def test_manipulated_cookie(self):
        request = get_request()
        storage = self.get_storage()('wizard1', request, None)

        cookie_signer = signing.get_cookie_signer(storage.prefix)

        storage.request.COOKIES[storage.prefix] = cookie_signer.sign(
            storage.encoder.encode({'key1': 'value1'}))

        self.assertEqual(storage.load_data(), {'key1': 'value1'})

        storage.request.COOKIES[storage.prefix] = 'i_am_manipulated'
        self.assertRaises(SuspiciousOperation, storage.load_data)
    def test_reset_cookie(self):
        request = get_request()
        storage = self.get_storage()('wizard1', request, None)

        storage.data = {'key1': 'value1'}

        response = HttpResponse()
        storage.update_response(response)

        cookie_signer = signing.get_cookie_signer(storage.prefix)
        signed_cookie_data = cookie_signer.sign(storage.encoder.encode(storage.data))
        self.assertEqual(response.cookies[storage.prefix].value, signed_cookie_data)

        storage.init_data()
        storage.update_response(response)
        unsigned_cookie_data = cookie_signer.unsign(response.cookies[storage.prefix].value)
        self.assertEqual(unsigned_cookie_data, '{"step_files":{},"step":null,"extra_data":{},"step_data":{}}')
Exemple #3
0
 def get_signed_cookie(self, key, default=RAISE_ERROR, salt='', max_age=None):
     """
     Attempts to return a signed cookie. If the signature fails or the
     cookie has expired, raises an exception... unless you provide the
     default argument in which case that value will be returned instead.
     """
     try:
         cookie_value = self.COOKIES[key]
     except KeyError:
         if default is not RAISE_ERROR:
             return default
         else:
             raise
     try:
         value = signing.get_cookie_signer(salt=key + salt).unsign(
             cookie_value, max_age=max_age)
     except signing.BadSignature:
         if default is not RAISE_ERROR:
             return default
         else:
             raise
     return value
Exemple #4
0
 def set_signed_cookie(self, key, value, salt='', **kwargs):
     value = signing.get_cookie_signer(salt=key + salt).sign(value)
     return self.set_cookie(key, value, **kwargs)