def admin_verify(self):
cookie = self.request.cookies.get('admin')
ip = self.request.remote_addr
if cookie and ip == ADMIN_IP:
user, uhash = cookie.split('|')
return True if secret_hash(user) == uhash else None
return None
def verify_user_cookie(self):
"""looks up user_id in cookie and returns name if valid, else None"""
cookie = self.request.cookies.get('user_id')
if cookie:
user, uhash = cookie.split('|')
return User(user) if secret_hash(user) == uhash else None
return None
def set_admin_cookie(self, name, expires=30):
"""returns complete cookie string"""
userhash = name + '|' + secret_hash(name)
dt = datetime.now()
dt = dt + timedelta(days = 30)
expires = dt.strftime("%a, %d-%b-%Y %H:%M:%S GMT")
self.response.headers.add_header('Set-Cookie', str('admin='+userhash+';Path=/; expires="'+expires+'"'))
def validate_cookie(self, cookie):
"""Returns username if valid cookie, else None"""
username, userhash = cookie.split('|')
return username if secret_hash(username) == userhash else False