def test_token(self): self.grant_permission(self.user, 'Apps:Review') res = self.client.post(self.url) eq_(res.status_code, 200, res.content) data = json.loads(res.content) assert 'token' in data # Check data in token. assert Token.valid(data['token'], data={'app_id': self.app.id})
def test_token(self): self.grant_permission(self.user, "Apps:Review") res = self.client.post(self.url) eq_(res.status_code, 200, res.content) data = json.loads(res.content) assert "token" in data # Check data in token. assert Token.valid(data["token"], data={"app_id": self.app.id})
def wrapper(request, file_id, key, *args, **kw): viewer = FileViewer(get_object_or_404(File, pk=file_id)) token = request.GET.get('token') if not token: log.error('Denying access to %s, no token.' % viewer.file.id) raise PermissionDenied if not Token.valid(token, [viewer.file.id, key]): log.error('Denying access to %s, token invalid.' % viewer.file.id) raise PermissionDenied return func(request, viewer, key, *args, **kw)