def get_nonce(environ):
"""
Create a nonce that will last about an hour.
"""
user, host, secret = get_nonce_components(environ)
time = datetime.utcnow().strftime('%Y%m%d%H')
return gen_nonce(user, host, time, secret)
def _send_safe_mode(environ, start_response):
"""
Send a form that initiates safe_mode by asking
the user to confirm that they want it and then
POSTing back to the same URI.
XXX: This should maybe be replaced with a tiddler.
However, then that tiddler will be visible in spaces
and we don't want that.
"""
environ['tiddlyweb.title'] = 'Confirm Safe Mode'
now = datetime.utcnow().strftime('%Y%m%d%H')
user, hostname, secret = get_nonce_components(environ)
csrf_token = gen_nonce(user, hostname, now, secret)
start_response('200 OK', [('Content-Type', 'text/html; charset=UTF-8')])
return ["""
<div id='content'><div class='tiddler'>
<form method='POST'>
<p>Are you sure you wish to run safe mode?</p>
<input type="hidden" name="csrf_token" value="%s" />
<input type='submit' value='Yes' />
</form>
<p><a href='/'>Return to my Space.</a></p>
</div></div>
""" % csrf_token]
def _send_safe_mode(environ, start_response):
"""
Send a form that initiates safe_mode by asking
the user to confirm that they want it and then
POSTing back to the same URI.
"""
environ['tiddlyweb.title'] = 'Confirm Safe Mode'
now = datetime.utcnow().strftime('%Y%m%d%H')
user, hostname, secret = get_nonce_components(environ)
csrf_token = gen_nonce(user, hostname, now, secret)
start_response('200 OK', [('Content-Type', 'text/html; charset=UTF-8')])
return ["""
<div id='content'><div class='tiddler'>
<form method='POST'>
<p>Are you sure you wish to run safe mode?</p>
<input type="hidden" name="csrf_token" value="%s" />
<input type='submit' value='Yes' />
</form>
<p><a href='/'>Return to my Space.</a></p>
</div></div>
""" % csrf_token]
