def _make_key(self): if self.csrf_session is not None: key = str(uuid.uuid1()) self.csrf_session["_formkey"] = key else: key = str(uuid.uuid1()) response.set_cookie("_formkey", key, same_site="Strict") return key
def set_storage_values(user_signature, values_dict): # default the timeout to 1 hour - override by setting SIMPLE_TABLE_SIGNATURE_MAX_AGE in settings try: max_age = settings.SIMPLE_TABLE_SIGNATURE_MAX_AGE except: max_age = 3600 response.set_cookie(str(user_signature), json.dumps(values_dict), secret=settings.SESSION_SECRET_KEY, max_age=max_age)
def _get_key(self): if self.csrf_session is not None: key = self.csrf_session.get("_form_key") if key is None: key = str(uuid.uuid1()) self.csrf_session["_form_key"] = key else: key = request.get_cookie("_form_key") if key is None: key = str(uuid.uuid1()) response.set_cookie("_form_key", key, same_site="Strict") additional_info = { "signing_info": self.signing_info, "form_name": self.form_name, } return key + "." + json.dumps(additional_info)