本文整理汇总了Python中webapp2_extras.security.generate_random_string函数的典型用法代码示例。如果您正苦于以下问题:Python generate_random_string函数的具体用法?Python generate_random_string怎么用?Python generate_random_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了generate_random_string函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: create
def create(cls, user, subject, token=None):
"""Creates a new token for the given user, if any.
:param user:
User unique ID, or None if no user is to be associated with the
created token.
:param subject:
The subject of the key. Currently have:
- 'auth'
- 'verify_email'
- 'password_reset'
- 'access'
:param token:
Optionally an existing token may be provided.
If None, a random token will be generated.
:returns:
The newly created :class:`UserToken`.
"""
if user is not None:
user = str( user )
if token is None:
if subject == 'access':
# We use 16 uppercase alphanumeric characters for access
# keys
pool = map( chr, range( 65, 91 ) )
pool.extend( [ str( x ) for x in range( 0, 10 ) ] )
token = security.generate_random_string( length=16, pool=pool )
else:
token = security.generate_random_string(entropy=128)
key = cls.get_key( user, subject, token )
entity = cls( key=key, user=user, subject=subject, token=token )
entity.put( )
return entity
示例2: create
def create(cls, user, subject, token=None):
if subject == cls.SUBJECT_BEARER:
user = str(user)
token = token or security.generate_random_string(entropy=128)
# Bearer tokens must be unique on their own, without a user scope.
key = cls.get_key("", subject, token)
entity = cls(
key=key,
user=user,
subject=subject,
token=token,
refresh_token=security.generate_random_string(entropy=128),
)
# Refresh tokens must be unique
ok = cls.unique_model.create("%s.refresh_token:%s" % (cls.__name__, entity.refresh_token))
if ok:
entity.put()
else:
logging.warning("Unable to create a unique user token for user %s", user)
entity = None
else:
entity = super(UserToken, cls).create(user, subject, token)
return entity
示例3: email_change_request
def email_change_request( self, email ):
# request an email address to be modified. Create a rollback option.
result = 'cannot_remove'
emailCurrent = self.enki_user.email
userId = self.enki_user.key.id()
if email != '' and enki.libuser.exist_EnkiUser( email ):
# if the new email matches an existing verified user email, reject it
if emailCurrent == email:
result = 'same'
else:
result = ERROR_EMAIL_IN_USE # Note: send an email to emailcurrent regardless to prevent email checking (see below)
else:
if email == '':
# if the user erased the email, and they can log in through auth, store "removed" in the email field, so it isn't overwritten by an auth login with a verified email
if self.enki_user.auth_ids_provider:
self.enki_user.email = 'removed'
self.enki_user.put()
result = 'removed'
else:
return result
else:
# email the new, unverified address with a link to allow the user to verify the email
tokenEntity = EnkiModelTokenVerify.get_by_user_id_email_type( userId, email, 'emailchange' )
if tokenEntity:
# if a verify token for the same new email address and user already exists, use its token
token = tokenEntity.token
else:
# otherwise create a new token
token = security.generate_random_string( entropy = 256 )
emailToken = EnkiModelTokenVerify( token = token, email = email, user_id = userId, type = 'emailchange' )
emailToken.put()
link = enki.libutil.get_local_url( 'emailchangeconfirm', { 'verifytoken': token })
self.send_email( email, MSG.SEND_EMAIL_EMAIL_CHANGE_CONFIRM_SUBJECT(), MSG.SEND_EMAIL_EMAIL_CHANGE_CONFIRM_BODY( link, email ))
result = 'change'
if emailCurrent and emailCurrent != 'removed' and result != 'same':
# email the current, verified address in case they want to undo the change (useful if account has been hacked)
# skip this step if the current email is empty (case if user logged in with auth id without email with e.g. Steam) or "removed".
# If the email is already in use, mask the fact to prevent email checking.
tokenEntity = enki.libuser.get_EmailRollbackToken_by_user_id_email( userId, emailCurrent )
if tokenEntity:
# if the old email is already in the archive, use its token
token = tokenEntity.token
else:
# otherwise create a new token
token = security.generate_random_string( entropy = 256 )
emailOldToken = EnkiModelTokenEmailRollback( token = token, email = emailCurrent, user_id = userId )
emailOldToken.put()
if result == ERROR_EMAIL_IN_USE:
self.add_debugmessage( '''Comment - whether the email is available or not, the feedback through both the UI AND EMAIL is identical to prevent email checking.''' )
link = enki.libutil.get_local_url( 'emailrollback', { 'rollbacktoken': token } )
self.send_email( emailCurrent, MSG.SEND_EMAIL_EMAIL_CHANGE_UNDO_SUBJECT(), MSG.SEND_EMAIL_EMAIL_CHANGE_UNDO_BODY( link, emailCurrent ))
return result
示例4: dispatch
def dispatch(self):
"""Wraps the dispatch method to add session handling."""
self.session_store = sessions.get_store(request=self.request)
self.decorator = decorator
# Add the user's credentials to the decorator if we have them.
if self.me:
self.decorator.credentials = self.decorator._storage_class(
model=self.decorator._credentials_class,
key_name='user:{}'.format(self.me.user_id()),
property_name=self.decorator._credentials_property_name).get()
else:
# Create a session ID for the session if it does not have one already.
# This is used to create an opaque string that can be passed to the OAuth2
# authentication server via the 'state' parameter.
if not self.session.get('sid'):
self.session['sid'] = security.generate_random_string(entropy=128)
# Store the state for the session user in a parameter on the flow.
# We only need to do this if we're not logged in.
self.decorator._create_flow(self)
session_user = SessionUser(self.session['sid'])
logging.info(self.decorator.flow.params)
self.decorator.flow.params['state'] = appengine._build_state_value(
self, session_user)
try:
webapp2.RequestHandler.dispatch(self)
finally:
self.session_store.save_sessions(self.response)
示例5: create_user
def create_user(cls, username=None, raw_password=None, email=None):
"""
Create a Login instance, but method NOT PUT Login TO DB
You must run _.put() manually after creating the instance.
:param username:
username string
:param raw_password:
raw_password string
:param email:
emal (optional)
:return:
Login instance or None
"""
logging.info('LoginClass:create_user() => Start creating user')
if not(username and raw_password):
logging.error('LoginClass:create_user() => username or raw_password is empty, return None')
return None
salt = security.generate_random_string(length=30)
logging.info('LoginClass:create_user() => Making salt for password hash ... < %s >' % salt)
pw_hash = security.generate_password_hash(raw_password, pepper=PEPPER)
logging.info('LoginClass:create_user() => Generatin password hash ... < %s >' % pw_hash)
u = Login()
u.populate(username=username,
pw_hash=pw_hash,
email=email)
logging.info('LoginClass:create_user() => Make and return Login instance')
return u
示例6: job_quote
def job_quote(url, to_address, from_address, object_id):
"""
Get a quote for job by creating it in test mode. Objects do not have the
original file information contained on them, so we require the url.
I am told that they will not have a way to query the price for a job before
creating it for some time, so this is the most reasonable way.
The next most reasonable way might be to encode their pricing structure in
code and just calculate it locally.
"""
logging.info("original object ID: %s", object_id);
logging.info("passed in url: %s", url);
original_obj = get_object(object_id)
# re-create the object in test mode
name = "mirror:{}:{}".format(object_id, generate_random_string(8))
logging.info("original object: %s", original_obj);
test_obj = create_object(name, url, original_obj["setting"]["id"], test=True) # this might need a file argument? , 'file': ''}
# create a job for the object
test_job = create_job(name, to_address, from_address, test_obj["id"], test=True)
# get the price of the job
return float(test_job["price"])
示例7: __init__
def __init__(self, *args, **kwargs):
super(BaseApp, self).__init__(*args, **kwargs)
# If we're unit testing, use the same one every time for consistent results.
if Config().is_testing:
secret = "notasecret"
else:
# Check that we have a secret key for generating tokens.
try:
secret = keymaster.get("token_secret")
except keymaster.KeymasterError:
logging.warning("Found no token secret, generating one.")
secret = security.generate_random_string(entropy=128)
keymaster.Keymaster.encrypt("token_secret", secret)
# Configure webapp2.
my_config = {
"webapp2_extras.auth": {
"user_model": "membership.Membership",
"user_attributes": ["first_name", "last_name", "email"]
},
"webapp2_extras.sessions": {
"secret_key": secret
}
}
self.config = webapp2.Config(my_config)
示例8: create
def create(cls, user, subject, token=None, expiration=None, delete_past_tokens=False):
"""Creates a new token for the given user.
:param user:
User unique ID.
:param subject:
The subject of the key. Examples:
- 'auth'
- 'signup'
:param token:
Optionally an existing token may be provided.
If None, a random token will be generated.
:returns:
The newly created :class:`UserToken`.
"""
user = str(user)
token = token or security.generate_random_string(entropy=128)
key = cls.get_key(user, subject, token)
if delete_past_tokens:
ndb.delete_multi(cls.query(cls.user == user, cls.subject == subject).iter(keys_only=True))
entity = cls(key=key, user=user, subject=subject, token=token, expiration=expiration)
entity.put()
return entity
示例9: get
def get(self):
# Get the parameters that Meraki sends to us.
base_grant_url = self.request.get("base_grant_url")
user_continue_url = self.request.get("user_continue_url")
if (not base_grant_url or not user_continue_url):
token = self.request.cookies.get("grant_token")
if not token:
# We should really only be getting here through the Meraki AP, so if
# we're not, just send us back to the main website.
logging.debug("Redirecting to main website.")
self.redirect("http://www.hackerdojo.com")
return
# Otherwise, we're good to go.
logging.info("Got existing session: %s" % (token))
response = self.render("templates/splash.html", login_url="/grant")
self.response.out.write(response)
return
# Save them to memcache.
token = security.generate_random_string(12)
memcache.set(token, [base_grant_url, user_continue_url])
self.response.set_cookie("grant_token", token)
logging.debug("Saving access token: %s" % (token))
# Hide the parameters.
redirect_url = self._remove_params(["base_grant_url", "user_continue_url"])
self.redirect(redirect_url)
示例10: create
def create(cls, user, subject, token=None):
user = str(user)
token = token or security.generate_random_string(entropy=128)
key_name = "%s.%s.%s" %(user,subject,token)
new_entity = cls(key_name=key_name, user=user, subject=subject, token=token)
new_entity.put()
return new_entity
示例11: create
def create(cls, user, subject, token=None):
"""Fetches a user token."""
token = token or security.generate_random_string(entropy=64)
key = cls.get_key(user, subject, token)
entity = cls(key=key, user=user, subject=subject, token=token)
entity.put()
return entity
示例12: _create
def _create(cls,**kwargs):
assert 'email' in kwargs, 'No email supplied'
new_hash = cls(token_hash=security.generate_random_string(length=cls._default_hash_length,pool=security.ALPHANUMERIC))
new_hash.populate(**kwargs)
new_hash.put()
return new_hash
示例13: log_in_session_token_create
def log_in_session_token_create( self, user ):
# generate authentication token and add it to the db and the session
token = security.generate_random_string( entropy = 128 )
authtoken = EnkiModelTokenAuth( token = token, user_id = user.key.id() )
authtoken.put()
self.session[ 'auth_token' ] = token
self.session[ 'user_id' ] = user.key.id()
self.just_logged_in = True
示例14: test_generate_random_string
def test_generate_random_string(self):
self.assertRaises(ValueError, security.generate_random_string, None)
self.assertRaises(ValueError, security.generate_random_string, 0)
self.assertRaises(ValueError, security.generate_random_string, -1)
self.assertRaises(ValueError, security.generate_random_string, 1, 1)
token = security.generate_random_string(16)
self.assertTrue(re.match(r'^\w{16}$', token) is not None)
token = security.generate_random_string(32)
self.assertTrue(re.match(r'^\w{32}$', token) is not None)
token = security.generate_random_string(64)
self.assertTrue(re.match(r'^\w{64}$', token) is not None)
token = security.generate_random_string(128)
self.assertTrue(re.match(r'^\w{128}$', token) is not None)
示例15: __init__
def __init__(self, user, subject, token=None, expires=60 * 60 * 24):
self.user = str(user)
self.subject = subject
if token:
self.token = token
else:
self.token = security.generate_random_string(entropy=128)
self.key = "%s.%s.%s" % (self.user, self.subject, self.token)