def __init__(self, secret, max_age, reissue_time=None, include_ip=False, cookie_name='AUTH_TKT'): """Initializes the ticket authentication mechanism. Args: secret: Byte sequence used to initialize the ticket factory. max_age: Integer representing the number of seconds to allow the ticket to remain valid for after being issued. reissue_time: Integer representing the number of seconds before a valid login will cause a ticket to be reissued. If this value is 0, a new ticket will be reissued on every request which requires authentication. If this value is None, no tickets will be reissued, and the max_age will always expire the ticket. include_ip: If true, requires the clients ip details when calculating the ticket hash cookie_name: Name to use to reference the ticket details. """ self._ticket = TicketFactory(secret) self._max_age = max_age if (self._max_age is not None and reissue_time is not None and reissue_time < self._max_age): self._reissue_time = max_age - reissue_time else: self._reissue_time = None self._include_ip = include_ip self._cookie_name = cookie_name
async def test_middleware_gets_auth_from_cookie(self): secret = b'01234567890abcdef' auth_ = auth.CookieTktAuthentication(secret, 15, 2, cookie_name='auth') middlewares = [auth_middleware(auth_)] session_data = TicketFactory(secret).new('some_user') request = await make_request('GET', '/', middlewares, \ [(auth_.cookie_name, session_data)]) user_id = await auth.get_auth(request) self.assertEqual(user_id, 'some_user') response = await make_response(request, middlewares) self.assertFalse(auth_.cookie_name in response.cookies)
async def test_middleware_reissues_ticket_auth(self): secret = b'01234567890abcdef' auth_ = auth.CookieTktAuthentication(secret, 15, 0, cookie_name='auth') middlewares = [auth_middleware(auth_)] valid_until = time.time() + 15 session_data = TicketFactory(secret).new('some_user', valid_until=valid_until) request = await make_request('GET', '/', middlewares, \ [(auth_.cookie_name, session_data)]) user_id = await auth.get_auth(request) self.assertEqual(user_id, 'some_user') response = await make_response(request, middlewares) self.assertTrue(auth_.cookie_name in response.cookies) self.assertNotEqual(response.cookies[auth_.cookie_name], session_data)