예제 #1
0
def is_valid_user(request):
    """
    Returns true if user is logged in, false if not.
    """
    sec = Security(EvilMommy.Config.encryption_key)
    token = request.cookies.get('auth_token');
    print token
    return sec.is_valid_user(token, 
                             EvilMommy.Config.valid_users, 
                             request.remote_addr)
예제 #2
0
def login():
    user = request.form['user']

    # Log to STDOUT during dev
    print ("\nLogin attempty from user  %s\n" % (user))

    if user in EvilMommy.Config.valid_users:
        sec = Security(EvilMommy.Config.encryption_key)
        resp = redirect(url_for('status') + '?msg=Welcome!')
        resp.set_cookie('auth_token', 
                        sec.create_auth_token(user, request.remote_addr))
        return resp
    else:
        return render_template("login.html", message = "Login Incorrect")
예제 #3
0
class TestSecurity(unittest.TestCase):

    def setUp(self):
        self.security = Security(Config.encryption_key)

    def sample_token(self):
        return self.security.create_auth_token('Homer', '127.0.0.1')

    def test_create_auth_token(self):
        token = self.sample_token()
        self.assertTrue(isinstance(token, basestring))
        token2 = self.security.create_auth_token('Homer', '127.0.0.1')
        self.assertFalse(token == token2)

    def test_unpack_auth_token(self):
        token = self.sample_token()
        data = self.security.unpack_auth_token(token)
        self.assertEqual('Homer', data['user_name']);
        self.assertEqual('127.0.0.1', data['remote_addr']);
        self.assertIsNone(self.security.unpack_auth_token('BadAuthToken'))

    def test_is_valid_user(self):
        token = self.sample_token()

        # Valid user and address
        self.assertTrue(self.security.is_valid_user(token, 
                                                    ['Homer', 'Moe'], 
                                                    '127.0.0.1'))
        # User not in user list
        self.assertFalse(self.security.is_valid_user(token, 
                                                     ['Marge', 'Lisa'], 
                                                     '127.0.0.1'))
        # Remote address does not match token
        self.assertFalse(self.security.is_valid_user(token, 
                                                    ['Homer', 'Moe'], 
                                                     '10.10.10.10'))
        # Bad token
        self.assertFalse(self.security.is_valid_user('Bad Token', 
                                                     ['Homer', 'Moe'], 
                                                     '127.0.0.1'))
예제 #4
0
 def setUp(self):
     self.security = Security(Config.encryption_key)