Mercurial > moin > 1.9
changeset 2031:56d8a8a14114
don't use a separate random string function in session.py
author | Johannes Berg <johannes AT sipsolutions DOT net> |
---|---|
date | Thu, 26 Apr 2007 13:09:02 +0200 |
parents | 00f52826b5df |
children | cf883a6917ea |
files | MoinMoin/session.py MoinMoin/util/__init__.py |
diffstat | 2 files changed, 20 insertions(+), 19 deletions(-) [+] |
line wrap: on
line diff
--- a/MoinMoin/session.py Thu Apr 26 13:08:29 2007 +0200 +++ b/MoinMoin/session.py Thu Apr 26 13:09:02 2007 +0200 @@ -13,8 +13,8 @@ import Cookie from MoinMoin import caching from MoinMoin.user import User -import random -import time +from MoinMoin.util import random_string +import time, random class SessionData(object): """ @@ -231,18 +231,8 @@ _MOIN_SESSION = 'MOIN_SESSION' -_SECURITY_STRING_CHARS = 'abcdefghijklmnopqrstuvwxyz0123456789_-' - -def _generate_security_string(length): - """ generate a random length (length/2 .. length) - string with random content - - @param length: the maximum length - @return: the random string - """ - random_length = random.randint(length/2, length) - return ''.join([random.choice(_SECURITY_STRING_CHARS) - for i in range(random_length)]) +_SESSION_NAME_CHARS = 'abcdefghijklmnopqrstuvwxyz0123456789_-' +_SESSION_NAME_LEN = 32 def _make_cookie(request, cookie_name, cookie_string, maxage, expires): @@ -322,7 +312,8 @@ if _MOIN_SESSION in cookie: session_name = cookie[_MOIN_SESSION].value session_name = ''.join([c for c in session_name - if c in _SECURITY_STRING_CHARS]) + if c in _SESSION_NAME_CHARS]) + session_name = session_name[:_SESSION_NAME_LEN] return session_name @@ -376,7 +367,8 @@ store = hasattr(request.cfg, 'anonymous_cookie_lifetime') sessiondata.is_stored = store else: - session_name = _generate_security_string(32) + session_name = random_string(_SESSION_NAME_LEN, + _SESSION_NAME_CHARS) store = hasattr(request.cfg, 'anonymous_cookie_lifetime') sessiondata = self.dataclass(request, session_name) sessiondata.is_new = True
--- a/MoinMoin/util/__init__.py Thu Apr 26 13:08:29 2007 +0200 +++ b/MoinMoin/util/__init__.py Thu Apr 26 13:09:02 2007 +0200 @@ -125,7 +125,16 @@ self.buffer = None -def random_string(length): - chars = ''.join([chr(random.randint(0, 255)) for dummy in xrange(length)]) - return chars +def random_string(length, allowed_chars=None): + """ Generate a random string with given length consisting + of the given characters. + @param length: length of the string + @param allowed_chars: string with allowed characters or None + to indicate all 256 byte values should be used + @return: random string + """ + if allowed_chars is None: + return ''.join([chr(random.randint(0, 255)) for dummy in xrange(length)]) + + return ''.join([random.choice(allowed_chars) for dummy in xrange(length)])