def secure_url_for(**kw): kw[secure_form_tag.token_key] = secure_form_tag.authentication_token() return url_for(**kw)
def hidden_authenticator(): return '<input name="%s" value="%s" type="hidden"/>' % (secure_form_tag.token_key, secure_form_tag.authentication_token())
def setUp(self): super(self.__class__, self).setUp() self.authentication_token = authentication_token() assert self.authentication_token assert get_session()[token_key] == self.authentication_token
def form(self): request_config().environ = request.environ return secure_form_tag.authentication_token()
def authenticated_form(params): submitted_token = params.get(secure_form_tag.token_key) return submitted_token is not None and \ submitted_token == secure_form_tag.authentication_token()