def decorated_function(*args, **kwargs): s = URLSafeSerializer(APP.config['SECRET_KEY'], salt=APP.config['FEED_SALT']) try: s.loads(request.args.get('token')) except: abort(401) return func(*args, **kwargs)
def unencryptme(key, filename='oids'): s = URLSafeSerializer(key) csv = pd.read_csv(filename + "_encrypted.csv") market = s.loads(csv['strings'][0]) pcc = s.loads(csv['strings'][1]) epr = s.loads(csv['strings'][2]) pwd = s.loads(csv['strings'][3]) df = pd.DataFrame(list(zip(market, pcc, epr, pwd)), columns=['market', 'pcc', 'epr', 'pwd']) return df
def activate_user(activation_code): """ Function that activate an user given an activation code It takes care of the actual creation on ADS Classic """ # create an itsdangerous object to un sign the verification code and decrypt the password itsd = URLSafeSerializer(config.ACCOUNT_VERIFICATION_SECRET) # decrypt the activation code try: login = itsd.loads(activation_code) except BadSignature: app.logger.error("Activation code not valid. Code used: %s" % activation_code) return False, "Activation Code not valid.", "error" # check local database loc_db_user = AdsUserRecord.query.filter(AdsUserRecord.username == login) # @UndefinedVariable # get the user object user_rec = loc_db_user.first() if not user_rec: app.logger.error("User activation error: user not in db. Email used: %s" % login) return False, "Account not found", "error" if user_rec.active: app.logger.warn("User account already active. Email from activation code used: %s" % login) return False, "Account already active", "warn" # if everything is of it's time to proceed try: classic_user = create_classic_user( user_rec.username, itsd.loads(user_rec.password), user_rec.firstname, user_rec.lastname ) except TypeError: app.logger.error("ADS Classic account creation error. Email from activation code used: %s" % login) return False, "Problems in the account creation. Please try later.", "error" if classic_user: update_params = {} if classic_user.get("cookie"): update_params.update( { "cookie_id": classic_user["cookie"], "active": True, "password": "", "remote_login_system": classic_user["request"]["man_url"], } ) # actual update in the DB loc_db_user.set(**update_params).execute() return True, "Account activated", "success" else: app.logger.error( "User account activation failed on the classic user creation: user created but no cookie id in the response from classic. Email from activation code used: %s" % login ) return False, "Problems in the creation of the classic user", "error" app.logger.error("User activation error. Classic user not created. Email from activation code used: %s" % login) return False, "Problems in the account creation. Please try later.", "error"
def main(): abspath = os.path.abspath(__file__) dname = os.path.dirname(abspath) os.chdir(dname) action = sys.argv[1] secret_key = sys.argv[2] if action == "generate": filename = sys.argv[3] basename = filename.split(".")[-2] extension = filename.split(".")[-1] digest = hashlib.sha512(secret_key + basename).hexdigest() des = URLSafeSerializer(digest) credentials = { 'filename': filename.encode("base64"), 'ext': extension, 'length': len(filename), 'signature': digest } print des.dumps(credentials, salt="donttread") return signed_serial = sys.argv[3] result = URLSafeSerializer("").loads_unsafe(signed_serial) img = "snek.jpg" try: if result[1]: signature = result[1]['signature'] extension = result[1]['ext'] filename = result[1]['filename'].decode("base64") length = result[1]['length'] if len(filename) == length and len(extension) == 3: basename = filename.split(".")[-2] digest = hashlib.sha512(secret_key + splitext(filename)[0]).hexdigest() if digest == signature: des = URLSafeSerializer(digest) des.loads(signed_serial, salt="donttread") img = "%s.%s" % (basename, extension) except: pass proc = subprocess.Popen(["./read_file", img], stdout=subprocess.PIPE) imgo = proc.stdout.read().encode("base64").replace("\n", "") output = '<img src="data:image/png;base64,%s" alt="i am %s" />' % (imgo, img) print output
def decorated_function(*args, **kwargs): s = URLSafeSerializer(current_app.config['SECRET_KEY'], salt=kwargs['facility']) if 'token' not in request.args: raise InvalidUsage('no token', status_code=401) try: s.loads(request.args.get('token')) except: raise InvalidUsage('bad token', status_code=401) return f(*args, **kwargs)
def index(token): # Token verification with open('credentials.txt') as f: credentials = {k: v for k, v in map(str.split, f.readlines())} server_secret = credentials['SERVER_SECRET'] serializer = URLSafeSerializer(server_secret, salt='flightstatus') try: email = serializer.loads(token) except BadData as e: return 'Invalid token provided' # Get flight details from db and then query the api flight_statuses = [] updates = [] for flight in get_tracked_flights(current_app, email): flight_details, curr_price = query_tracked_flight(flight) # If no results are returned by the api if curr_price == -1: continue flight_statuses.append( (flight_details, float(flight['prev_price']), float(curr_price))) if float(curr_price) != float(flight['prev_price']): updates.append((flight['id'], curr_price)) print(flight_statuses) # Update prices in database update_stored_prices(current_app, updates) return render_template('flight_email.html', flight_statuses=flight_statuses)
def reset_password(token): """ sumary_line """ try: urlsafeserializer = URLSafeSerializer(os.environ.get('SALT')) username = urlsafeserializer.loads(token, salt='forgot-password') if request.form['newpassword0'] == request.form['newpassword1']: if validate_password(request.form['newpassword0']): user = User(username) user_details = user.get_user_details() newhash = get_password_hash(request.form['newpassword1']) user.update_password_hash(newhash) send_reset_password_email(user_details['email']) message = 'Password updated' alert = 'success' return render_template('/login.html', message=message, alert=alert) message = 'Password should be at least 9 chars, [A-Za-z0-9@#$%^&+!=.]' alert = 'warning' return '<h3>'+ message + ' ' + alert +'</h3>' message = 'passwords do not match' alert = 'danger' return '<h3>'+ message + ' '+ alert +'</h3>' except BadSignature: message = 'This token has been tempered with create a new account' alert = 'danger' return redirect('/login', 302)
def _update_object(self, obj): """Validate the task_run object and update it with user id or ip.""" s = URLSafeSerializer(current_app.config.get('SECRET_KEY')) # Get the cookie with the task signed for the current task_run cookie_id = 'task_run_for_task_id_%s' % obj.task_id task_cookie = request.cookies.get(cookie_id) if task_cookie is None: raise Unauthorized("Missing task cookie for posting" " a valid task_run") # Load the real task from the DB task_cookie = s.loads(task_cookie) #task = db.session.query(model.Task).get(task_cookie['id']) task = Task.query.get(task_cookie['id']) if ((task is None) or (task.id != obj.task_id)): # pragma: no cover raise Forbidden('Invalid task_id') if (task.app_id != obj.app_id): raise Forbidden('Invalid app_id') if not current_user.is_anonymous(): obj.user = current_user else: obj.user_ip = request.remote_addr # Check if this task_run has already been posted # task_run = db.session.query(model.TaskRun)\ task_run = TaskRun.query\ .filter_by(app_id=obj.app_id)\ .filter_by(task_id=obj.task_id)\ .filter_by(user=obj.user)\ .filter_by(user_ip=obj.user_ip)\ .first() if task_run is not None: raise Forbidden('You have already posted this task_run')
def current_user(): user_id = session.get('id') if user_id: # g is unique object for each request current_user = getattr(g, 'current_user', None) if not current_user: current_user = User.find(user_id) if current_user: g.current_user = current_user return current_user else: # cookieからuser id取得を試みる signed_id = request.cookies.get('user_id') if signed_id: try: # 署名を確認する key = current_app.secret_key s = URLSafeSerializer(key, salt='remember_me') user_id = s.loads(signed_id) user = User.find(user_id) # 記憶トークンの確認 if user and \ (remember_token := request.cookies.get('remember_token')) and \ (user.authenticated('remember', remember_token)): log_in(user) g.current_user = user return user except BadSignature: # 改ざんされている return None return None
class SendEmail(object): def __init__(self): self.serial = URLSafeSerializer(app.config["SECRET_KEY"]) self.sg = SGMail self.template = os.path.dirname( __file__) + "/templates/email_template.html" def send_invite_email(self, sender, league, to_email): j2_env = jinja2.Environment( loader=jinja2.PackageLoader('MovieLeague', 'templates')) template = j2_env.get_template('email_template.html') from_email = Email("*****@*****.**") to_email = Email(to_email) subject = "Invite to join %s" % league html = template.render(sender=sender, league=league, token=self.token_dump(league)) content = Content("text/html", html) mail = Mail(from_email, subject, to_email, content) response = self.sg.client.mail.send.post(request_body=mail.get()) print(response.status_code) print(response.body) print(response.headers) def token_dump(self, data): return self.serial.dumps(data) def token_load(self, token): return self.serial.loads(token)
def activate_device_sharing_token(account_id, token): """ Activates device sharing token for account with passed id :param account_id: Id of account :type account_id: int :param token: Token created by device owner :type token: string :raises: ValueError if device does not exist """ serializer = URLSafeSerializer(app.config['SECRET_KEY'], salt=app.config['SECURITY_PASSWORD_SALT']) token_data = serializer.loads(token) device_id = token_data['device_id'] access_level_id = token_data['access_level_id'] if (token_data.get('account_id') or account_id) != account_id: return False if not Device.exists(id=device_id): raise NotPresentError("Device does not exist!") device_association = DeviceAssociation(device_id, account_id, access_level_id) device_association.save() return True
def weixin(signed_openid): aliases = g.user.get_type_alias() is_bound = ACCOUNT_REG_TYPE.WEIXIN_OPENID in aliases # decrypt the openid (sender) which provided by weixin serializer = URLSafeSerializer(current_app.secret_key) try: openid = serializer.loads(signed_openid) except BadSignature: return u'bad signature', 403 if request.method == 'GET': return render_template('mine/alias/weixin.html', is_bound=is_bound) # overrides method with a hidden field if request.method == 'POST': if request.form['method'] == 'post': # bind to current account g.user.add_alias(openid, ACCOUNT_REG_TYPE.WEIXIN_OPENID) return redirect('/mine/plan') if request.form['method'] == 'delete': g.user.remove_alias(ACCOUNT_REG_TYPE.WEIXIN_OPENID) return redirect(request.path) abort(400)
def execute(self, payload): # 1. Extract user id from payload key = self._settings['cookie_secret'] s = URLSafeSerializer(key) uid = None try: uid = ObjectId(s.loads(payload)) except BadSignature: raise tornado.web.HTTPError(400) db = self._settings['db'] # 2. Determine if user exists and is in unconfirmed state user = yield db.users.find_one({ '_id': uid, 'status': UserStatus.unconfirmed }) if not user: raise tornado.web.HTTPError(410) # 3. Set user status to active yield db.users.update({ '_id': uid}, { '$set': { 'status': UserStatus.active } }) # 4. Determine lifespan of new session lifespan = self._settings['session_lifespan'] # 5. Insert new session now = datetime.utcnow() sessionId = yield db.sessions.insert({ 'userId': uid, 'created': now, 'persistentCookie': True, 'expires': now + timedelta(days=lifespan) }) return EmailVerificationResult(user, sessionId, lifespan)
def load_user(token): _query = get_query() # return _query.filter_by(id = userid).first() key = current_app.config.get("SECRET_KEY", "It's a secret.") try: s = URLSafeSerializer(key) userid, username, password, life_time = s.loads(token) except BadData: # token had been modified! return None # 校验密码 user = _query.get(userid) if user: # 能loads出id,name等信息,说明已经成功登录过,那么cache中就应该有token的缓存 token_cache = simple_cache.get(token) if not token_cache: # 此处找不到有2个原因:1.cache中因为超时失效(属于正常情况);2.cache机制出错(属于异常情况)。 # the token is not found in cache. return None if str(password) != str(user.password): # the password in token is not matched! simple_cache.delete(token) return None else: simple_cache.set(token, 1, timeout=life_time) else: # the user is not found, the token is invalid! return None return user
def confirm(payload=None): ''' This is where user creation lives, for now... ''' # TODO: Get this out of here! form = ConfirmForm() if request.method == 'GET': s = URLSafeSerializer(app.config['SECRET_KEY']) try: user_id = s.loads(payload) except BadSignature: abort(404) user = User.objects.get(id=user_id) if not user.registered: user.activate() flash("Your email has been verified.") AdminAlertEmail(subject="Confirmed user: %s" % user.email, body="User %s has confirmed their email address." % user.email).send() session["user_id"] = user_id # TODO: Why is this here? return render_template("confirm.html", form=form) else: return redirect(url_for("root.index")) if form.validate_on_submit(): user = User.objects.get(id=session["user_id"]) user.password = generate_password_hash(form.password.data) user.registered = True RegistrationEmail(user.email).send() AdminAlertEmail(subject="Registered user: %s" % user.email, body="User %s has finished registration." % user.email).send() user.save() login_user(user) return redirect(url_for("root.index")) return render_template("confirm.html", form=form)
def current_insti(): insti_uurl = request.cookies.get('insti-uurl') if insti_uurl: s = URLSafeSerializer(current_app.config['SECRET_KEY']) uurl = s.loads(insti_uurl) return Institution.query.filter_by(uurl=uurl).first() return None
def quiz_reply_page(quiz_id, secure_user_id): secret_key = app.config['SECRET_KEY'] serializer = URLSafeSerializer(secret_key) try: user_id = serializer.loads(secure_user_id) except BadSignature: abort(404) user = User.query.get_or_404(user_id) quiz = Quiz.query.get_or_404(quiz_id) if request.method == 'POST': reply_text = request.form.get("reply_text") reply_mark = request.form.get("reply_mark") new_reply = Reply(user.id, reply_text, reply_mark) db.session.add(new_reply) db.session.commit() return 'success' reply_form = Reply_form() return flask.render_template('quiz_reply.html', user=user, quiz=quiz, secure_user_id=secure_user_id, reply_form=reply_form)
def confirm_token(token): serializer = URLSafeSerializer(secret_key, salt=security_password_salt) try: email = serializer.loads(token) except: return False return email
def itsDecode(data: str, time: int = 15, url_safe_key: str = DEFAULT_SAFE_KEY, time_safe_key: str = DEFAULT_SAFE_KEY) -> (bool, str): ''' @description: its解密 @param {data} data 加密数据 @param {int} time 过期时间 @param {str} url_safe_key URL加密密钥 @param {str} time_safe_key Time加密密钥 @return: True/False, Data ''' result = None time = int(time) try: tSafe = TimestampSigner(time_safe_key) tUnsign = tSafe.unsign(data, time) except: return False, "授权过期" try: uSafe = URLSafeSerializer(url_safe_key) result = uSafe.loads(url_safe_key) return True, result except: return False, "解析失败"
def load_token(token): # 通过loads()方法来解析浏览器发送过来的token,从而进行初步的验证 key = current_app.config.get("SECRET_KEY", "The securet key by C~C!") try: s = URLSafeSerializer(key) id, name, password, browser_id, life_time = s.loads(token) except BadData: print("token had been modified!") return None # 判断浏览器信息是否改变 bi = create_browser_id() if not constant_time_compare(str(bi), str(browser_id)): print("the user environment had changed, so token has been expired!") return None # 校验密码 user = User.query.get(id) if user: # 能loads出id,name等信息,说明已经成功登录过,那么cache中就应该有token的缓存 token_cache = simple_cache.get(token) if not token_cache: # 此处找不到有2个原因:1.cache中因为超时失效(属于正常情况);2.cache机制出错(属于异常情况)。 print("the token is not found in cache.") return None if str(password) != str(user.password): print("the password in token is not matched!") simple_cache.delete(token) return None else: simple_cache.set(token, 1, timeout=life_time) # 刷新超时时长 else: print('the user is not found, the token is invalid!') return None return user
def load_bill_token(token): serializer = URLSafeSerializer(app.config['SECRET_KEY']) try: billid = serializer.loads(token, salt=app.config['SECURITY_BILL_SALT']) except: return False return billid
def recover_password(token): s = URLSafeSerializer(app.config['SECRET_KEY']) try: token_data = s.loads(token) except BadSignature: flash('Failed to validate token.') return redirect(url_for('index')) if token_data['time'] + 600 < int(time.time()): flash('That link has expired') return redirect(url_for('forgot')) form = ChangePasswordForm() if form.validate_on_submit(): try: user = User.get(User.email == token_data['email']) except User.DoesNotExist: flash('That user does not exist.') return redirect(url_for('index')) user.password = generate_password_hash(form.password.data) user.save() flash('Your password has been updated.') return redirect(url_for('login')) else: return render_template( 'recover_password.html', form=form, token_data=token_data, token=token, )
class Serializer: def __init__(self, app): self.serializer = URLSafeSerializer(app.config['SECRET_KEY']) self.salt = app.config['SECRET_SALT'] def loads(self, token): return self.serializer.loads(token) def dumps(self, string): return self.serializer.dumps(string) def loads_salted(self, token): return self.serializer.loads(token, salt=self.salt) def dumps_salted(self, string): return self.serializer.dumps(string, salt=self.salt)
def activate_user(activation_token): """ Activate a particular user, based on activation token. This sets the is_active field to true in the db. :param activation_token: the token that user should have in email :return: 403 if any errors, else redirect to root , and user is activated """ serializer = URLSafeSerializer(app.config['SECRET_KEY']) try: email = serializer.loads( activation_token ) user = User.query \ .filter(User.email == email) \ .one() user.is_active = True db.session.commit() # Mail(user.email, # subject_data={'name': user.full_name}, # html_data={'name': user.full_name}, # text_data={'name': user.full_name}, # template_root=WELCOME_MAIL # ).send() activate_user_to_mautic.delay(user.email) return redirect(f"{request.url_root}login") except (NoResultFound, BadSignature): return Error('Invalid Token', 403)()
def confirm_status_token(token): serializer = URLSafeSerializer(Config.SECRET_KEY) try: status = serializer.loads(token, salt='status-confirm') except: return False return status
def _update_object(self, obj): """Validate the task_run object and update it with user id or ip.""" s = URLSafeSerializer(current_app.config.get('SECRET_KEY')) # Get the cookie with the task signed for the current task_run cookie_id = 'task_run_for_task_id_%s' % obj.task_id task_cookie = request.cookies.get(cookie_id) if task_cookie is None: raise Unauthorized("Missing task cookie for posting" " a valid task_run") # Load the real task from the DB task_cookie = s.loads(task_cookie) task = db.session.query(model.Task).get(task_cookie['id']) if ((task is None) or (task.id != obj.task_id)): # pragma: no cover raise Forbidden('Invalid task_id') if (task.app_id != obj.app_id): raise Forbidden('Invalid app_id') if not current_user.is_anonymous(): obj.user = current_user else: obj.user_ip = request.remote_addr # Check if this task_run has already been posted task_run = db.session.query(model.TaskRun)\ .filter_by(app_id=obj.app_id)\ .filter_by(task_id=obj.task_id)\ .filter_by(user=obj.user)\ .filter_by(user_ip=obj.user_ip)\ .first() if task_run is not None: raise Forbidden('You have already posted this task_run')
def decrypt_cookie(encrypted_content): s = URLSafeSerializer(current_app.secret_key, salt='cookie') try: content = s.loads(encrypted_content) except: content = '-1' return content
def stoptoday(request): import sys from itsdangerous import URLSafeSerializer try: if 'id' in request.GET and request.GET['id'] != '': try: secretkey = oper_para.objects.get(name='sk') s = URLSafeSerializer(secretkey.content) vid = s.loads(request.GET['id']) except: return HttpResponseRedirect('/') #singleL = LineInformList.objects.get(id = request.GET['id']) singleL = LineInformList.objects.get(id = vid) print 'id:' + str(request.GET['id']) print 'TF:' + str(request.GET['TF']) if request.GET['TF'] == 'true': singleL.stoptoday = 'X' else: singleL.stoptoday = 'V' singleL.save() #return HttpResponse('您好,本通知本日已停用') return render_to_response('stoptoday.html') except ValueError: pass
def verify_key(request): # TODO: convert to a decorator key = request.META.get('HTTP_ROLF_API_KEY', '') s1 = URLSafeSerializer(settings.API_SECRET, salt="rolf-ipaddress-key") try: d = s1.loads(key) # check their IP remote_addr = request.META.get( 'HTTP_X_FORWARDED_FOR', request.META.get('REMOTE_ADDR')) if d['remote_addr'] != remote_addr: return None return get_object_or_404(User, username=d['username']) except BadSignature: # try timed key s2 = URLSafeTimedSerializer(settings.API_SECRET, salt="rolf-timed-key") try: d = s2.loads(key, max_age=60 * 60 * 24 * 7) return get_object_or_404(User, username=d['username']) except BadSignature: # invalid return None except SignatureExpired: return None return None
def get_data(token): s = URLSafeSerializer(os.environ['SIGNER_SECRET']) try: return s.loads(token) except BadSignature: # Invalid token return None
def save_password(self, **kw): secret = tg.config.get('session.secret', tg.config.get('beaker.session.secret')) serializer = URLSafeSerializer(secret) deserialized_data = serializer.loads(kw['data']) request_date = datetime.strptime(deserialized_data['request_date'], '%m/%d/%Y %H:%M') user = model.provider.query( app_model.User, filters=dict( email_address=deserialized_data['email_address']))[1][0] password_frag = user.password[0:4] if abs((datetime.now() - request_date).days) > 1: flash(_('Password reset request timed out'), 'error') return plug_redirect('resetpassword', '/') if password_frag != deserialized_data['password_frag']: flash(_('Invalid password reset request'), 'error') return plug_redirect('resetpassword', '/') user.password = kw['password'] flash(_('Password changed successfully')) if 'redirect_to' in deserialized_data: redirect(deserialized_data['redirect_to']) else: return redirect('/')
class LinkGenerator: """ Link to personalised form in email """ DELIMITER = ';' def __init__(self, app): self._app = app self._serializer = URLSafeSerializer(app.config['SECRET_KEY']) def generate_payload(self, gala_id, club_id, swimmer_id): """ Include identifiers in payload :param gala_id: :param club_id: :param swimmer_id: """ payload = str(time()) + self.DELIMITER + str(gala_id) + self.DELIMITER + str(club_id) + \ self.DELIMITER + str(swimmer_id) return self._serializer.dumps(payload, salt=constants.LINK_GENERATOR_SALT) def load_payload(self, payload): """ Retrieve identifiers from payload :param payload: """ plain_payload = self._serializer.loads(payload, salt=constants.LINK_GENERATOR_SALT) try: plain_payload = plain_payload.split(self.DELIMITER) return {'gala_id': plain_payload[1], 'club_id': plain_payload[2], 'swimmer_id': plain_payload[3]} except: raise ValueError('Invalid payload format detected.')
def post(self, request, id, token): a = get_object_or_404(Album, pk=id) s = URLSafeSerializer(settings.SECRET_KEY) d = s.loads(token) if str(d['album_id']) != id: return HttpResponse("bad token") if request.FILES.get('image', None): original_filename = request.FILES['image'].name extension = os.path.splitext(original_filename)[1].lower() if extension == ".jpeg": extension = ".jpg" if extension not in [".jpg", ".png", ".gif"]: return HttpResponse("unsupported image format") title = original_filename rhash = settings.UPLOADER.upload(request.FILES['image']) p = Photo.objects.create( title=title, reticulum_key=rhash, extension=extension, description='') AlbumPhoto.objects.create( album=a, photo=p) return HttpResponse("ok") else: return HttpResponse("no image")
def on_confirm_email(token): """Email confirmation endpoint. We try to confirm the specified signup and redirect to a webpage. """ try: s = URLSafeSerializer(get_token_secret()) signup_id = ObjectId(s.loads(token)) except BadSignature: return "Unknown token" patch_internal('eventsignups', {'confirmed': True}, skip_validation=True, concurrency_check=False, **{current_app.config['ID_FIELD']: signup_id}) # Now the user may be able to get accepted, so update the events waiting # list lookup = {current_app.config['ID_FIELD']: signup_id} signup = current_app.data.find_one('eventsignups', None, **lookup) update_waiting_list(signup['event']) redirect_url = current_app.config.get('EMAIL_CONFIRMED_REDIRECT') if redirect_url: return redirect(redirect_url) else: return current_app.config['CONFIRM_TEXT']
def confirm_invite(request, volunteer_campaign_id): serializer = URLSafeSerializer(settings.SECRET_KEY) try: volunteer_campaign_id = serializer.loads(volunteer_campaign_id) except BadSignature as e: raise Http404(str(e)) volunteer_campaign = get_object_or_404(VolunteerCampaign, pk=volunteer_campaign_id) if request.user.is_authenticated() and volunteer_campaign.volunteer != request.user.volunteer: raise Http404('Invitation was sent to other volunteer.') response = log_user_in(request, volunteer_campaign.volunteer.user) if response is not None: return response if request.method == 'POST': if request.POST.get('action') == 'accept': volunteer_campaign.accepted = True get_adapter().send_mail('emails/volunteer_accept', volunteer_campaign.organisation.user.email, { 'volunteer': volunteer_campaign.volunteer, }) else: volunteer_campaign.accepted = False volunteer_campaign.save() return redirect('volunteer_profile') return render(request, 'volunteers/confirm.html', { 'organisation': volunteer_campaign.organisation, })
def read_token(token, salt, expiration=86400): serializer = URLSafeSerializer(app.config['SECRET_KEY']) obj = serializer.loads( token, salt=salt ) return obj
def resetVerifyCheck(key): url_serial = URLSafeSerializer( "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg==" ) timed_serial = TimedSerializer( "XHhkMVx4OTgzXFxceDhmZilceDk2Ilx4MTZceDhkXHhhYlx4ZGFceDlkXHhiYUNHXHhlM1x4YTRceDFiK0RceGNhfg==" ) status = None try: key = timed_serial.loads(key, max_age=300) key = url_serial.loads(key) username = str(sanitize(key[0])) password = sha512_crypt.encrypt(sanitize(key[1])) except: status = "Oops, The Link Has Expired..!!" return status cursor, dbconn = dbConnection() query = "UPDATE users SET password = %s WHERE username = %s" try: cursor.execute(query, (password, username)) dbconn.commit() status = "Password Updated Successfully..!!" except: dbconn.rollback() status = "Oops, Something Went Wrong Please Try Again..!!" cursor.close() dbconn.close() return status
def shifts(payload): serializer = URLSafeSerializer(APP.secret_key) available_shifts = SPREADSHEET.get_available_shifts() employees = SPREADSHEET.get_employees() if request.method == 'GET': try: employee_num = serializer.loads(payload) except BadSignature: abort(404) else: employee_num = int(payload) employee_row = employees.iloc[employee_num] if employee_row['Current'] == 'TRUE': row = int(request.form.get('row')) employee_name = employee_row['Name'] assigned = int(employee_row['Assigned']) + 1 if employee_row['GiveTo'] != '': employee_name = '{} ({})'.format(employee_row['GiveTo'], employee_name) SPREADSHEET.update_available_shifts_cell(row, 4, employee_name) SPREADSHEET.update_employees_cell(employee_num, 3, assigned) SPREADSHEET.update_employees_cell(employee_num, 5, False) SPREADSHEET.update_employees_cell(employee_num, 6, '') available_shifts.iloc[row]['OnCall'] = employee_name flash('Thank you, {}!'.format(employee_name)) else: flash('Please wait until it is your turn.') return render_template('shifts.html', shifts=available_shifts, employeeNum=employee_num, employees=employees)
def confirm_token(token, secret_key): serializer = URLSafeSerializer(secret_key) try: email = serializer.loads(token) except: return False return email
def main(): abspath = os.path.abspath(__file__) dname = os.path.dirname(abspath) os.chdir(dname) action = sys.argv[1] secret_key = sys.argv[2] if action == "generate": filename = sys.argv[3] basename = filename.split(".")[-2] extension = filename.split(".")[-1] digest = hashlib.sha512(secret_key + basename).hexdigest() des = URLSafeSerializer(digest) credentials = {'filename': filename.encode("base64"), 'ext': extension, 'length': len(filename), 'signature': digest} print des.dumps(credentials, salt="donttread") return signed_serial = sys.argv[3] result = URLSafeSerializer("").loads_unsafe(signed_serial) img = "snek.jpg" try: if result[1]: signature = result[1]['signature'] extension = result[1]['ext'] filename = result[1]['filename'].decode("base64") length = result[1]['length'] if len(filename) == length and len(extension) == 3: basename = filename.split(".")[-2] digest = hashlib.sha512(secret_key + splitext(filename)[0]).hexdigest() if digest == signature: des = URLSafeSerializer(digest) des.loads(signed_serial, salt="donttread") img = "%s.%s" % (basename, extension) except: pass proc = subprocess.Popen(["./read_file", img], stdout=subprocess.PIPE) imgo = proc.stdout.read().encode("base64").replace("\n", "") output = '<img src="data:image/png;base64,%s" alt="i am %s" />' % (imgo, img) print output
def verify_confirm_token(token): s = Serializer(current_app.config['SECRET_KEY']) try: data = s.loads(token) except: return False id = data.get('confirm') # id int return id
def decode(something): """Decode something with SECRET_KEY.""" secret_key = current_app.config.get('SECRET_KEY') s = URLSafeSerializer(secret_key) try: return s.loads(something) except BadSignature: return None
def decode_token_or_400(auth_token): """ Decode the given auth_token and return the data dict therein, or fail with a HTTP 400 error. """ serializer = URLSafeSerializer(current_app.config['SECRET_KEY']) try: return serializer.loads(auth_token) except BadData as ex: generic_error_handler(ex) abort(400)
def confirmation(token): serializer = URLSafeSerializer(app.config['SECRET_KEY']) email = serializer.loads(token) registration = Registration.query.filter(Registration.email == email).one() registration.confirmed_at = datetime.utcnow() db.session.commit() flash(_("Your registration has been confirmed."), 'success') return redirect("/")
def signed_deserialize(token): """De-serialize signed data.""" c = get_config() s = URLSafeSerializer(c.secrets.signing_key) try: result = s.loads(token) return result except: return None
def verify_auth_token(token): """verify the user with token""" s = Serializer(current_app.config['SECRET_KEY']) try: data = s.loads(token) except: return None # get id return User.query.get_or_404(data['id'])
def confirm_account(secretstring): s = URLSafeSerializer("serliaizer_code") uname, uemail = s.loads(secretstring) user = Users.query.filter_by(username=uname).first() user.activate = True db.session.add(user) db.session.commit() flash(u"Your account was confirmed succsessfully!!!") return redirect(url_for("login"))
def reset_password(token): s = URLSafeSerializer("hacker-bees") user_id = s.loads(token) user = User.query.get(int(user_id)) expired = datetime.today() - user.reset_time if expired.days > 1: flash("Password reset link has expired") return redirect(url_for("login")) return render_template("reset.html", token=token)
def buy_worker(defaults=None, template="ssl/buy"): if defaults is None: defaults = {} country = request.headers.get("X-Appengine-Country", "").upper() region = request.headers.get("X-AppEngine-Region", "").upper() if "country" not in defaults: # When App Engine is running locally or cannot determine country it # returns ZZ as the country code. if country == "ZZ": country = "GB" if country is not None: defaults["country"] = country else: defaults["country"] = "US" if "state" not in defaults: if country in REGIONS and region in REGIONS[country]: defaults["state"] = REGIONS[country][region] defaults["coupon_code"] = coupon = request.args.get("coupon") defaults["price"] = 50 promotion = request.args.get("promotion") if promotion: defaults["promotion"] = promotion if promotion == "academic": defaults["price"] = 25 defaults["coupon_message"] = "Academic discount applied" if coupon: s = URLSafeSerializer(current_app.config.get("SECRET_KEY"), salt="SSL_COUPON_USD") # Load the coupon try: coupon = s.loads(coupon) # coupon should contain price, domain if "price" in coupon: defaults["price"] = int(coupon["price"]) if "domain" in coupon and coupon["domain"] != "": defaults["domain"] = coupon["domain"] defaults["domain_locked"] = True logging.info(coupon) defaults["coupon_message"] = "Coupon applied (price: $%d)" % defaults["price"] except BadPayload: defaults["coupon_code"] = None defaults["error"] = "The coupon is malformed" except BadSignature: defaults["coupon_code"] = None defaults["error"] = "This coupon is no longer valid" return render_template(template, countries=COUNTRIES_BY_NAME, **defaults)
class Encryption: def init_app(self, app): self.serializer = URLSafeSerializer(app.config.get('SECRET_KEY')) self.salt = app.config.get('DANGEROUS_SALT') def encrypt(self, thing_to_encrypt): return self.serializer.dumps(thing_to_encrypt, salt=self.salt) def decrypt(self, thing_to_decrypt): return self.serializer.loads(thing_to_decrypt, salt=self.salt)
def verify_client_token(token): """ verify client token but need client_key """ s = Serializer( current_app.config["SECRET_KEY"] ) data = s.loads(token) return Client.query.get_or_404(data['client_id'])
def verify_auth_token(token): s = Serializer(app.config['SECRET_KEY']) try: data = s.loads(token) except SignatureExpired: return None except BadSignature: return None user = User.query.get(data['id']) return user
def unsing_string(signed_string): """ Récupérer le mail depuis une string signée :param signed_string: la string signée :returns: le mail caché dedans """ signer_kwargs = {"digest_method": sha256} signer = URLSafeSerializer(app.secret_key, signer_kwargs=signer_kwargs) return signer.loads(signed_string)
def login_get_next_url(): if 'next' not in request.args: return None try: serializer = URLSafeSerializer(config.secret) goto = serializer.loads(request.args['next']) goto = request.url_root + goto return goto except: return None
def wrapped(*args, **kwargs): s = Serializer(current_app.config['SECRET_KEY']) token = request.headers.get('eD-Token', '') if not token: return bad_request('Missing token') try: data = s.loads(token) except: return bad_request('Token incorrect') g.session_data = data return f(*args, **kwargs)
def ping(self, incoming_request): serializer = URLSafeSerializer(self.config['SECRET_KEY']) req = serializer.loads(incoming_request['payload']) self._bot.conn.client.register_plugin('xep_0033') message = self._bot.conn.client.Message() message['to'] = 'multicast.j4lp.com' message['body'] = req['body'] for user in req['users']: message['addresses'].addAddress(atype='bcc', jid=user) message.send() return
def trowel_login(token=None): s = URLSafeSerializer(app.config['SECRET_KEY']) try: payload = s.loads(token) except BadSignature: abort(404) current_time = time.time() if current_time - 10 <= payload["stamp"] <= current_time + 10: login_user(User.objects.get(id=payload["id"])) return redirect(url_for("root.index")) abort(404)
def confirmed_token(token, expiration = 36000): serialzer = URLSafeSerializer(SECRET_KEY) try: email = serialzer.loads( token, salt = SECURITY_PASSWORD_SALT, max_age = expiration ) except: return False return email
def login_get_next_url(): if 'next' not in request.args: return None, None try: serializer = URLSafeSerializer(current_app.secret_key) goto_encrypted = request.args['next'] goto = serializer.loads(goto_encrypted) goto = request.url_root + goto return goto, goto_encrypted except: return None, None
def is_activation_token_valid(token): s = URLSafeSerializer(current_app.config["SECRET_KEY"]) try: info = s.loads(token) expired_at = info[2] if expired_at < (datetime.now() - datetime(1970,1,1)).total_seconds(): return False else: return True except: return False