Пример #1
0
    def test_versioned(self, time):
        time.return_value = 1000

        message = "hello!"
        max_age = datetime.timedelta(seconds=30)

        versioned = VersionedSecret(previous=b"one", current=b"two", next=b"three")

        previous = VersionedSecret.from_simple_secret(versioned.previous)
        current = VersionedSecret.from_simple_secret(versioned.current)
        next = VersionedSecret.from_simple_secret(versioned.next)

        self.assertEqual(crypto.make_signature(versioned, message, max_age),
                         crypto.make_signature(current, message, max_age))

        signature = crypto.make_signature(previous, message, max_age)
        info = crypto.validate_signature(versioned, message, signature)
        self.assertEqual(info.expiration, 1030)

        signature = crypto.make_signature(current, message, max_age)
        info = crypto.validate_signature(versioned, message, signature)
        self.assertEqual(info.expiration, 1030)

        signature = crypto.make_signature(next, message, max_age)
        info = crypto.validate_signature(versioned, message, signature)
        self.assertEqual(info.expiration, 1030)
Пример #2
0
    def new_csrf_token(self, request):
        """Return a new CSRF token.

        You will need to call `pyramid.csrf.new_csrf_token` to get a new
        CSRF token when rendering forms, you should not re-use CSRF tokens
        when using this StoragePolicy since these tokens expire and are
        difficult to selectively invalidate.
        """
        prefix, payload = _make_csrf_token_payload(
            version=self.VERSION, account_id=request.authenticated_userid)
        signature = make_signature(self._get_secret(), payload, self._max_age)
        return ".".join([prefix, signature.decode("utf-8")])