def sign(self, content):
"""
Sign the content returning a valid cookie (that does not
need to be escaped and quoted). The expiration of this
cookie is handled server-side in the auth() function.
"""
cookie = base64.encodestring(
hmac.new(self.secret, content, sha1).digest() +
cookie_m.make_time(time.time() + 60 * self.timeout) + content)[:-1]
cookie = cookie.replace("/", "_").replace("=", "~").replace("\n", "")
if len(cookie) > self.maxlen:
raise cookie_m.CookieTooLarge(content, cookie)
return cookie
def sign(self, content):
"""
Sign the content returning a valid cookie (that does not
need to be escaped and quoted). The expiration of this
cookie is handled server-side in the auth() function.
"""
cookie = base64.encodestring(
hmac.new(self.secret, content, sha1).digest() +
cookie_m.make_time(time.time() + 60*self.timeout) +
content)[:-1]
cookie = cookie.replace("/", "_").replace("=", "~").replace("\n", "")
if len(cookie) > self.maxlen:
raise cookie_m.CookieTooLarge(content, cookie)
return cookie
def auth(self, cookie):
"""
Authenticate the cooke using the signature, verify that it
has not expired; and return the cookie's content
"""
decode = base64.decodestring(
cookie.replace("_", "/").replace("~", "="))
signature = decode[:cookie_m._signature_size]
expires = decode[cookie_m._signature_size:cookie_m._header_size]
content = decode[cookie_m._header_size:]
if signature == hmac.new(self.secret, content, sha1).digest():
if int(expires) > int(cookie_m.make_time(time.time())):
return content
else:
# This is the normal case of an expired cookie; just
# don't bother doing anything here.
pass
else:
# This case can happen if the server is restarted with a
# different secret; or if the user's IP address changed
# due to a proxy. However, it could also be a break-in
# attempt -- so should it be reported?
pass
def auth(self, cookie):
"""
Authenticate the cooke using the signature, verify that it
has not expired; and return the cookie's content
"""
decode = base64.decodestring(
cookie.replace("_", "/").replace("~", "="))
signature = decode[:cookie_m._signature_size]
expires = decode[cookie_m._signature_size:cookie_m._header_size]
content = decode[cookie_m._header_size:]
if signature == hmac.new(self.secret, content, sha1).digest():
if int(expires) > int(cookie_m.make_time(time.time())):
return content
else:
# This is the normal case of an expired cookie; just
# don't bother doing anything here.
pass
else:
# This case can happen if the server is restarted with a
# different secret; or if the user's IP address changed
# due to a proxy. However, it could also be a break-in
# attempt -- so should it be reported?
pass