# HG changeset patch # User paulb # Date 1085928018 0 # Node ID 7efcf60baf0a492a2ad7af6a8d42f8966ef41691 # Parent 1cf29f5a275012dfdb6ac0717a730c21f6b9fdc9 [project @ 2004-05-30 14:40:13 by paulb] Moved Login/LoginRedirect authentication token generation to WebStack.Helpers.Auth.get_token. diff -r 1cf29f5a2750 -r 7efcf60baf0a WebStack/Helpers/Auth.py --- a/WebStack/Helpers/Auth.py Sat May 29 23:55:48 2004 +0000 +++ b/WebStack/Helpers/Auth.py Sun May 30 14:40:18 2004 +0000 @@ -5,6 +5,7 @@ """ import base64 +import md5 class UserInfo: @@ -33,4 +34,13 @@ self.username, self.password = None, None +def get_token(plaintext, secret_key): + + """ + Return a string containing an authentication token made from the given + 'plaintext' and 'secret_key'. + """ + + return plaintext + ":" + md5.md5(plaintext + secret_key).hexdigest() + # vim: tabstop=4 expandtab shiftwidth=4 diff -r 1cf29f5a2750 -r 7efcf60baf0a examples/Common/Login/__init__.py --- a/examples/Common/Login/__init__.py Sat May 29 23:55:48 2004 +0000 +++ b/examples/Common/Login/__init__.py Sun May 30 14:40:18 2004 +0000 @@ -3,7 +3,7 @@ "An example login screen." import WebStack.Generic -import md5 +from WebStack.Helpers.Auth import get_token class LoginResource: @@ -128,11 +128,10 @@ if (username, password) in self.credentials: # Make a special cookie token. - # NOTE: This should be moved into a common library. trans.set_cookie_value( self.cookie_name, - username + ":" + md5.md5(username + self.secret_key).hexdigest() + get_token(username, self.secret_key) ) return 1 diff -r 1cf29f5a2750 -r 7efcf60baf0a examples/Common/LoginRedirect/__init__.py --- a/examples/Common/LoginRedirect/__init__.py Sat May 29 23:55:48 2004 +0000 +++ b/examples/Common/LoginRedirect/__init__.py Sun May 30 14:40:18 2004 +0000 @@ -2,7 +2,7 @@ "Login redirection." -import md5 +from WebStack.Helpers.Auth import get_token class LoginRedirectResource: @@ -74,10 +74,9 @@ # Test the token from the cookie against a recreated token using the # given information. - # NOTE: This should be moved into a common library. username, code = cookie.value.split(":") - if code == md5.md5(username + self.secret_key).hexdigest(): + if cookie.value == get_token(username, self.secret_key): # Update the transaction with the user details.