本文整理汇总了Python中trac.util.hex_entropy函数的典型用法代码示例。如果您正苦于以下问题:Python hex_entropy函数的具体用法?Python hex_entropy怎么用?Python hex_entropy使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了hex_entropy函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_hex_entropy
def test_hex_entropy(self):
"""hex_entropy() returns random hex digits"""
hex_digits = set('0123456789abcdef')
for i in xrange(129):
entropy = util.hex_entropy(i)
self.assertEqual(i, len(entropy))
self.assertEqual(set(), set(entropy) - hex_digits)示例2: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function expects to be called when the remote user name
is available. The user name is inserted into the `auth_cookie`
table and a cookie identifying the user on subsequent requests
is sent back to the client.
If the Authenticator was created with `ignore_case` set to
true, then the authentication name passed from the web server
in req.remote_user will be converted to lower case before
being used. This is to avoid problems on installations
authenticating against Windows which is not case sensitive
regarding user names and domain names
"""
if not req.remote_user:
# TRANSLATOR: ... refer to the 'installation documentation'. (link)
inst_doc = tag.a(_('installation documentation'),
title=_("Configuring Authentication"),
href=req.href.wiki('TracInstall')
+ "#ConfiguringAuthentication")
raise TracError(tag_("Authentication information not available. "
"Please refer to the %(inst_doc)s.",
inst_doc=inst_doc))
remote_user = req.remote_user
if self.ignore_case:
remote_user = remote_user.lower()
if req.authname not in ('anonymous', remote_user):
raise TracError(_('Already logged in as %(user)s.',
user=req.authname))
with self.env.db_transaction as db:
# Delete cookies older than 10 days
db("DELETE FROM auth_cookie WHERE time < %s",
(int(time.time()) - 86400 * 10,))
# Insert a new cookie if we haven't already got one
cookie = None
trac_auth = req.incookie.get('trac_auth')
if trac_auth is not None:
name = self._cookie_to_name(req, trac_auth)
cookie = trac_auth.value if name == remote_user else None
if cookie is None:
cookie = hex_entropy()
db("""
INSERT INTO auth_cookie (cookie, name, ipnr, time)
VALUES (%s, %s, %s, %s)
""", (cookie, remote_user, req.remote_addr,
int(time.time())))
req.authname = remote_user
req.outcookie['trac_auth'] = cookie
req.outcookie['trac_auth']['path'] = self.auth_cookie_path \
or req.base_path or '/'
if self.env.secure_cookies:
req.outcookie['trac_auth']['secure'] = True
if sys.version_info >= (2, 6):
req.outcookie['trac_auth']['httponly'] = True
if self.auth_cookie_lifetime > 0:
req.outcookie['trac_auth']['expires'] = self.auth_cookie_lifetime示例3: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function displays a form to the user to log themselves in, and
verifies the information when the user submits that form. If the
authentication is successful, the user name is inserted into the
`auth_cookie` table and a cookie identifying the user on subsequent
requests is sent back to the client.
If the Authenticator was created with `ignore_case` set to true, then
the authentication name passed from the web form 'username' variable
will be converted to lower case before being used. This is to avoid
problems on installations authenticating against Windows which is not
case sensitive regarding user names and domain names
"""
if req.args.get("username"):
assert req.args.get("password"), "No password"
# Test authentication
try:
self._try_http_auth(
req.base_url[: req.base_url.find("/", 8)] + "/login",
req.args.get("username"),
req.args.get("password"),
)
except IOError, e:
# Incorrect password
req.hdf["title"] = "Login Failed"
req.hdf["login.action"] = self.env.href() + "/login"
req.hdf["login.referer"] = req.args.get("ref")
req.hdf["login.error"] = "Invalid username or password"
return None
# Successful authentication, set cookies and stuff
remote_user = req.args.get("username")
ignore_case = self.env.config.get("trac", "ignore_auth_case")
ignore_case = ignore_case.strip().lower() in TRUE
if ignore_case:
remote_user = remote_user.lower()
assert req.authname in ("anonymous", remote_user), "Already logged in as %s." % req.authname
cookie = hex_entropy()
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute(
"INSERT INTO auth_cookie (cookie,name,ipnr,time) " "VALUES (%s, %s, %s, %s)",
(cookie, remote_user, req.remote_addr, int(time.time())),
)
db.commit()
req.authname = remote_user
req.outcookie["trac_auth"] = cookie
req.outcookie["trac_auth"]["path"] = self.env.href()
req.redirect(req.args.get("ref") or self.env.abs_href())示例4: send_auth_request
def send_auth_request(self, environ, start_response, stale='false'):
"""Send a digest challange to the browser. Record used nonces
to avoid replay attacks.
"""
nonce = hex_entropy()
self.active_nonces.append(nonce)
if len(self.active_nonces) > self.MAX_NONCES:
self.active_nonces = self.active_nonces[-self.MAX_NONCES:]
start_response('401 Unauthorized',
[('WWW-Authenticate',
'Digest realm="%s", nonce="%s", qop="auth", stale="%s"'
% (self.realm, nonce, stale))])('')示例5: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function expects to be called when the remote user name is
available. The user name is inserted into the `auth_cookie` table and a
cookie identifying the user on subsequent requests is sent back to the
client.
If the Authenticator was created with `ignore_case` set to true, then
the authentication name passed from the web server in req.remote_user
will be converted to lower case before being used. This is to avoid
problems on installations authenticating against Windows which is not
case sensitive regarding user names and domain names
"""
if not req.remote_user:
# TRANSLATOR: ... refer to the 'installation documentation'. (link)
inst_doc = tag.a(
_("installation documentation"),
title=_("Configuring Authentication"),
href=req.href.wiki("TracInstall") + "#ConfiguringAuthentication",
)
raise TracError(
tag_(
"Authentication information not available. " "Please refer to the %(inst_doc)s.", inst_doc=inst_doc
)
)
remote_user = req.remote_user
if self.ignore_case:
remote_user = remote_user.lower()
assert req.authname in ("anonymous", remote_user), _("Already logged in as %(user)s.", user=req.authname)
cookie = hex_entropy()
@self.env.with_transaction()
def store_session_cookie(db):
cursor = db.cursor()
# Delete cookies older than 10 days
cursor.execute("DELETE FROM auth_cookie WHERE time < %s", (int(time.time()) - 86400 * 10,))
cursor.execute(
"INSERT INTO auth_cookie (cookie,name,ipnr,time) " "VALUES (%s, %s, %s, %s)",
(cookie, remote_user, req.remote_addr, int(time.time())),
)
req.authname = remote_user
req.outcookie["trac_auth"] = cookie
req.outcookie["trac_auth"]["path"] = self.auth_cookie_path or req.base_path or "/"
if self.env.secure_cookies:
req.outcookie["trac_auth"]["secure"] = True
if self.auth_cookie_lifetime > 0:
req.outcookie["trac_auth"]["expires"] = self.auth_cookie_lifetime示例6: __init__
def __init__(self, env, req):
super(Session, self).__init__(env, None)
self.req = req
if req.authname == 'anonymous':
if not req.incookie.has_key(COOKIE_KEY):
self.sid = hex_entropy(24)
self.bake_cookie()
else:
sid = req.incookie[COOKIE_KEY].value
self.get_session(sid)
else:
if req.incookie.has_key(COOKIE_KEY):
sid = req.incookie[COOKIE_KEY].value
self.promote_session(sid)
self.get_session(req.authname, authenticated=True)示例7: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function expects to be called when the remote user name is
available. The user name is inserted into the `auth_cookie` table and a
cookie identifying the user on subsequent requests is sent back to the
client.
If the Authenticator was created with `ignore_case` set to true, then
the authentication name passed from the web server in req.remote_user
will be converted to lower case before being used. This is to avoid
problems on installations authenticating against Windows which is not
case sensitive regarding user names and domain names
"""
if not req.remote_user:
raise TracError(
tag(
"Authentication information not available. " "Please refer to the ",
tag.a(
"installation documentation",
title="Configuring Authentication",
href=req.href.wiki("TracInstall") + "#ConfiguringAuthentication",
),
".",
)
)
remote_user = req.remote_user
if self.ignore_case:
remote_user = remote_user.lower()
assert req.authname in ("anonymous", remote_user), "Already logged in as %s." % req.authname
cookie = hex_entropy()
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute(
"INSERT INTO auth_cookie (cookie,name,ipnr,time) " "VALUES (%s, %s, %s, %s)",
(cookie, remote_user, req.remote_addr, int(time.time())),
)
db.commit()
req.authname = remote_user
req.outcookie["trac_auth"] = cookie
req.outcookie["trac_auth"]["path"] = req.base_path or "/"
if self.env.secure_cookies:
req.outcookie["trac_auth"]["secure"] = True示例8: _get_form_token
def _get_form_token(self, req):
"""Used to protect against CSRF.
The 'form_token' is strong shared secret stored in a user cookie.
By requiring that every POST form to contain this value we're able to
protect against CSRF attacks. Since this value is only known by the
user and not by an attacker.
If the the user does not have a `trac_form_token` cookie a new
one is generated.
"""
if req.incookie.has_key('trac_form_token'):
return req.incookie['trac_form_token'].value
else:
req.outcookie['trac_form_token'] = hex_entropy(24)
req.outcookie['trac_form_token']['path'] = req.base_path
return req.outcookie['trac_form_token'].value示例9: save
def save(self, db=None):
handle_commit = False
if db is None:
db = self.env.get_db_cnx()
handle_commit = True
cursor = db.cursor()
if self.key is None:
self.key = hex_entropy(16)
if self.exists:
cursor.execute('UPDATE tracbl_apikeys SET key=%s WHERE email=%s', (self.key, self.email)) # ???: Is this needed?
else:
cursor.execute('INSERT INTO tracbl_apikeys (email, key) VALUES (%s, %s)', (self.email, self.key))
if handle_commit:
db.commit()示例10: _do_login
def _do_login(self, req, remote_user):
"""Log the remote user in."""
cookie = hex_entropy()
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute("INSERT INTO auth_cookie "
"(cookie ,name ,ipnr ,time) "
"VALUES (%s, %s, %s, %s)",
(cookie, remote_user, req.remote_addr,
int(time.time())))
db.commit()
req.outcookie['db_auth'] = cookie
req.outcookie['db_auth']['path'] = req.href()
req.outcookie['db_auth']['expires'] = 100000000
self._update_email(remote_user)示例11: send_auth_request
def send_auth_request(self, environ, start_response, stale="false"):
"""Send a digest challange to the browser. Record used nonces
to avoid replay attacks.
"""
nonce = hex_entropy()
self.active_nonces.append(nonce)
if len(self.active_nonces) > self.MAX_NONCES:
self.active_nonces = self.active_nonces[-self.MAX_NONCES :]
start_response(
"401 Unauthorized",
[
(
"WWW-Authenticate",
'Digest realm="%s", nonce="%s", qop="auth", stale="%s"' % (self.realm, nonce, stale),
),
("Content-Length", "0"),
],
)("")示例12: _do_login
def _do_login(self, req):
"""Log the remote user in."""
remote_user, pwd = req.args.get('uid'), req.args.get('pwd')
remote_user = remote_user.lower()
cookie = hex_entropy()
db = get_db(self.env)
cursor = db.cursor()
cursor.execute("INSERT INTO trac_cookies "
"(envname, cookie, username, ipnr, unixtime) "
"VALUES (%s, %s, %s, %s, %s)", (self.envname, cookie, remote_user,
req.remote_addr, int(time.time())))
db.commit()
req.authname = remote_user
req.outcookie['trac_db_auth'] = cookie
req.outcookie['trac_db_auth']['expires'] = 100000000
req.outcookie['trac_db_auth']['path'] = self.env.href()示例13: _create_auth_cookie
def _create_auth_cookie(self, req, remote_user):
cookie = hex_entropy()
sql = """
INSERT IGNORE INTO auth_cookie (cookie, name, ipnr, time)
VALUES (%s, %s, %s, %s)
"""
with admin_transaction() as cursor:
try:
cursor.execute(sql, (cookie, remote_user, req.remote_addr, int(time.time())))
except Exception:
self.log.exception("Failed to store auth cookie into database")
raise
# Make new cookie
self._set_outcookie(req, cookie)
# Create cached cookie
self.cookie.add(cookie)
return cookie示例14: __init__
def __init__(self, env, req):
super(Session, self).__init__(env, None)
self.req = req
if req.incookie:
sid = ''
need_bake = False
if not req.incookie.has_key(COOKIE_KEY):
sid = hex_entropy(32)
need_bake = True
else:
sid = req.incookie[COOKIE_KEY].value
self.get_session(sid)
if need_bake or sid != self.sid:
self.bake_cookie()
else:
env.log.warning('no incookie')示例15: __init__
def __init__(self, env, req):
dict.__init__(self)
self.env = env
self.req = req
self.sid = None
self.last_visit = 0
self._new = True
self._old = {}
if req.authname == 'anonymous':
if not req.incookie.has_key(COOKIE_KEY):
self.sid = hex_entropy(24)
self.bake_cookie()
else:
sid = req.incookie[COOKIE_KEY].value
self.get_session(sid)
else:
if req.incookie.has_key(COOKIE_KEY):
sid = req.incookie[COOKIE_KEY].value
self.promote_session(sid)
self.get_session(req.authname, authenticated=True)