comparison MoinMoin/wikiutil.py @ 3880:85cd05b8af42

refactor ticket secret calculation (only done once, written to cfg.secrets if it is None)
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sat, 19 Jul 2008 16:07:54 +0200
parents ee74cf49c1ca
children 15bd8dae9003 56f98df584e6
comparison
equal deleted inserted replaced
3878:b13a58a18dac 3880:85cd05b8af42
2447 except: 2447 except:
2448 action = 'None' 2448 action = 'None'
2449 2449
2450 2450
2451 ticket = "%s.%s.%s" % (tm, pagename, action) 2451 ticket = "%s.%s.%s" % (tm, pagename, action)
2452 digest = sha.new() 2452 digest = sha.new(request.cfg.secrets)
2453 digest.update(ticket) 2453 digest.update(ticket)
2454 2454
2455 varnames = ['data_dir', 'data_underlay_dir', 'language_default',
2456 'mail_smarthost', 'mail_from', 'page_front_page',
2457 'theme_default', 'sitename', 'logo_string',
2458 'interwikiname', 'user_homewiki', 'acl_rights_before', ]
2459 for varname in varnames:
2460 var = getattr(request.cfg, varname, None)
2461 if isinstance(var, (str, unicode)):
2462 digest.update(repr(var))
2463
2464 return "%s.%s" % (ticket, digest.hexdigest()) 2455 return "%s.%s" % (ticket, digest.hexdigest())
2465
2466 2456
2467 def checkTicket(request, ticket): 2457 def checkTicket(request, ticket):
2468 """Check validity of a previously created ticket""" 2458 """Check validity of a previously created ticket"""
2469 try: 2459 try:
2470 timestamp_str = ticket.split('.')[0] 2460 timestamp_str = ticket.split('.')[0]