple of email address and true if it is validate
    """
    now = time.time()
    if not hasattr(urlsafe_string, 'translate'):
        # IE8 passes the key twice in the request
        if hasattr(urlsafe_string[0], 'translate'):
            urlsafe_string = urlsafe_string[0]
    try:
        # What is the minimum we should try?
        ticket = base64.urlsafe_b64decode(urlsafe_string)
        (digest, email, tokens, user_data, timestamp) = tktauth.splitTicket(
            ticket)
        is_validate = tktauth.validateTicket(secret_key, ticket,
                                             timeout=timeout, now=now)
    except (ValueError, TypeError) as e:
        # Log what went wrong.
        email = None
        is_validate = None
    return email, is_validate is not None

Example #2

Show file

File: dataset.py Project: BCCVL/org.bccvl.site

 def check_allowed(self):
     # check if content is protected
     if getattr(self.context, 'downloadable', False):
         # open for download
         return True
     # check if current user has general download permission
     #    this permission overrides the downloadable flag on the context
     if checkPermission('org.bccvl.DownloadDataset', self.context):
         return True
     # check if current user ticket has required token
     # TODO: maybe use local roles? http://docs.plone.org/develop/plone/security/dynamic_roles.html
     # assumes, that the cookie name is __ac and that it has already been
     # verified by PAS
     ticket = binascii.a2b_base64(self.request.get('__ac', '')).strip()
     try:
         (digest, userid, tokens, user_data, timestamp) = splitTicket(ticket)
         if 'org.bccvl.DownloadDataset' in tokens:
             return True
     except ValueError:
         # ignore token parse errors
         pass
     # nothing allows acces, so we deny it
     return False

Example #3

Show file

 def check_allowed(self):
     # check if content is protected
     if getattr(self.context, 'downloadable', False):
         # open for download
         return True
     # check if current user has general download permission
     #    this permission overrides the downloadable flag on the context
     if checkPermission('org.bccvl.DownloadDataset', self.context):
         return True
     # check if current user ticket has required token
     # TODO: maybe use local roles? http://docs.plone.org/develop/plone/security/dynamic_roles.html
     # assumes, that the cookie name is __ac and that it has already been
     # verified by PAS
     ticket = binascii.a2b_base64(self.request.get('__ac', '')).strip()
     try:
         (digest, userid, tokens, user_data, timestamp) = splitTicket(ticket)
         if 'org.bccvl.DownloadDataset' in tokens:
             return True
     except ValueError:
         # ignore token parse errors
         pass
     # nothing allows acces, so we deny it
     return False