예제 #1
0
 def set_up(self):
     CSRF_TOKEN_COOKIE = 'XSRF-RANDOM'
     CSRF_ANGULAR_COOKIE = 'XSRF-TOKEN'
     CSRF_ANGULAR_AJAX_HEADER = 'X-XSRF-TOKEN'
     csrf_code = facade.retrive_cookie_data(
         self.handler.request, CSRF_TOKEN_COOKIE).execute().result
     if csrf_code:
         if self.handler.request.method != 'GET':
             angular_cookie_value = self.handler.request.headers.get(
                 CSRF_ANGULAR_AJAX_HEADER)
             if csrf_code == angular_cookie_value:
                 return False
             form_input = self.dependencies.get(CSRF_CODE_KEY)
             if csrf_code == form_input:
                 return False
     else:
         csrf_code = urandom(16).encode('hex')
         facade.write_cookie(self.handler.response, CSRF_TOKEN_COOKIE,
                             csrf_code).execute()
         self.handler.response.set_cookie(CSRF_ANGULAR_COOKIE, csrf_code)
     fcn = self.dependencies['_fcn']
     self.dependencies[CSRF_CODE_KEY] = csrf_code
     is_secure = is_csrf_secure(fcn)
     if is_secure:
         self.handler.response.status = '403 forbiden access'
         self.handler.response.write('Forbiden access')
     return is_secure
예제 #2
0
 def commit(self):
     if self._save_google_user_future:
         google_user_key = self._save_google_user_future.get_result()
         main_user_key = self._save_main_user.get_result()
         facade.write_cookie(self.response, self.user_cookie, {'id': self.result.key.id()}).execute()
         return ExternalToMainUser(origin=google_user_key, destination=main_user_key)
     if self.result:
         facade.write_cookie(self.response, self.user_cookie, {'id': self.result.key.id()}).execute()
예제 #3
0
 def test_success(self):
     resp = Mock()
     cmd = facade.write_cookie(resp, 'user', 'foo')
     cmd.execute()
     self.assertTrue(resp.set_cookie.called)
     self.assertEqual('user', resp.set_cookie.call_args[0][0])
     self.assertTrue(resp.set_cookie.call_args[1]['httponly'])
예제 #4
0
 def set_up(self):
     CSRF_TOKEN_COOKIE = 'XSRF-RANDOM'
     CSRF_ANGULAR_COOKIE = 'XSRF-TOKEN'
     CSRF_ANGULAR_AJAX_HEADER = 'X-XSRF-TOKEN'
     csrf_code = facade.retrive_cookie_data(self.handler.request, CSRF_TOKEN_COOKIE).execute().result
     if csrf_code:
         if self.handler.request.method != 'GET':
             angular_cookie_value = self.handler.request.headers.get(CSRF_ANGULAR_AJAX_HEADER)
             if csrf_code == angular_cookie_value:
                 return False
             form_input = self.dependencies.get(CSRF_CODE_KEY)
             if csrf_code == form_input:
                 return False
     else:
         csrf_code = urandom(16).encode('hex')
         facade.write_cookie(self.handler.response, CSRF_TOKEN_COOKIE, csrf_code).execute()
         self.handler.response.set_cookie(CSRF_ANGULAR_COOKIE, csrf_code)
     fcn = self.dependencies['_fcn']
     self.dependencies[CSRF_CODE_KEY] = csrf_code
     is_secure = is_csrf_secure(fcn)
     if is_secure:
         self.handler.response.status = '403 forbiden access'
         self.handler.response.write('Forbiden access')
     return is_secure
예제 #5
0
def log_main_user_in(main_user, response, user_cookie):
    facade.write_cookie(response, user_cookie, {'id': main_user.key.id()}).execute()
예제 #6
0
 def do_business(self):
     super(Login, self).do_business()
     facade.write_cookie(self.response, self.user_cookie_name, {'id': self.result.key.id()}).execute()
예제 #7
0
 def do_business(self):
     super(Login, self).do_business()
     facade.write_cookie(self.response, self.user_cookie_name, {'id': self.result.key.id()}).execute()
예제 #8
0
def log_main_user_in(main_user, response, user_cookie):
    facade.write_cookie(response, user_cookie, {
        'id': main_user.key.id()
    }).execute()