def verifyredditcodeposted(request): code = request.POST['code'] sig = request.POST['sig'] if code != tornado_cookies.validate_cookie('code', sig): log.error("verifyredditcodeposted signature failed with (code, sig)", code, sig) raise ValueError('Invalid signature') content = get_reddit_content() comments = content[1]['data']['children'] comments_with_code = [] for c in comments: try: if code in c['data']['body']: comments_with_code.append(c) except KeyError: log.debug("verifyredditcodeposted could not parse comment", c) continue if not comments_with_code: log.debug("verifyredditcodeposted found no comment with code", code) return dict(success=False) comments_with_code.sort(key=lambda x:x['data']['created_utc']) original_comment = comments_with_code[0] username = original_comment['data']['author'] return dict(success=True, username=username, usersig=tornado_cookies.generate_secure_cookie('username', username))
def process_response(self, request, response): if not hasattr(request, 'user'): # Can happen on redirects? return response if request.user.is_authenticated(): u = request.user value = ','.join(['auth', str(u.id), u.username]) value = tornado_cookies.generate_secure_cookie(USER_INFO_COOKIE, value) response.set_cookie(USER_INFO_COOKIE, value) else: response.delete_cookie(USER_INFO_COOKIE) return response
def getauth(request): from core.cookies import SECURE_SESSION_COOKIE # Get user info for response u = request.user if not u.is_authenticated(): response = None else: response = { 'remote_id': u.username } response = json_response(response) # Set session cookies request.session.set_test_cookie() # easy way to ensure session exists -- necessary? ss_val = tornado_cookies.generate_secure_cookie(SECURE_SESSION_COOKIE, request.session.session_key) response.set_cookie(SECURE_SESSION_COOKIE, ss_val) global_readable = get_permission(request, response, global_room, 'r') assert global_readable return response
def redditcode(request): code = ''.join([random.choice(CODE_CHARS) for x in xrange(16)]) return json_response({ 'code': code, 'sig': tornado_cookies.generate_secure_cookie('code', code) })
def _set_cached_perm_level(response, cookie_name, perm_level): assert perm_level in ('r', 'w') cookie_val = generate_secure_cookie(cookie_name, perm_level) response.set_cookie(cookie_name, cookie_val)