Exemple #1
0
def verifyredditcodeposted(request):
    code = request.POST['code']
    sig = request.POST['sig']
    if code != tornado_cookies.validate_cookie('code', sig):
        log.error("verifyredditcodeposted signature failed with (code, sig)", code, sig)
        raise ValueError('Invalid signature')
    content = get_reddit_content()
    comments = content[1]['data']['children']
    comments_with_code = []
    for c in comments:
        try:
            if code in c['data']['body']:
                comments_with_code.append(c)
        except KeyError:
            log.debug("verifyredditcodeposted could not parse comment", c)
            continue
    if not comments_with_code:
        log.debug("verifyredditcodeposted found no comment with code", code)
        return dict(success=False)
    comments_with_code.sort(key=lambda x:x['data']['created_utc'])
    original_comment = comments_with_code[0]
    username = original_comment['data']['author']
    return dict(success=True, 
                username=username,
                usersig=tornado_cookies.generate_secure_cookie('username', username))
Exemple #2
0
 def process_response(self, request, response):
     if not hasattr(request, 'user'):
         # Can happen on redirects?
         return response
     if request.user.is_authenticated():
         u = request.user
         value = ','.join(['auth', str(u.id), u.username])
         value = tornado_cookies.generate_secure_cookie(USER_INFO_COOKIE, value)
         response.set_cookie(USER_INFO_COOKIE, value)
     else:
         response.delete_cookie(USER_INFO_COOKIE)
     return response
Exemple #3
0
def getauth(request):
    from core.cookies import SECURE_SESSION_COOKIE
    # Get user info for response
    u = request.user
    if not u.is_authenticated():
        response = None
    else:
        response = {
            'remote_id': u.username
        }
    response = json_response(response)

    # Set session cookies
    request.session.set_test_cookie() # easy way to ensure session exists -- necessary?
    ss_val = tornado_cookies.generate_secure_cookie(SECURE_SESSION_COOKIE, request.session.session_key)
    response.set_cookie(SECURE_SESSION_COOKIE, ss_val)

    global_readable = get_permission(request, response, global_room, 'r')
    assert global_readable
    return response
Exemple #4
0
def redditcode(request):
    code = ''.join([random.choice(CODE_CHARS) for x in xrange(16)])
    return json_response({
        'code': code,
        'sig': tornado_cookies.generate_secure_cookie('code', code)
    })
Exemple #5
0
def _set_cached_perm_level(response, cookie_name, perm_level):
    assert perm_level in ('r', 'w')
    cookie_val = generate_secure_cookie(cookie_name, perm_level)
    response.set_cookie(cookie_name, cookie_val)