def get_nonce(environ): """ Create a nonce that will last about an hour. """ user, host, secret = get_nonce_components(environ) time = datetime.utcnow().strftime('%Y%m%d%H') return gen_nonce(user, host, time, secret)
def _send_safe_mode(environ, start_response): """ Send a form that initiates safe_mode by asking the user to confirm that they want it and then POSTing back to the same URI. XXX: This should maybe be replaced with a tiddler. However, then that tiddler will be visible in spaces and we don't want that. """ environ['tiddlyweb.title'] = 'Confirm Safe Mode' now = datetime.utcnow().strftime('%Y%m%d%H') user, hostname, secret = get_nonce_components(environ) csrf_token = gen_nonce(user, hostname, now, secret) start_response('200 OK', [('Content-Type', 'text/html; charset=UTF-8')]) return [""" <div id='content'><div class='tiddler'> <form method='POST'> <p>Are you sure you wish to run safe mode?</p> <input type="hidden" name="csrf_token" value="%s" /> <input type='submit' value='Yes' /> </form> <p><a href='/'>Return to my Space.</a></p> </div></div> """ % csrf_token]
def _send_safe_mode(environ, start_response): """ Send a form that initiates safe_mode by asking the user to confirm that they want it and then POSTing back to the same URI. """ environ['tiddlyweb.title'] = 'Confirm Safe Mode' now = datetime.utcnow().strftime('%Y%m%d%H') user, hostname, secret = get_nonce_components(environ) csrf_token = gen_nonce(user, hostname, now, secret) start_response('200 OK', [('Content-Type', 'text/html; charset=UTF-8')]) return [""" <div id='content'><div class='tiddler'> <form method='POST'> <p>Are you sure you wish to run safe mode?</p> <input type="hidden" name="csrf_token" value="%s" /> <input type='submit' value='Yes' /> </form> <p><a href='/'>Return to my Space.</a></p> </div></div> """ % csrf_token]