Exemple #1
0
    def test_cookie_encoding(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'deterministic'

        # COOKIE = u'1|7d276051c1eec578ed86f6b8478f7f7d803a7970'

        # Due to the restriction of 80 chars I have to break up the hash in two
        h1 = u'0e9e6e9855fbe6df7906ec4737578a1d491b38d3fd5246c1561016e189d6516'
        h2 = u'043286501ca43257c938e60aad77acec5ce916b94ca9d00c0bb6f9883ae4b82'
        h3 = u'ae'
        COOKIE = u'1|' + h1 + h2 + h3

        with app.test_request_context():
            self.assertEqual(COOKIE, encode_cookie(u'1'))
            self.assertEqual(u'1', decode_cookie(COOKIE))
            self.assertIsNone(decode_cookie(u'Foo|BAD_BASH'))
            self.assertIsNone(decode_cookie(u'no bar'))
Exemple #2
0
    def test_cookie_encoding(self):
        app = Flask(__name__)
        app.config['SECRET_KEY'] = 'deterministic'

        # COOKIE = u'1|7d276051c1eec578ed86f6b8478f7f7d803a7970'

        # Due to the restriction of 80 chars I have to break up the hash in two
        h1 = u'0e9e6e9855fbe6df7906ec4737578a1d491b38d3fd5246c1561016e189d6516'
        h2 = u'043286501ca43257c938e60aad77acec5ce916b94ca9d00c0bb6f9883ae4b82'
        h3 = u'ae'
        COOKIE = u'1|' + h1 + h2 + h3

        with app.test_request_context():
            self.assertEqual(COOKIE, encode_cookie(u'1'))
            self.assertEqual(u'1', decode_cookie(COOKIE))
            self.assertIsNone(decode_cookie(u'Foo|BAD_BASH'))
            self.assertIsNone(decode_cookie(u'no bar'))
Exemple #3
0
 def _check_session(user, request, api=False):
     """Check if the session is in the db"""
     if user and not session_manager.session_in_db():  # pragma: no cover
         login = getattr(user, 'name', None)
         if login and not is_uuid(login):
             remember = session.get('persistent', False)
             if not remember:
                 from flask_login import decode_cookie
                 remember_cookie = request.cookies.get(
                     app.config.get('REMEMBER_COOKIE_NAME'), False)
                 # check if the remember_cookie is legit
                 if remember_cookie and decode_cookie(remember_cookie):
                     remember = True
             session_manager.store_session(
                 login, request.remote_addr,
                 request.headers.get('User-Agent'), remember, api)
         elif login:
             app.uhandler.remove(login)
Exemple #4
0
 def _check_session(user, request, api=False):
     """Check if the session is in the db"""
     if user and not session_manager.session_in_db():  # pragma: no cover
         login = getattr(user, 'name', None)
         if login and not is_uuid(login):
             remember = session.get('persistent', False)
             if not remember:
                 from flask_login import decode_cookie
                 remember_cookie = request.cookies.get(
                     app.config.get('REMEMBER_COOKIE_NAME'),
                     False
                 )
                 # check if the remember_cookie is legit
                 if remember_cookie and decode_cookie(remember_cookie):
                     remember = True
             session_manager.store_session(
                 login,
                 request.remote_addr,
                 request.headers.get('User-Agent'),
                 remember,
                 api
             )
         elif login:
             app.uhandler.remove(login)