Esempio n. 1
0
    def create_token(self, session_id, session_key, end_date=None, token_expire_seconds=None):
        session_key_256 = make_sha256(session_key)

        # Delete all active tokens
        self.delete_session_key_tokens(session_key_256)

        token = '%s-%s' % (session_id, make_unique_hash(length=70))
        token_256 = make_sha256(token)

        data = {
            'lock_key': make_token_lock(self.request, token, session_id),
            'session_id': session_id,
            'session_key': session_key_256}

        if end_date:
            data['end_date'] = date_to_timestamp(end_date)
        if token_expire_seconds:
            data['token_expire_seconds'] = int(token_expire_seconds)

        info = compact_dump(data)

        # Save token
        file_path = self.get_token_file_path(token_256)
        put_binary_on_file(file_path, info)

        # Save reference
        reference_path = self.get_reference_file_path(session_key_256)
        put_binary_on_file(reference_path, token_256 + NEW_LINE, mode='ab')

        return token
Esempio n. 2
0
def make_unique_hash():
    key = '.'.join((
        uuid4().hex,
        str(NOW_DATE()),
        str(PROCESS_ID),
        str(DOMAIN_NAME)))
    return make_sha256(key)
Esempio n. 3
0
def make_token_lock(request, token, session_id):
    return make_sha256(
        bytes_join(
            '-',
            [to_unicode(request.user_agent or ''),
             to_unicode(request.ip_address),
             to_unicode(token),
             to_unicode(session_id)]))
Esempio n. 4
0
    def get_token_authorization(self, token):
        if token and '-' in token:
            token_256 = make_sha256(token)
            file_path = self.get_token_file_path(token_256)
            last_read_time = last_read_file_time(file_path)
            if last_read_time:
                info = self.get_token_info(token_256)
                if info:
                    now = NOW_TIME()
                    token_expire_seconds = info.get('token_expire_seconds') or self.token_expire_seconds
                    expire = last_read_time + token_expire_seconds
                    end_date = info.get('end_date')
                    if expire > now and (not end_date or end_date > now):
                        token_lock = make_token_lock(self.request, token, info['session_id'])
                        valid_token = compare_digest(info['lock_key'], token_lock)
                        valid_session_id = compare_digest(info['session_id'], token.split('-', 1)[0])
                        if valid_token and valid_session_id:
                            return info['session_id']

                    # Compromised or ended! Force revalidation
                    self.delete_session_key_tokens(info['session_key'])
Esempio n. 5
0
    def unlock(self, name):
        name_256 = make_sha256(name)
        pattern_name = name_256 + '.'
        folder_path = join_paths(self.path, name_256[0])

        # Lookup for locked positions
        files = []
        for filename in get_dir_filenames(folder_path):
            if filename.startswith(pattern_name):
                position = int(filename.split('.', 1)[1])
                files.append((position, filename))
        if files:
            files.sort()

            for position, filename in files:
                file_path = join_paths(folder_path, filename)
                if remove_file(
                        file_path,
                        retries=self.retries,
                        retry_errno=self.retry_errno):
                    return True

        # If no position found, delete base lock
        return remove_file_quietly(self.get_file_path(name), retries=self.retries, retry_errno=self.retry_errno)
Esempio n. 6
0
 def format_name(self, name):
     return to_bytes(make_sha256(name))
Esempio n. 7
0
 def get_reference_path(self, name):
     first_name = name.split(' ', 1)[0]
     first_name_256 = make_sha256(first_name)
     return join_paths(self.reference_path, first_name_256[0], first_name_256)
Esempio n. 8
0
 def get_file_path(self, name):
     name_256 = make_sha256(name)
     return join_paths(self.path, name_256[0], name_256)
Esempio n. 9
0
 def format_position_name(self, name_256, position):
     name = '%s.%s' % (name_256, position)
     return to_bytes(make_sha256(name))
Esempio n. 10
0
 def format_name(self, name):
     return to_bytes(make_sha256('locks %s' % name))
Esempio n. 11
0
def make_token_lock(request, token, session_id):
    return make_sha256('-'.join((request.user_agent or '', request.ip_address, token, session_id)))
Esempio n. 12
0
 def expire_session_key_with_token(self, token):
     token_256 = make_sha256(token)
     token_info = self.get_token_info(token_256)
     if token_info:
         self.delete_session_key_tokens(token_info['session_key'])
         return token_info