def testGenerateToken(self, mock_generate_token):
token = xsrf_utils.GenerateToken()
mock_generate_token.assert_called_once_with(
self.secret_key,
self.user_id,
action_id=xsrf_utils._UPVOTE_DEFAULT_ACTION_ID)
self.assertEquals(mock_generate_token.return_value, token)
def initialize(self, request, response):
"""Initalizes the handler.
Overriden to set the XSRF cookie.
Args:
request: The requst to handle.
response: The response of the handler.
"""
super(BaseHandler, self).initialize(request, response)
# Ensure there is an User associated with the AppEngine user making
# this request.
self.user = user_models.User.GetOrInsert()
# Set the XSRF cookie.
if self.request and self.response:
running_locally = env_utils.RunningLocally()
domain = self.request.host
if ':' in domain:
domain = domain.split(':')[0]
self.response.set_cookie(
xsrf_utils.ANGULAR_XSRF_COOKIE_NAME, value=xsrf_utils.GenerateToken(),
domain=domain, secure=(not running_locally))
def testUnauthenticatedUser_BlankToken(self):
self.Logout()
with self.assertRaises(xsrf_utils.UserNotFoundError):
self.assertEqual('', xsrf_utils.GenerateToken())
def testRequireToken_ValidRequest(self):
token = xsrf_utils.GenerateToken()
response = self.testapp.post('', {}, {'X-XSRF-TOKEN': token})
self.assertEquals(httplib.OK, response.status_int)
self.assertEquals('called', response.body)
def post(self, uuid):
token = xsrf_utils.GenerateToken(action_id=_SANTA_ACTION, user_id=uuid)
self.response.headers[xsrf_utils.DEFAULT_HEADER] = token
self.response.set_status(httplib.OK)