def _do_token(self, token):
try:
if token is None:
read_list = None
else:
read_list = UnauthenticatedToken.get(token)
except BadKeyError:
self.clear_cookies()
read_list = None
if read_list is None:
if (self.user is None) or (self.request.cookies['N'] is None):
write_list = UnauthenticatedToken(itemlist_json=self.request.str_POST['itemList'],
last_ip=self.request.remote_addr,
security_string = "".join(random.sample(string.digits+string.ascii_letters,10)))
self.response.set_cookie('S', write_list.security_string, max_age=self.COOKIE_AGE)
self.response.delete_cookie('N')
self.response.set_cookie('Y', "token", max_age=self.COOKIE_AGE)
else:
write_list = NamedToken(itemlist_name=self.request.cookies['N'],
itemlist_json=self.request.str_POST['itemList'])
self.response.set_cookie('N', write_list.itemlist_name, max_age=self.COOKIE_AGE)
self.response.delete_cookie('S')
self.response.set_cookie('Y', "named", max_age=self.COOKIE_AGE)
else:
if (self.user is None) or (self.request.cookies['N'] is None):
if self.request.cookies['S'] == read_list.security_string:
write_list = read_list
write_list.itemlist_json = self.request.str_POST['itemList']
self.response.set_cookie('S', write_list.security_string, max_age=self.COOKIE_AGE)
self.response.delete_cookie('N')
self.response.set_cookie('Y', "token", max_age=self.COOKIE_AGE)
else:
write_list = UnauthenticatedToken(itemlist_json=self.request.str_POST['itemList'],
last_ip=self.request.remote_addr,
security_string = "".join(random.sample(string.digits+string.ascii_letters,10)))
self.response.set_cookie('S', write_list.security_string, max_age=self.COOKIE_AGE)
self.response.delete_cookie('N')
self.response.set_cookie('Y', "token", max_age=self.COOKIE_AGE)
else:
write_list = NamedToken(itemlist_name=self.request.cookies['N'],
itemlist_json=self.request.str_POST['itemList'])
self.response.set_cookie('N', write_list.itemlist_name, max_age=self.COOKIE_AGE)
self.response.delete_cookie('S')
self.response.set_cookie('Y', "named", max_age=self.COOKIE_AGE)
write_list.put()
self.response.set_cookie('T', write_list.key(), max_age=self.COOKIE_AGE)
self.set_error(None);
def _do_token(self, token):
try:
if token is None:
list = None
else:
list = UnauthenticatedToken.get(token)
except BadKeyError:
logging.error("User (%s) tried to specify illegal key: %s" % (self.request.remote_addr, token))
self.clear_cookies()
self.set_error('You specified a token that does not exist in the database. This could be because it has cycled off (an old list) or a bad link.')
return
if list is None:
self.clear_cookies()
self.set_error(None)
return
else:
if self.request.cookies['S'] != list.security_string:
self.response.delete_cookie('S')
else:
self.response.set_cookie('S',list.security_string, max_age=self.COOKIE_AGE)
self.response.delete_cookie('N')
self.response.set_cookie('Y',"token", max_age=self.COOKIE_AGE)
self.response.set_cookie('T',token, max_age=self.COOKIE_AGE)
self.set_error(None, list.itemlist_json)
return
def _do_token(self, token):
try:
if token is None:
read_list = None
else:
read_list = UnauthenticatedToken.get(token)
except BadKeyError:
logging.error("User (%s) tried to specify illegal key: %s" % (self.request.remote_addr, token))
self.clear_cookies()
self.set_error(None)
if (read_list is None) or (self.request.cookies['S'] != read_list.security_string):
self.clear_cookies()
self.set_error('You are not the owner of this list.')
else:
read_list.delete()
self.clear_cookies()
self.set_error(None)