| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- """
- Changed credentials service
- Stores new e-mail and password in cache
- """
- from hashlib import sha256
- from django.conf import settings
- from django.utils.encoding import force_bytes
- def store_new_credential(request, credential_type, credential_value):
- credential_key = 'new_credential_%s' % credential_type
- token = _make_change_token(request.user, credential_type)
- request.session[credential_key] = {
- 'user_pk': request.user.pk,
- 'credential': credential_value,
- 'token': token,
- }
- return token
- def read_new_credential(request, credential_type, link_token):
- try:
- credential_key = 'new_credential_%s' % credential_type
- new_credential = request.session.pop(credential_key)
- except KeyError:
- return None
- if new_credential['user_pk'] != request.user.pk:
- return None
- current_token = _make_change_token(request.user, credential_type)
- if link_token != current_token:
- return None
- if new_credential['token'] != current_token:
- return None
- return new_credential['credential']
- def _make_change_token(user, token_type):
- seeds = (
- user.pk, user.email, user.password, user.last_login.replace(microsecond=0, tzinfo=None),
- settings.SECRET_KEY, str(token_type)
- )
- return sha256(force_bytes('+'.join([str(s) for s in seeds]))).hexdigest()
|
