def test_cookie(self): c = cookie() self.assertEqual(c, 'session_id=; Path=/; Expires=Tue, 31-Dec-2019 23:59:59 GMT') key = generate_key() c = cookie(key) self.assertEqual(c, 'session_id=%s; Path=/; Expires=Tue, 31-Dec-2019 23:59:59 GMT' % key)
def test_cookie(self): c = cookie() self.assertEqual( c, 'session_id=; Path=/; Expires=Tue, 31-Dec-2019 23:59:59 GMT') key = generate_key() c = cookie(key) self.assertEqual( c, 'session_id=%s; Path=/; Expires=Tue, 31-Dec-2019 23:59:59 GMT' % key)
def do_delete(self): if not self.session: self.response = Response(status=400) return self.session.delete() # return empty session cookie self.response = Response(status=204, headers={'Set-Cookie': cookie()})
def do_delete(self): if not self.session: self.response = Response(status=400) return self.session.delete() # return empty session cookie self.response = Response(status=204, headers={'Set-Cookie': cookie() })
def do_post(self): # log in user if self.session: # user already logged in self.response = Response(status=400) return try: credentials = self.request.body if not credentials['login'] or not credentials[ 'password']: # malformed credential payload self.response = Response(status=400) return except: # malformed credential payload self.response = Response(status=400) return if '@' in credentials['login']: # log in with email address lookup = self.tables['email'].get_item( hash_key=credentials['login']) else: # log in with username lookup = self.tables['username'].get_item( hash_key=credentials['login']) user = self.tables['user'].get_item(hash_key=lookup['user']) if not user: # no such user self.response = Response(status=400) return if not check_password(credentials['password'], user['password']): # incorrect password self.response = Response(status=401) return # create session session_id = generate_key() attrs = { 'timestamp': timestamp(), 'user': user['id'], 'email': user['email'], 'username': user['username'] } session = self.tables['session'].new_item(hash_key=session_id, attrs=attrs) session.put() # return session id self.response = Response(status=200, headers={'Set-Cookie': cookie(session_id)})
def do_post(self): # log in user if self.session: # user already logged in self.response = Response(status=400) return try: credentials = self.request.body if not credentials['login'] or not credentials['password']: # malformed credential payload self.response = Response(status=400) return except: # malformed credential payload self.response = Response(status=400) return if '@' in credentials['login']: # log in with email address lookup = self.tables['email'].get_item(hash_key=credentials['login']) else: # log in with username lookup = self.tables['username'].get_item(hash_key=credentials['login']) user = self.tables['user'].get_item(hash_key=lookup['user']) if not user: # no such user self.response = Response(status=400) return if not check_password(credentials['password'], user['password']): # incorrect password self.response = Response(status=401) return # create session session_id = generate_key() attrs = { 'timestamp': timestamp(), 'user': user['id'], 'email': user['email'], 'username': user['username'] } session = self.tables['session'].new_item(hash_key=session_id, attrs=attrs) session.put() # return session id self.response = Response(status=200, headers={'Set-Cookie': cookie(session_id) })