Главная Обзор Помощь
Вход
221V
/
Misago
1
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: faf4b83f9a
Ветки Метки
Misago
/
misago
/
users
/
tokens.py

tokens.py 2.1 KB
История Исходник

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091 
  1. import base64
    2. 

  2. from hashlib import sha256
    3. 

  3. from time import time
    4. 

  4. 

  5. from django.conf import settings
    6. 

  6. 

  7. 

  8. """
    9. 

  9. Token creation
    10. 

  10. 

  11. Token is base encoded string containing three values:
    12. 

  12. 

  13. - days since unix epoch (so we can validate token expiration)
    14. 

  14. - hash unique for current state of user model
    15. 

  15. - token checksum for discovering manipulations
    16. 

  16. """
    17. 

  17. def make(user, token_type):
    18. 

  18.     user_hash = _make_hash(user, token_type)
    19. 

  19.     creation_day = _days_since_epoch()
    20. 

  20. 

  21.     obfuscated = base64.b64encode('%s%s' % (user_hash, creation_day))
    22. 

  22.     obfuscated = obfuscated.rstrip('=')
    23. 

  23.     checksum = _make_checksum(obfuscated)
    24. 

  24. 

  25.     return '%s%s' % (checksum, obfuscated)
    26. 

  26. 

  27. 

  28. def is_valid(user, token_type, token):
    29. 

  29.     checksum = token[:8]
    30. 

  30.     obfuscated = token[8:]
    31. 

  31. 

  32.     if checksum != _make_checksum(obfuscated):
    33. 

  33.         return False
    34. 

  34. 

  35.     unobfuscated = base64.b64decode(obfuscated + '=' * (-len(obfuscated) % 4))
    36. 

  36.     user_hash = unobfuscated[:8]
    37. 

  37. 

  38.     if user_hash != _make_hash(user, token_type):
    39. 

  39.         return False
    40. 

  40. 

  41.     creation_day = int(unobfuscated[8:])
    42. 

  42.     return creation_day + 5 >= _days_since_epoch()
    43. 

  43. 

  44. 

  45. def _make_hash(user, token_type):
    46. 

  46.     seeds = (
    47. 

  47.         user.pk,
    48. 

  48.         user.email,
    49. 

  49.         user.password,
    50. 

  50.         user.last_login.replace(microsecond=0, tzinfo=None),
    51. 

  51.         token_type,
    52. 

  52.         settings.SECRET_KEY,
    53. 

  53.     )
    54. 

  54. 

  55.     return sha256('+'.join([unicode(s) for s in seeds])).hexdigest()[:8]
    56. 

  56. 

  57. 

  58. def _days_since_epoch():
    59. 

  59.     return int(time() / (25 * 3600))
    60. 

  60. 

  61. 

  62. def _make_checksum(obfuscated):
    63. 

  63.     return sha256('%s:%s' % (settings.SECRET_KEY, obfuscated)).hexdigest()[:8]
    64. 

  64. 

  65. 

  66. """
    67. 

  67. Convenience functions for activation token
    68. 

  68. """
    69. 

  69. ACTIVATION_TOKEN = 'activation'
    70. 

  70. 

  71. 

  72. def make_activation_token(user):
    73. 

  73.     return make(user, ACTIVATION_TOKEN)
    74. 

  74. 

  75. 

  76. def is_activation_token_valid(user, token):
    77. 

  77.     return is_valid(user, ACTIVATION_TOKEN, token)
    78. 

  78. 

  79. 

  80. """
    81. 

  81. Convenience functions for password change token
    82. 

  82. """
    83. 

  83. PASSWORD_CHANGE_TOKEN = 'change_password'
    84. 

  84. 

  85. 

  86. def make_password_change_token(user):
    87. 

  87.     return make(user, PASSWORD_CHANGE_TOKEN)
    88. 

  88. 

  89. 

  90. def is_password_change_token_valid(user, token):
    91. 

  91.     return is_valid(user, PASSWORD_CHANGE_TOKEN, token)
    92.