def generate_login_token(user, url): strings = [str(user.id), url.strip(), str(int(time.time()))] token_byte_string = encode_token(strings) if URLCRYPT_USE_RSA_ENCRYPTION: token_byte_string = urlcrypt.rsa.encrypt(token_byte_string) return base64url_encode(token_byte_string)
def test_login_token_failed_hax0r(self): fake_token = 'asdf;lhasdfdso' response = self.client.get(reverse('urlcrypt_redirect', args=(fake_token,))) self.assertRedirects(response, URLCRYPT_LOGIN_URL) fake_token = base64url_encode(encode_token([str(self.test_user.id), reverse('urlcrypt_test_view'), str(int(time.time()))])) response = self.client.get(reverse('urlcrypt_redirect', args=(fake_token,))) self.assertRedirects(response, URLCRYPT_LOGIN_URL)
def test_login_token_failed_hax0r(self): fake_token = 'asdf;lhasdfdso' response = self.client.get( reverse('urlcrypt_redirect', args=(fake_token, ))) self.assertRedirects(response, URLCRYPT_LOGIN_URL) fake_token = base64url_encode( encode_token([ str(self.test_user.id), reverse('urlcrypt_test_view'), str(int(time.time())) ])) response = self.client.get( reverse('urlcrypt_redirect', args=(fake_token, ))) self.assertRedirects(response, URLCRYPT_LOGIN_URL)