def validate_signature_for(self, user_data): nonce_entity = UserNonce.get_for(user_data, "https_transfer") if nonce_entity is None: return False nonce = nonce_entity.value expected = BaseSecureToken.sign_payload(user_data, self.timestamp, nonce) return expected == self.signature
def validate_signature_for(self, user_data): nonce_entity = UserNonce.get_for(user_data, "pw_reset") if nonce_entity is None: return False nonce = nonce_entity.value expected = BaseSecureToken.sign_payload(user_data, self.timestamp, nonce, user_data.credential_version) return expected == self.signature
def test_nonce_values_are_user_specific(self): bob = self.make_user('*****@*****.**') joe = self.make_user('*****@*****.**') UserNonce.make_for(bob, "type") self.assertTrue(UserNonce.get_for(joe, "type") is None)
def test_nonce_types_distinct(self): u = self.make_user('*****@*****.**') type1 = UserNonce.make_for(u, "type1") self.assertTrue(UserNonce.get_for(u, "type2") is None) self.assertEquals(type1.value, UserNonce.get_for(u, "type1").value)