def test_validate_key(): from permissions import validate_key import config key1 = sha1(config.ACCESS_CONTROL_KEY + \ datetime.utcnow().strftime('%Y%m%d%H')).hexdigest() assert validate_key(key1) hour_ago = datetime.utcnow() - timedelta(hours=1) key2 = sha1(config.ACCESS_CONTROL_KEY + \ hour_ago.strftime('%Y%m%d%H')).hexdigest() assert validate_key(key2) hours_ago = datetime.utcnow() - timedelta(hours=2) key3 = sha1(config.ACCESS_CONTROL_KEY + \ hours_ago.strftime('%Y%m%d%H')).hexdigest() assert not validate_key(key3) hour_forward = datetime.utcnow() + timedelta(hours=1) key4 = sha1(config.ACCESS_CONTROL_KEY + \ hours_ago.strftime('%Y%m%d%H')).hexdigest() assert not validate_key(key4) key5 = sha1(config.ACCESS_CONTROL_KEY + 'something' + \ datetime.utcnow().strftime('%Y%m%d%H')).hexdigest() assert not validate_key(key5)
def dispatch_request(self, request): if not validate_key(request.args.get('key', '')): raise Forbidden endpoint, kw = self.url_map.bind_to_environ(request.environ).match() return getattr(self, endpoint)(request, **kw)