def __init__(self, initial=None, sid=None, new=False):
def on_update(self):
self.modified = True
SecureCookie.__init__(self, initial, on_update)
self.sid = sid
self.new = new
self.modified = False
def set_cookie(self,
response,
name,
data,
path=None,
expires=None,
secret_key=None,
max_age=None,
secure=False,
httponly=True,
force=True):
"""store data under the named cookie as a securecookie in the response"""
if secret_key is None:
secret_key = self.config.get('secret_key', None)
cookie = SecureCookie(data, secret_key=secret_key)
path = path or self.config.get('session_cookie_path') or \
self.config.get('application_root') or '/'
cookie.save_cookie(response,
key=name,
expires=expires,
max_age=max_age,
path=path,
domain=self.config.session_cookie_domain,
secure=secure,
httponly=httponly,
force=force)
def saveOAuthToken(next, token, secret, max_age=3000):
secretKey = current_app.config['SECRET_KEY'].encode('utf-8')
data = SecureCookie({"token": token, "secret": secret}, secretKey)
expires = datetime.utcnow() + timedelta(seconds=max_age)
resp = make_response(next)
resp.set_cookie('zapfauth_token', data.serialize(), expires=expires)
return resp
def get_cookie_obj(cookie):
cookie_data = request.cookies.get(cookie, None)
if cookie_data is None:
cookie_obj = SecureCookie(secret_key=app.config["SECRET_KEY"])
else:
cookie_obj = SecureCookie.unserialize(cookie_data,
app.config["SECRET_KEY"])
return cookie_obj
def __init__(self, initial=None, sid=None, new=False):
def on_update(self):
self.modified = True
SecureCookie.__init__(self, initial, on_update)
self.sid = sid
self.new = new
self.modified = False
def fake_login(request):
if request.method == 'GET':
return Response("FAKE LOGIN", mimetype="text/html")
elif request.method == 'POST':
response = Response("LOGGED IN", mimetype="text/html")
cookie = SecureCookie({"logged_in": True}, SECRET_KEY)
response.set_cookie('session_data', cookie.serialize())
return response
def client_session(req):
data = request.cookies.get('ruanbo')
if not data:
return SecureCookie({
"foo": 42,
"baz": (1, 2, 3)
},
secret_key=SECRET_KEY)
return SecureCookie.unserialize(data, SECRET_KEY)
def get_from_cookie(cookie, key):
cookie_data = request.cookies.get(cookie, None)
if cookie_data is None:
cookie_obj = SecureCookie(secret_key=app.config["SECRET_KEY"])
else:
cookie_obj = SecureCookie.unserialize(cookie_data,
app.config["SECRET_KEY"])
print("Getting cookie data: ", dict(cookie_obj))
return cookie_obj.get(key)
def __init__(self, initial=None, sid=None, new=False, secret_key=None):
def on_update(self):
self.modified = True
SecureCookie.__init__(self, initial, secret_key=secret_key, new=new)
self.sid = sid
self.new = new
self.modified = False
if self.sid is None:
self.sid = generate_key()
def test_basic_support():
c = SecureCookie(secret_key=b'foo')
assert c.new
assert not c.modified
assert not c.should_save
c['x'] = 42
assert c.modified
assert c.should_save
s = c.serialize()
c2 = SecureCookie.unserialize(s, b'foo')
assert c is not c2
assert not c2.new
assert not c2.modified
assert not c2.should_save
assert c2 == c
c3 = SecureCookie.unserialize(s, b'wrong foo')
assert not c3.modified
assert not c3.new
assert c3 == {}
c4 = SecureCookie({'x': 42}, 'foo')
c4_serialized = c4.serialize()
assert SecureCookie.unserialize(c4_serialized, 'foo') == c4
def test_basic_support():
c = SecureCookie(secret_key=b"foo")
assert c.new
assert not c.modified
assert not c.should_save
c["x"] = 42
assert c.modified
assert c.should_save
s = c.serialize()
c2 = SecureCookie.unserialize(s, b"foo")
assert c is not c2
assert not c2.new
assert not c2.modified
assert not c2.should_save
assert c2 == c
c3 = SecureCookie.unserialize(s, b"wrong foo")
assert not c3.modified
assert not c3.new
assert c3 == {}
c4 = SecureCookie({"x": 42}, "foo")
c4_serialized = c4.serialize()
assert SecureCookie.unserialize(c4_serialized, "foo") == c4
def set_gaema_user(service, user):
gaema_user_key = GAEMA_USER_KEY_FORMAT % service
if hasattr(settings, "GAEMA_STORAGE") and settings.GAEMA_STORAGE == "cookie":
secure_cookie = SecureCookie(user, secret_key=settings.SECRET_KEY)
user_data = secure_cookie.serialize()
set_cookie(gaema_user_key, user_data)
else:
from kay.sessions import renew_session
renew_session(local.request)
local.request.session[gaema_user_key] = user
local.request.session.modified = True
def set_gaema_user(service, user):
gaema_user_key = GAEMA_USER_KEY_FORMAT % service
if hasattr(settings,
"GAEMA_STORAGE") and settings.GAEMA_STORAGE == "cookie":
secure_cookie = SecureCookie(user, secret_key=settings.SECRET_KEY)
user_data = secure_cookie.serialize()
set_cookie(gaema_user_key, user_data)
else:
from kay.sessions import renew_session
renew_session(local.request)
local.request.session[gaema_user_key] = user
local.request.session.modified = True
def save_session(self, session, response):
# 这个函数将在构造好了response后调用,此函数逻辑是如何session有内容,就将其
# 保存在数据库,然后构建一个新的Securecookie,在传入sid的值,然后保存在response
# 中
if session is not None:
if session.should_save:
self.session_store.save(session)
secure_cookie = SecureCookie({}, secret_key=self.secret_key)
secure_cookie['sid'] = session.sid
# 这里必须要有一次额外的赋值,否则secure_cookie的should_save为False
secure_cookie.save_cookie(response, self.session_cookie_name)
def set_cookie(self, response, name, data, path = None,
expires = None, secret_key = None, max_age = None,
secure = False, httponly = True, force = True):
"""store data under the named cookie as a securecookie in the response"""
if secret_key is None:
secret_key = self.config.get('secret_key', None)
cookie = SecureCookie(data, secret_key=secret_key)
path = path or self.config.get('session_cookie_path') or \
self.config.get('application_root') or '/'
cookie.save_cookie(response, key=name, expires=expires, max_age=max_age,
path=path, domain=self.config.session_cookie_domain,
secure=secure, httponly=httponly, force=force)
def save_session_to_cookie(response):
secret = current_app.config.get("session_secret")
if secret:
session = local.session
if session:
if not isinstance(session, SecureCookie):
session = SecureCookie(session, secret)
expires = None
lifetime = current_app.config.get("session_lifetime")
if lifetime:
expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=lifetime)
session_name = current_app.config.get("session_cookie_name") or "session"
session.save_cookie(response, session_name, expires=expires)
def set_to_cookie(req_response, cookie, key, value):
cookie_data = request.cookies.get(cookie, None)
if cookie_data is None:
cookie_obj = SecureCookie(secret_key=app.config["SECRET_KEY"])
else:
cookie_obj = SecureCookie.unserialize(cookie_data,
app.config["SECRET_KEY"])
cookie_obj[key] = value
all_cookies = session.get(ALL_COOKIES_KEY, [])
if cookie not in all_cookies:
all_cookies.append(cookie)
session[ALL_COOKIES_KEY] = all_cookies
req_response.set_cookie(cookie, cookie_obj.serialize())
def test_wrapper_support(self):
req = Request.from_values()
resp = Response()
c = SecureCookie.load_cookie(req, secret_key='foo')
assert c.new
c['foo'] = 42
assert c.secret_key == 'foo'
c.save_cookie(resp)
req = Request.from_values(headers={
'Cookie': 'session="%s"' % parse_cookie(resp.headers['set-cookie'])['session']
})
c2 = SecureCookie.load_cookie(req, secret_key='foo')
assert not c2.new
assert c2 == c
def test_wrapper_support(self):
req = Request.from_values()
resp = Response()
c = SecureCookie.load_cookie(req, secret_key="foo")
assert c.new
c["foo"] = 42
assert c.secret_key == "foo"
c.save_cookie(resp)
req = Request.from_values(
headers={"Cookie": 'session="%s"' % parse_cookie(resp.headers["set-cookie"])["session"]}
)
c2 = SecureCookie.load_cookie(req, secret_key="foo")
assert not c2.new
assert c2 == c
def test_wrapper_support():
req = Request.from_values()
resp = Response()
c = SecureCookie.load_cookie(req, secret_key=b'foo')
assert c.new
c['foo'] = 42
assert c.secret_key == b'foo'
c.save_cookie(resp)
req = Request.from_values(headers={
'Cookie': 'session="%s"' % parse_cookie(resp.headers['set-cookie'])['session']
})
c2 = SecureCookie.load_cookie(req, secret_key=b'foo')
assert not c2.new
assert c2 == c
def post_process(self, environ, headers):
user = User.get_current()
if not user:
cookies = http.parse_cookie(environ)
if self.name in cookies:
raw = http.dump_cookie(self.name, '', expires=1)
headers.append((utils.to_native('Set-Cookie'), raw))
return
cookie = SecureCookie({
'uid': user.id,
'session_token': user.get_session_token(),
}, self.secret)
raw = http.dump_cookie(self.name, cookie.serialize(),
expires=self.expires, max_age=self.max_age)
headers.append((utils.to_native('Set-Cookie'), raw))
def get_request(self, environ):
request = Request(environ)
request.app = self.app
request.translations = load_core_translations(self.app.cfg['language'])
request.is_admin = False
request.is_somebody = False
cookie_name = self.app.cfg['session_cookie_name']
session = SecureCookie.load_cookie(
request, cookie_name, self.app.cfg['secret_key'].encode('utf-8'))
request.session = session
engine = self.app.database_engine
user_id = session.get('uid')
if user_id:
admin_privilege = engine.execute(
privileges.select(
privileges.c.name == 'BLOG_ADMIN')).fetchone()
admin = engine.execute(
user_privileges.select(
and_(
user_privileges.c.user_id == int(user_id),
user_privileges.c.privilege_id ==
admin_privilege.privilege_id))).fetchone()
request.is_somebody = True
request.is_admin = admin is not None
return request
def getOAuthToken():
secretKey = current_app.config['SECRET_KEY'].encode('utf-8')
cookie = request.cookies.get('zapfauth_token')
if not cookie:
return None
data = SecureCookie.unserialize(cookie, secretKey)
return (data["token"], data["secret"])
def login():
#import logging
#logging.info('sgvsevr')
form = LoginForm()
if request.method == 'POST':
if form.validate_on_submit():
user = User.query.filter_by(account=form.name.data).first()
if user is not None and user.verify_password(form.password.data):
resp = make_response(redirect(url_for('account.index', account=user.account)))
cookie_value = SecureCookie({'user': form.name.data, 'rn': user.username,
'uid': user.id, 'permission': user.permission,
'timestamp': time.time()}, SECRET_KEY).serialize()
# x = SecureCookie.unserialize(value, SECRET_KEY)
resp.set_cookie('info', cookie_value, expires=time.time() + COOKIE_EXPIRES)
# expires=COOKIE_EXPIRES
return resp
flash('1-Invalid username or password.')
return render_template('login.html', form=form)
flash('用户名或密码错误')
return render_template('login.html', form=form)
else:
cookie_info = request.cookies.get('info')
if cookie_info:
info = SecureCookie.unserialize(cookie_info, SECRET_KEY)
user, timesite = info.get('user'), info.get('timestamp')
_user = User.query.filter_by(account=user).first()
if _user:
if (time.time() - timesite) < COOKIE_EXPIRES:
return redirect(url_for('account.index', account=user))
return render_template('login.html', form=form)
return render_template('login.html', form=form)
def get_request(self, environ):
request = Request(environ)
request.app = self.app
request.translations = load_core_translations(self.app.cfg['language'])
request.is_admin = False
request.is_somebody = False
cookie_name = self.app.cfg['session_cookie_name']
session = SecureCookie.load_cookie(
request, cookie_name, self.app.cfg['secret_key'].encode('utf-8')
)
request.session = session
engine = self.app.database_engine
user_id = session.get('uid')
if user_id:
admin_privilege = engine.execute(
privileges.select(privileges.c.name=='BLOG_ADMIN')
).fetchone()
admin = engine.execute(user_privileges.select(and_(
user_privileges.c.user_id==int(user_id),
user_privileges.c.privilege_id==admin_privilege.privilege_id
))).fetchone()
request.is_somebody = True
request.is_admin = admin is not None
return request
def oauth_callback(self, request):
if request.args.get("denied") is not None:
return False
try:
oauth_data = SecureCookie.unserialize(request.cookies["twitter_oauth"], self.consumer_secret)
except KeyError:
return False
oauth_token = oauth2.Token(oauth_data["oauth_token"], oauth_data["oauth_token_secret"])
oauth_token.set_verifier(request.args.get("oauth_verifier"))
oauth_consumer = oauth2.Consumer(key=self.consumer_key, secret=self.consumer_secret)
oauth_client = oauth2.Client(oauth_consumer, oauth_token)
resp, content = oauth_client.request(ACCESS_TOKEN_URL, "POST")
if resp["status"] != "200":
return False
oauth_data = dict(parse_qsl(content))
user_data = twitter.Api(consumer_key=self.consumer_key,
consumer_secret=self.consumer_secret,
access_token_key=oauth_data["oauth_token"],
access_token_secret=oauth_data["oauth_token_secret"]).VerifyCredentials().AsDict()
return (user_data["id"], dict(user_data, **oauth_data))
def __init__(self, environ, app=None):
RequestBase.__init__(self, environ)
self.queries = []
self.metanav = []
self.navbar = []
self.ctxnavbar = {}
if app is None:
app = get_application()
self.app = app
engine = self.app.database_engine
# get the session and try to get the user object for this request.
from ilog.database import db, User
user = None
cookie_name = app.cfg['cookie_name']
session = SecureCookie.load_cookie(self, cookie_name, app.secret_key)
user_id = session.get('uid')
if user_id:
user = User.query.options(
db.eagerload('groups'), db.eagerload('groups', 'privileges')
).get(user_id)
if user is None:
self.locale = self.app.default_locale
self.translations = self.app.default_translations
user = User.query.get_nobody()
else:
self.locale = Locale(user.locale)
self.translations = i18n.load_translations(self.locale)
self.user = user
self.user.update_last_login()
db.commit()
self.session = session
def init_cookie(self):
"""
Ensures that a cookie'd subject id exists
"""
#self._app.logger.debug("Init cookie hit for {}".format(request.path))
# Don't bother setting the cookie on favicon hits
# TODO: Make this more gooder
if request.path == '/favicon.ico/':
request.exp_enabled = False
return
exp_cookie = SecureCookie.load_cookie(request, key=self.FLASK_EXPERIMENT_COOKIE_NAME, secret_key=self._app.secret_key)
subj_id = exp_cookie.get('id')
if not subj_id:
subj_id = uuid4().hex
exp_cookie['id'] = subj_id
set_exp = request.args.get('experiment')
set_var = request.args.get('variant')
request.exp_cookie = exp_cookie
request.experiments = self.mgr.get_subject_experiments(subj_id)
if set_exp and set_var:
self.mgr.update_subject_experiments(subj_id, set_exp, set_var)
request.experiments = self.mgr.get_subject_experiments(subj_id)
#self._app.logger.debug("Subject {} experiments {}".format(
#subj_id, request.experiments))
request.exp_enabled = True
def tag_session(req):
app = get_app()
cookie_name = app.conf['sessions/cookie_name']
session = SecureCookie.load_cookie(req, cookie_name,
app.conf['sessions/secret'])
req.session = session
local.session = session
def get(self):
args = self.request.args
response_type = args.get("response_type")
client_id = args.get("client_id")
redirect_uri = args.get("redirect_uri")
scope = args.get("scope")
state = args.get("state","")
if response_type is None or client_id is None or redirect_uri is None:
return self.error("The request invalid")
data = self.request.cookies.get("l")
if data is not None:
login_data = SecureCookie.unserialize(data, self.settings.secret_key)
else:
self.settings.log.debug("cookie for user login data not found")
login_data = {}
if not login_data.has_key("username"):
# not logged in, show login form
self.settings.log.debug("redirecting to login form")
return self.login_form()
else:
# logged in, retrieve an auth code and do the redirect
username = login_data['username']
am = self.settings.authmanager
try:
token, auth_code = am.new_token(username, client_id)
except usermanager.errors.ClientNotFound, e:
return self.error("the client_id is incorrect")
q = {
'code' : auth_code,
'state' : state,
}
url = redirect_uri+"?"+urllib.urlencode(q)
return werkzeug.redirect(url)
def setup_cookie(self):
from screener.database import User, session
self.session = SecureCookie.load_cookie(
self, application.config.cookie_name,
application.config.secret_key.encode('utf-8')
)
def new_user():
user = User()
session.add(user)
return user
if 'uuid' not in self.session:
self.login(new_user(), permanent=True)
self.session.setdefault('flashes', []).append(
"A unique cookie has been sent to your browser that "
"enables you to see your private images when browsing the "
"categories.<br>Otherwise, you can only access them by "
"their direct URL.")
else:
user = User.query.get(self.session.get('uuid'))
if not user:
self.login(new_user(), permanent=True)
self.session.setdefault('flashes', []).append(
"A unique cookie has been sent to your browser that "
"enables you to see your private images when browsing the "
"categories.<br>Otherwise, you can only access them by "
"their direct URL.")
else:
self.login(user)
self.user.update_last_visit()
session.commit()
self.cleanup_old_sessions()
def open_session(self, request):
"""Creates or opens a new session. Default implementation requires
that `securecookie.secret_key` is set.
"""
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(request, self.session_cookie_name,
secret_key=key)
def test_basic_support():
c = SecureCookie(secret_key=b'foo')
assert c.new
assert not c.modified
assert not c.should_save
c['x'] = 42
assert c.modified
assert c.should_save
s = c.serialize()
c2 = SecureCookie.unserialize(s, b'foo')
assert c is not c2
assert not c2.new
assert not c2.modified
assert not c2.should_save
assert c2 == c
c3 = SecureCookie.unserialize(s, b'wrong foo')
assert not c3.modified
assert not c3.new
assert c3 == {}
c4 = SecureCookie({'x': 42}, 'foo')
c4_serialized = c4.serialize()
assert SecureCookie.unserialize(c4_serialized, 'foo') == c4
def is_authorized(self, request, op_request):
data = request.cookies.get('session_data')
if data:
session = SecureCookie.unserialize(data, SECRET_KEY)
if session.get("logged_in", False) == True:
return True
return False
def post_process(self, environ, headers):
user = User.get_current()
if not user:
cookies = http.parse_cookie(environ)
if self.name in cookies:
raw = http.dump_cookie(self.name, '', expires=1)
headers.append(('Set-Cookie', raw))
return
cookie = SecureCookie(
{
'uid': user.id,
'session_token': user.get_session_token(),
}, self.secret)
raw = http.dump_cookie(self.name,
cookie.serialize(),
expires=self.expires,
max_age=self.max_age)
headers.append(('Set-Cookie', raw))
def open_session(self, request):
"""Creates or opens a new session. Default implementation requires
that `securecookie.secret_key` is set.
"""
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(request,
self.session_cookie_name,
secret_key=key)
def open_session(self, request): #
"""
:param request: Request实例
"""
#创建或打开一个新的session,默认的实现是存储所有的session数据到一个签名的cookie中,
# 前提是secret_key属性被设置
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(request, 'session', secret_key=key)
def test_wrapper_support():
req = Request.from_values()
resp = Response()
c = SecureCookie.load_cookie(req, secret_key=b"foo")
assert c.new
c["foo"] = 42
assert c.secret_key == b"foo"
c.save_cookie(resp)
req = Request.from_values(
headers={
"Cookie":
'session="%s"' %
parse_cookie(resp.headers["set-cookie"])["session"]
})
c2 = SecureCookie.load_cookie(req, secret_key=b"foo")
assert not c2.new
assert c2 == c
def open_session(self, request):
"""创建或打开一个新的session。默认的实现是存储所有的用户会话(session)
数据到一个签名的cookie中。这需要secret_key属性被设置。
:param request: request_class的实例。
"""
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(request, self.session_cookie_name,
secret_key=key)
def oauth_callback(self, request):
try:
callback_url = SecureCookie.unserialize(request.cookies["facebook_oauth"], self.client_secret)["callback_url"]
except KeyError:
return False
access_token = facebook.get_access_token_from_code(request.args.get("code"), callback_url, self.client_id, self.client_secret)["access_token"]
user = facebook.GraphAPI(access_token).get_object("me")
return (int(user["id"]), dict(user, access_token=access_token))
def open_session(self, request):
"""
获取请求对应的session数据,当没有session时,可以创建请求对应的session信息
创建的前提是需要配置了secret_key
"""
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(request,
self.session_cookie_name,
secret_key=key)
def _get_flash_msg(request):
if 'ls_message' in request.cookies:
update_message = SecureCookie.unserialize(
request.cookies['ls_message'],
settings.SECRET_KEY,
)
delete_cookie('ls_message')
return update_message['m']
else:
return None
def _get_flash_msg(request):
if 'ls_message' in request.cookies:
update_message = SecureCookie.unserialize(
request.cookies['ls_message'],
settings.SECRET_KEY,
)
delete_cookie('ls_message')
return update_message['m']
else:
return None
def open_session(self, request):
"""Creates or opens a new session. Default implementation stores all
session data in a signed cookie. This requires that the
:attr:`secret_key` is set.
:param request: an instance of :attr:`request_class`.
"""
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(request, self.session_cookie_name, secret_key=key)
def open_session(self, request):
"""Creates or opens a new session.
Default implementation stores all session data in a signed cookie.
This requires that the :attr:`secret_key` is set.
:param request: an instance of :attr:`request_class`.
"""
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(request, self.session_cookie_name,
secret_key=key)
def get(self, **kw):
"""post a new vote to this poll"""
_id = self.item._id
data = self.request.cookies.get("qlpoll")
if data is not None:
poll_data = SecureCookie.unserialize(data, self.settings.secret_key)
else:
poll_data = {'_id' : None}
voted = poll_data['_id']==_id
return {'voted' : voted}
def load_session_from_cookie(request):
secret = current_app.config.get("session_secret")
if secret:
session_name = current_app.config.get("session_cookie_name") or "session"
local.session = SecureCookie.load_cookie(request, session_name, secret_key=secret)
request._flash = local.session.pop("_flash", {})
csrf_token() # all session should have csrf token
else:
local.session = {}
local.session["_flash"] = {}
def open_session(self, request):
'''
load_cookie:
data = request.cookies.get(key)
if not data:
return cls(secret_key=secret_key)
return cls.unserialize(data, secret_key)
'''
return SecureCookie.load_cookie(request,
key=self.session_cookie_name,
secret_key=self.secret_key)
def test_basic_support(self):
c = SecureCookie(secret_key='foo')
assert c.new
assert not c.modified
assert not c.should_save
c['x'] = 42
assert c.modified
assert c.should_save
s = c.serialize()
c2 = SecureCookie.unserialize(s, 'foo')
assert c is not c2
assert not c2.new
assert not c2.modified
assert not c2.should_save
assert c2 == c
c3 = SecureCookie.unserialize(s, 'wrong foo')
assert not c3.modified
assert not c3.new
assert c3 == {}
def open_session(self, resource):
"""creates or opens a new session"""
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(
# here, we should use global request
# which is a context-local object
# request, # so this request is the global request...
Request(environ),
# request,
self.session_cookie_name,
secret_key=key)
def test_basic_support(self):
c = SecureCookie(secret_key=b'foo')
assert c.new
assert not c.modified
assert not c.should_save
c['x'] = 42
assert c.modified
assert c.should_save
s = c.serialize()
c2 = SecureCookie.unserialize(s, b'foo')
assert c is not c2
assert not c2.new
assert not c2.modified
assert not c2.should_save
self.assert_equal(c2, c)
c3 = SecureCookie.unserialize(s, b'wrong foo')
assert not c3.modified
assert not c3.new
self.assert_equal(c3, {})
def test_basic_support(self):
c = SecureCookie(secret_key='foo')
assert c.new
assert not c.modified
assert not c.should_save
c['x'] = 42
assert c.modified
assert c.should_save
s = c.serialize()
c2 = SecureCookie.unserialize(s, 'foo')
assert c is not c2
assert not c2.new
assert not c2.modified
assert not c2.should_save
assert c2 == c
c3 = SecureCookie.unserialize(s, 'wrong foo')
assert not c3.modified
assert not c3.new
assert c3 == {}
def oauth_callback(self, request):
try:
callback_url = SecureCookie.unserialize(request.cookies["foursquare_oauth"], self.client_secret)["callback_url"]
except KeyError:
return False
client = foursquare.Foursquare(client_id=self.client_id, client_secret=self.client_secret, redirect_uri=callback_url)
access_token = client.oauth.get_token(request.args.get("code"))
client.set_access_token(access_token)
user = client.users()
return (int(user["user"]["id"]), dict(user, access_token=access_token))
def test_basic_support(self):
c = SecureCookie(secret_key=b'foo')
assert c.new
assert not c.modified
assert not c.should_save
c['x'] = 42
assert c.modified
assert c.should_save
s = c.serialize()
c2 = SecureCookie.unserialize(s, b'foo')
assert c is not c2
assert not c2.new
assert not c2.modified
assert not c2.should_save
self.assert_equal(c2, c)
c3 = SecureCookie.unserialize(s, b'wrong foo')
assert not c3.modified
assert not c3.new
self.assert_equal(c3, {})
def open_session(self, resource):
"""creates or opens a new session"""
key = self.secret_key
if key is not None:
return SecureCookie.load_cookie(
# here, we should use global request
# which is a context-local object
# request, # so this request is the global request...
Request(environ),
# request,
self.session_cookie_name,
secret_key=key
)
def get_secure_cookie(self):
"""
Returns the secure cookie object from werkzeug
:return: SecureCookie
"""
secret_key = self.state.environment.get('secret_key')
if not secret_key:
raise Exception('\'secret_key\' value must be set in environment')
if not self._secure_cookie:
self._secure_cookie = SecureCookie.load_cookie(
self, secret_key=secret_key.encode())
return self._secure_cookie
def get_gaema_user(service):
try:
gaema_user_key = GAEMA_USER_KEY_FORMAT % service
if hasattr(settings, "GAEMA_STORAGE") and \
settings.GAEMA_STORAGE == "cookie":
user_data = local.request.cookies.get(gaema_user_key, None)
if user_data:
return SecureCookie.unserialize(user_data,
secret_key=settings.SECRET_KEY)
else:
return local.request.session.get(gaema_user_key, None)
except Exception, e:
raise InternalServerError('Getting gaema_user failed, reason: %s' % e)
def test_basic_support(self):
c = SecureCookie(secret_key="foo")
assert c.new
print c.modified, c.should_save
assert not c.modified
assert not c.should_save
c["x"] = 42
assert c.modified
assert c.should_save
s = c.serialize()
c2 = SecureCookie.unserialize(s, "foo")
assert c is not c2
assert not c2.new
assert not c2.modified
assert not c2.should_save
assert c2 == c
c3 = SecureCookie.unserialize(s, "wrong foo")
assert not c3.modified
assert not c3.new
assert c3 == {}
def login():
username = request.values.get('username', '')
password = request.values.get('password', '')
ret_data = {}
is_login = db.check_user(username, password)
if is_login:
ret_data['status'] = 'ok'
else:
ret_data['status'] = 'error'
ret_data['message'] = 'Username or password is wrong!'
resp = Response(json.dumps(ret_data))
if is_login:
# New and save `uid` to cookie
cookie = SecureCookie(secret_key=app.secret_key)
cookie['uid'] = username
cookie['is_guest'] = False
cookie.save_cookie(resp, key='auth', max_age=USER_COOKIE_AGE)
return resp
def open_session(self, request):
# 这里的逻辑是,在构建请求环境的时候,用secure_cookie.load_cookie从
# 请求中加载session内容,从中读取出sid值,再根据sid从数据库中读取session
# 真正的内容,并用这些内容构建一个真正的,在视图函数中使用的session对象
# 这个函数的返回值会成为_request_ctx_stack的栈顶的session对象
key = self.secret_key
if key is not None:
secure_cookie = SecureCookie.load_cookie(
request, self.session_cookie_name, secret_key=self.secret_key)
sid = secure_cookie.get('sid')
if sid is not None:
request_session = self.session_store.get(sid)
else:
request_session = self.session_store.new()
return request_session