1.1 --- a/WebStack/Helpers/Auth.py Sat May 29 23:55:48 2004 +0000
1.2 +++ b/WebStack/Helpers/Auth.py Sun May 30 14:40:18 2004 +0000
1.3 @@ -5,6 +5,7 @@
1.4 """
1.5
1.6 import base64
1.7 +import md5
1.8
1.9 class UserInfo:
1.10
1.11 @@ -33,4 +34,13 @@
1.12
1.13 self.username, self.password = None, None
1.14
1.15 +def get_token(plaintext, secret_key):
1.16 +
1.17 + """
1.18 + Return a string containing an authentication token made from the given
1.19 + 'plaintext' and 'secret_key'.
1.20 + """
1.21 +
1.22 + return plaintext + ":" + md5.md5(plaintext + secret_key).hexdigest()
1.23 +
1.24 # vim: tabstop=4 expandtab shiftwidth=4
2.1 --- a/examples/Common/Login/__init__.py Sat May 29 23:55:48 2004 +0000
2.2 +++ b/examples/Common/Login/__init__.py Sun May 30 14:40:18 2004 +0000
2.3 @@ -3,7 +3,7 @@
2.4 "An example login screen."
2.5
2.6 import WebStack.Generic
2.7 -import md5
2.8 +from WebStack.Helpers.Auth import get_token
2.9
2.10 class LoginResource:
2.11
2.12 @@ -128,11 +128,10 @@
2.13 if (username, password) in self.credentials:
2.14
2.15 # Make a special cookie token.
2.16 - # NOTE: This should be moved into a common library.
2.17
2.18 trans.set_cookie_value(
2.19 self.cookie_name,
2.20 - username + ":" + md5.md5(username + self.secret_key).hexdigest()
2.21 + get_token(username, self.secret_key)
2.22 )
2.23
2.24 return 1
3.1 --- a/examples/Common/LoginRedirect/__init__.py Sat May 29 23:55:48 2004 +0000
3.2 +++ b/examples/Common/LoginRedirect/__init__.py Sun May 30 14:40:18 2004 +0000
3.3 @@ -2,7 +2,7 @@
3.4
3.5 "Login redirection."
3.6
3.7 -import md5
3.8 +from WebStack.Helpers.Auth import get_token
3.9
3.10 class LoginRedirectResource:
3.11
3.12 @@ -74,10 +74,9 @@
3.13
3.14 # Test the token from the cookie against a recreated token using the
3.15 # given information.
3.16 - # NOTE: This should be moved into a common library.
3.17
3.18 username, code = cookie.value.split(":")
3.19 - if code == md5.md5(username + self.secret_key).hexdigest():
3.20 + if cookie.value == get_token(username, self.secret_key):
3.21
3.22 # Update the transaction with the user details.
3.23