annotate MoinMoin/support/werkzeug/contrib/securecookie.py @ 6129:7f12cf241d5e

update werkzeug to 0.12.1, update CHANGES
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Tue, 11 Apr 2017 22:42:23 +0200
parents 9f12f41504fc
children
rev   line source
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
1 # -*- coding: utf-8 -*-
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
2 r"""
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
3 werkzeug.contrib.securecookie
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
4 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
5
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
6 This module implements a cookie that is not alterable from the client
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
7 because it adds a checksum the server checks for. You can use it as
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
8 session replacement if all you have is a user id or something to mark
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
9 a logged in user.
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
10
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
11 Keep in mind that the data is still readable from the client as a
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
12 normal cookie is. However you don't have to store and flush the
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
13 sessions you have at the server.
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
14
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
15 Example usage:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
16
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
17 >>> from werkzeug.contrib.securecookie import SecureCookie
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
18 >>> x = SecureCookie({"foo": 42, "baz": (1, 2, 3)}, "deadbeef")
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
19
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
20 Dumping into a string so that one can store it in a cookie:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
21
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
22 >>> value = x.serialize()
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
23
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
24 Loading from that string again:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
25
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
26 >>> x = SecureCookie.unserialize(value, "deadbeef")
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
27 >>> x["baz"]
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
28 (1, 2, 3)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
29
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
30 If someone modifies the cookie and the checksum is wrong the unserialize
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
31 method will fail silently and return a new empty `SecureCookie` object.
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
32
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
33 Keep in mind that the values will be visible in the cookie so do not
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
34 store data in a cookie you don't want the user to see.
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
35
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
36 Application Integration
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
37 =======================
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
38
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
39 If you are using the werkzeug request objects you could integrate the
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
40 secure cookie into your application like this::
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
41
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
42 from werkzeug.utils import cached_property
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
43 from werkzeug.wrappers import BaseRequest
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
44 from werkzeug.contrib.securecookie import SecureCookie
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
45
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
46 # don't use this key but a different one; you could just use
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
47 # os.urandom(20) to get something random
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
48 SECRET_KEY = '\xfa\xdd\xb8z\xae\xe0}4\x8b\xea'
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
49
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
50 class Request(BaseRequest):
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
51
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
52 @cached_property
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
53 def client_session(self):
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
54 data = self.cookies.get('session_data')
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
55 if not data:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
56 return SecureCookie(secret_key=SECRET_KEY)
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
57 return SecureCookie.unserialize(data, SECRET_KEY)
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
58
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
59 def application(environ, start_response):
6129
7f12cf241d5e update werkzeug to 0.12.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6094
diff changeset
60 request = Request(environ)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
61
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
62 # get a response object here
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
63 response = ...
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
64
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
65 if request.client_session.should_save:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
66 session_data = request.client_session.serialize()
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
67 response.set_cookie('session_data', session_data,
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
68 httponly=True)
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
69 return response(environ, start_response)
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
70
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
71 A less verbose integration can be achieved by using shorthand methods::
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
72
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
73 class Request(BaseRequest):
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
74
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
75 @cached_property
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
76 def client_session(self):
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
77 return SecureCookie.load_cookie(self, secret_key=COOKIE_SECRET)
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
78
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
79 def application(environ, start_response):
6129
7f12cf241d5e update werkzeug to 0.12.1, update CHANGES
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 6094
diff changeset
80 request = Request(environ)
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
81
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
82 # get a response object here
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
83 response = ...
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
84
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
85 request.client_session.save_cookie(response)
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
86 return response(environ, start_response)
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
87
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
88 :copyright: (c) 2014 by the Werkzeug Team, see AUTHORS for more details.
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
89 :license: BSD, see LICENSE for more details.
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
90 """
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
91 import pickle
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
92 import base64
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
93 from hmac import new as hmac
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
94 from time import time
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
95 from hashlib import sha1 as _default_hash
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
96
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
97 from werkzeug._compat import iteritems, text_type
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
98 from werkzeug.urls import url_quote_plus, url_unquote_plus
4754
7cb92118a93e updated werkzeug to 0.5.1
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4609
diff changeset
99 from werkzeug._internal import _date_to_unix
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
100 from werkzeug.contrib.sessions import ModificationTrackingDict
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
101 from werkzeug.security import safe_str_cmp
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
102 from werkzeug._compat import to_native
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
103
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
104
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
105 class UnquoteError(Exception):
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
106
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
107 """Internal exception used to signal failures on quoting."""
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
108
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
109
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
110 class SecureCookie(ModificationTrackingDict):
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
111
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
112 """Represents a secure cookie. You can subclass this class and provide
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
113 an alternative mac method. The import thing is that the mac method
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
114 is a function with a similar interface to the hashlib. Required
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
115 methods are update() and digest().
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
116
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
117 Example usage:
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
118
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
119 >>> x = SecureCookie({"foo": 42, "baz": (1, 2, 3)}, "deadbeef")
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
120 >>> x["foo"]
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
121 42
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
122 >>> x["baz"]
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
123 (1, 2, 3)
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
124 >>> x["blafasel"] = 23
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
125 >>> x.should_save
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
126 True
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
127
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
128 :param data: the initial data. Either a dict, list of tuples or `None`.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
129 :param secret_key: the secret key. If not set `None` or not specified
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
130 it has to be set before :meth:`serialize` is called.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
131 :param new: The initial value of the `new` flag.
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
132 """
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
133
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
134 #: The hash method to use. This has to be a module with a new function
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
135 #: or a function that creates a hashlib object. Such as `hashlib.md5`
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
136 #: Subclasses can override this attribute. The default hash is sha1.
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
137 #: Make sure to wrap this in staticmethod() if you store an arbitrary
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
138 #: function there such as hashlib.sha1 which might be implemented
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
139 #: as a function.
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
140 hash_method = staticmethod(_default_hash)
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
141
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
142 #: the module used for serialization. Unless overriden by subclasses
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
143 #: the standard pickle module is used.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
144 serialization_method = pickle
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
145
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
146 #: if the contents should be base64 quoted. This can be disabled if the
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
147 #: serialization process returns cookie safe strings only.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
148 quote_base64 = True
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
149
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
150 def __init__(self, data=None, secret_key=None, new=True):
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
151 ModificationTrackingDict.__init__(self, data or ())
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
152 # explicitly convert it into a bytestring because python 2.6
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
153 # no longer performs an implicit string conversion on hmac
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
154 if secret_key is not None:
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
155 secret_key = bytes(secret_key)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
156 self.secret_key = secret_key
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
157 self.new = new
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
158
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
159 def __repr__(self):
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
160 return '<%s %s%s>' % (
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
161 self.__class__.__name__,
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
162 dict.__repr__(self),
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
163 self.should_save and '*' or ''
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
164 )
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
165
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
166 @property
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
167 def should_save(self):
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
168 """True if the session should be saved. By default this is only true
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
169 for :attr:`modified` cookies, not :attr:`new`.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
170 """
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
171 return self.modified
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
172
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
173 @classmethod
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
174 def quote(cls, value):
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
175 """Quote the value for the cookie. This can be any object supported
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
176 by :attr:`serialization_method`.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
177
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
178 :param value: the value to quote.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
179 """
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
180 if cls.serialization_method is not None:
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
181 value = cls.serialization_method.dumps(value)
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
182 if cls.quote_base64:
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
183 value = b''.join(base64.b64encode(value).splitlines()).strip()
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
184 return value
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
185
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
186 @classmethod
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
187 def unquote(cls, value):
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
188 """Unquote the value for the cookie. If unquoting does not work a
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
189 :exc:`UnquoteError` is raised.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
190
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
191 :param value: the value to unquote.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
192 """
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
193 try:
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
194 if cls.quote_base64:
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
195 value = base64.b64decode(value)
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
196 if cls.serialization_method is not None:
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
197 value = cls.serialization_method.loads(value)
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
198 return value
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
199 except Exception:
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
200 # unfortunately pickle and other serialization modules can
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
201 # cause pretty every error here. if we get one we catch it
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
202 # and convert it into an UnquoteError
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
203 raise UnquoteError()
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
204
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
205 def serialize(self, expires=None):
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
206 """Serialize the secure cookie into a string.
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
207
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
208 If expires is provided, the session will be automatically invalidated
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
209 after expiration when you unseralize it. This provides better
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
210 protection against session cookie theft.
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
211
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
212 :param expires: an optional expiration date for the cookie (a
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
213 :class:`datetime.datetime` object)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
214 """
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
215 if self.secret_key is None:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
216 raise RuntimeError('no secret key defined')
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
217 if expires:
4754
7cb92118a93e updated werkzeug to 0.5.1
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4609
diff changeset
218 self['_expires'] = _date_to_unix(expires)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
219 result = []
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
220 mac = hmac(self.secret_key, None, self.hash_method)
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
221 for key, value in sorted(self.items()):
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
222 result.append(('%s=%s' % (
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
223 url_quote_plus(key),
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
224 self.quote(value).decode('ascii')
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
225 )).encode('ascii'))
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
226 mac.update(b'|' + result[-1])
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
227 return b'?'.join([
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
228 base64.b64encode(mac.digest()).strip(),
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
229 b'&'.join(result)
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
230 ])
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
231
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
232 @classmethod
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
233 def unserialize(cls, string, secret_key):
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
234 """Load the secure cookie from a serialized string.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
235
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
236 :param string: the cookie value to unserialize.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
237 :param secret_key: the secret key used to serialize the cookie.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
238 :return: a new :class:`SecureCookie`.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
239 """
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
240 if isinstance(string, text_type):
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
241 string = string.encode('utf-8', 'replace')
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
242 if isinstance(secret_key, text_type):
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
243 secret_key = secret_key.encode('utf-8', 'replace')
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
244 try:
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
245 base64_hash, data = string.split(b'?', 1)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
246 except (ValueError, IndexError):
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
247 items = ()
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
248 else:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
249 items = {}
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
250 mac = hmac(secret_key, None, cls.hash_method)
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
251 for item in data.split(b'&'):
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
252 mac.update(b'|' + item)
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
253 if b'=' not in item:
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
254 items = None
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
255 break
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
256 key, value = item.split(b'=', 1)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
257 # try to make the key a string
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
258 key = url_unquote_plus(key.decode('ascii'))
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
259 try:
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
260 key = to_native(key)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
261 except UnicodeError:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
262 pass
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
263 items[key] = value
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
264
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
265 # no parsing error and the mac looks okay, we can now
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
266 # sercurely unpickle our cookie.
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
267 try:
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
268 client_hash = base64.b64decode(base64_hash)
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
269 except TypeError:
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
270 items = client_hash = None
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
271 if items is not None and safe_str_cmp(client_hash, mac.digest()):
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
272 try:
6094
9f12f41504fc upgrade werkzeug from 0.8.3 to 0.11.11
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 5801
diff changeset
273 for key, value in iteritems(items):
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
274 items[key] = cls.unquote(value)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
275 except UnquoteError:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
276 items = ()
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
277 else:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
278 if '_expires' in items:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
279 if time() > items['_expires']:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
280 items = ()
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
281 else:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
282 del items['_expires']
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
283 else:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
284 items = ()
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
285 return cls(items, secret_key, False)
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
286
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
287 @classmethod
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
288 def load_cookie(cls, request, key='session', secret_key=None):
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
289 """Loads a :class:`SecureCookie` from a cookie in request. If the
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
290 cookie is not set, a new :class:`SecureCookie` instanced is
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
291 returned.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
292
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
293 :param request: a request object that has a `cookies` attribute
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
294 which is a dict of all cookie values.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
295 :param key: the name of the cookie.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
296 :param secret_key: the secret key used to unquote the cookie.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
297 Always provide the value even though it has
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
298 no default!
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
299 """
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
300 data = request.cookies.get(key)
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
301 if not data:
5801
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
302 return cls(secret_key=secret_key)
8de563c487be upgrade werkzeug to 0.8.1, document current bundled version and current minimum requirement (0.6, for py 2.7 compatibility)
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4754
diff changeset
303 return cls.unserialize(data, secret_key)
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
304
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
305 def save_cookie(self, response, key='session', expires=None,
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
306 session_expires=None, max_age=None, path='/', domain=None,
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
307 secure=None, httponly=False, force=False):
4609
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
308 """Saves the SecureCookie in a cookie on response object. All
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
309 parameters that are not described here are forwarded directly
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
310 to :meth:`~BaseResponse.set_cookie`.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
311
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
312 :param response: a response object that has a
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
313 :meth:`~BaseResponse.set_cookie` method.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
314 :param key: the name of the cookie.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
315 :param session_expires: the expiration date of the secure cookie
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
316 stored information. If this is not provided
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
317 the cookie `expires` date is used instead.
246ba4eecab2 updated werkzeug to 0.5.pre20090228
Thomas Waldmann <tw AT waldmann-edv DOT de>
parents: 4301
diff changeset
318 """
4301
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
319 if force or self.should_save:
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
320 data = self.serialize(session_expires or expires)
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
321 response.set_cookie(key, data, expires=expires, max_age=max_age,
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
322 path=path, domain=domain, secure=secure,
c689dfa55de1 Import werkzeug 0.3.1 package into MoinMoin.support (still need to insert CREDITS)
Florian Krupicka <florian.krupicka@googlemail.com>
parents:
diff changeset
323 httponly=httponly)