本文整理汇总了Python中trac.util.hex_entropy函数的典型用法代码示例。如果您正苦于以下问题:Python hex_entropy函数的具体用法?Python hex_entropy怎么用?Python hex_entropy使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了hex_entropy函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: test_hex_entropy
def test_hex_entropy(self):
"""hex_entropy() returns random hex digits"""
hex_digits = set('0123456789abcdef')
for i in xrange(129):
entropy = util.hex_entropy(i)
self.assertEqual(i, len(entropy))
self.assertEqual(set(), set(entropy) - hex_digits)
开发者ID:Stackato-Apps,项目名称:bloodhound,代码行数:7,代码来源:__init__.py
示例2: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function expects to be called when the remote user name
is available. The user name is inserted into the `auth_cookie`
table and a cookie identifying the user on subsequent requests
is sent back to the client.
If the Authenticator was created with `ignore_case` set to
true, then the authentication name passed from the web server
in req.remote_user will be converted to lower case before
being used. This is to avoid problems on installations
authenticating against Windows which is not case sensitive
regarding user names and domain names
"""
if not req.remote_user:
# TRANSLATOR: ... refer to the 'installation documentation'. (link)
inst_doc = tag.a(_('installation documentation'),
title=_("Configuring Authentication"),
href=req.href.wiki('TracInstall')
+ "#ConfiguringAuthentication")
raise TracError(tag_("Authentication information not available. "
"Please refer to the %(inst_doc)s.",
inst_doc=inst_doc))
remote_user = req.remote_user
if self.ignore_case:
remote_user = remote_user.lower()
if req.authname not in ('anonymous', remote_user):
raise TracError(_('Already logged in as %(user)s.',
user=req.authname))
with self.env.db_transaction as db:
# Delete cookies older than 10 days
db("DELETE FROM auth_cookie WHERE time < %s",
(int(time.time()) - 86400 * 10,))
# Insert a new cookie if we haven't already got one
cookie = None
trac_auth = req.incookie.get('trac_auth')
if trac_auth is not None:
name = self._cookie_to_name(req, trac_auth)
cookie = trac_auth.value if name == remote_user else None
if cookie is None:
cookie = hex_entropy()
db("""
INSERT INTO auth_cookie (cookie, name, ipnr, time)
VALUES (%s, %s, %s, %s)
""", (cookie, remote_user, req.remote_addr,
int(time.time())))
req.authname = remote_user
req.outcookie['trac_auth'] = cookie
req.outcookie['trac_auth']['path'] = self.auth_cookie_path \
or req.base_path or '/'
if self.env.secure_cookies:
req.outcookie['trac_auth']['secure'] = True
if sys.version_info >= (2, 6):
req.outcookie['trac_auth']['httponly'] = True
if self.auth_cookie_lifetime > 0:
req.outcookie['trac_auth']['expires'] = self.auth_cookie_lifetime
开发者ID:exocad,项目名称:exotrac,代码行数:59,代码来源:auth.py
示例3: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function displays a form to the user to log themselves in, and
verifies the information when the user submits that form. If the
authentication is successful, the user name is inserted into the
`auth_cookie` table and a cookie identifying the user on subsequent
requests is sent back to the client.
If the Authenticator was created with `ignore_case` set to true, then
the authentication name passed from the web form 'username' variable
will be converted to lower case before being used. This is to avoid
problems on installations authenticating against Windows which is not
case sensitive regarding user names and domain names
"""
if req.args.get("username"):
assert req.args.get("password"), "No password"
# Test authentication
try:
self._try_http_auth(
req.base_url[: req.base_url.find("/", 8)] + "/login",
req.args.get("username"),
req.args.get("password"),
)
except IOError, e:
# Incorrect password
req.hdf["title"] = "Login Failed"
req.hdf["login.action"] = self.env.href() + "/login"
req.hdf["login.referer"] = req.args.get("ref")
req.hdf["login.error"] = "Invalid username or password"
return None
# Successful authentication, set cookies and stuff
remote_user = req.args.get("username")
ignore_case = self.env.config.get("trac", "ignore_auth_case")
ignore_case = ignore_case.strip().lower() in TRUE
if ignore_case:
remote_user = remote_user.lower()
assert req.authname in ("anonymous", remote_user), "Already logged in as %s." % req.authname
cookie = hex_entropy()
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute(
"INSERT INTO auth_cookie (cookie,name,ipnr,time) " "VALUES (%s, %s, %s, %s)",
(cookie, remote_user, req.remote_addr, int(time.time())),
)
db.commit()
req.authname = remote_user
req.outcookie["trac_auth"] = cookie
req.outcookie["trac_auth"]["path"] = self.env.href()
req.redirect(req.args.get("ref") or self.env.abs_href())
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:56,代码来源:web_ui.py
示例4: send_auth_request
def send_auth_request(self, environ, start_response, stale='false'):
"""Send a digest challange to the browser. Record used nonces
to avoid replay attacks.
"""
nonce = hex_entropy()
self.active_nonces.append(nonce)
if len(self.active_nonces) > self.MAX_NONCES:
self.active_nonces = self.active_nonces[-self.MAX_NONCES:]
start_response('401 Unauthorized',
[('WWW-Authenticate',
'Digest realm="%s", nonce="%s", qop="auth", stale="%s"'
% (self.realm, nonce, stale))])('')
开发者ID:cyphactor,项目名称:lifecyclemanager,代码行数:12,代码来源:auth.py
示例5: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function expects to be called when the remote user name is
available. The user name is inserted into the `auth_cookie` table and a
cookie identifying the user on subsequent requests is sent back to the
client.
If the Authenticator was created with `ignore_case` set to true, then
the authentication name passed from the web server in req.remote_user
will be converted to lower case before being used. This is to avoid
problems on installations authenticating against Windows which is not
case sensitive regarding user names and domain names
"""
if not req.remote_user:
# TRANSLATOR: ... refer to the 'installation documentation'. (link)
inst_doc = tag.a(
_("installation documentation"),
title=_("Configuring Authentication"),
href=req.href.wiki("TracInstall") + "#ConfiguringAuthentication",
)
raise TracError(
tag_(
"Authentication information not available. " "Please refer to the %(inst_doc)s.", inst_doc=inst_doc
)
)
remote_user = req.remote_user
if self.ignore_case:
remote_user = remote_user.lower()
assert req.authname in ("anonymous", remote_user), _("Already logged in as %(user)s.", user=req.authname)
cookie = hex_entropy()
@self.env.with_transaction()
def store_session_cookie(db):
cursor = db.cursor()
# Delete cookies older than 10 days
cursor.execute("DELETE FROM auth_cookie WHERE time < %s", (int(time.time()) - 86400 * 10,))
cursor.execute(
"INSERT INTO auth_cookie (cookie,name,ipnr,time) " "VALUES (%s, %s, %s, %s)",
(cookie, remote_user, req.remote_addr, int(time.time())),
)
req.authname = remote_user
req.outcookie["trac_auth"] = cookie
req.outcookie["trac_auth"]["path"] = self.auth_cookie_path or req.base_path or "/"
if self.env.secure_cookies:
req.outcookie["trac_auth"]["secure"] = True
if self.auth_cookie_lifetime > 0:
req.outcookie["trac_auth"]["expires"] = self.auth_cookie_lifetime
开发者ID:wiraqutra,项目名称:photrackjp,代码行数:51,代码来源:auth.py
示例6: __init__
def __init__(self, env, req):
super(Session, self).__init__(env, None)
self.req = req
if req.authname == 'anonymous':
if not req.incookie.has_key(COOKIE_KEY):
self.sid = hex_entropy(24)
self.bake_cookie()
else:
sid = req.incookie[COOKIE_KEY].value
self.get_session(sid)
else:
if req.incookie.has_key(COOKIE_KEY):
sid = req.incookie[COOKIE_KEY].value
self.promote_session(sid)
self.get_session(req.authname, authenticated=True)
开发者ID:trac-ja,项目名称:trac-ja,代码行数:15,代码来源:session.py
示例7: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function expects to be called when the remote user name is
available. The user name is inserted into the `auth_cookie` table and a
cookie identifying the user on subsequent requests is sent back to the
client.
If the Authenticator was created with `ignore_case` set to true, then
the authentication name passed from the web server in req.remote_user
will be converted to lower case before being used. This is to avoid
problems on installations authenticating against Windows which is not
case sensitive regarding user names and domain names
"""
if not req.remote_user:
raise TracError(
tag(
"Authentication information not available. " "Please refer to the ",
tag.a(
"installation documentation",
title="Configuring Authentication",
href=req.href.wiki("TracInstall") + "#ConfiguringAuthentication",
),
".",
)
)
remote_user = req.remote_user
if self.ignore_case:
remote_user = remote_user.lower()
assert req.authname in ("anonymous", remote_user), "Already logged in as %s." % req.authname
cookie = hex_entropy()
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute(
"INSERT INTO auth_cookie (cookie,name,ipnr,time) " "VALUES (%s, %s, %s, %s)",
(cookie, remote_user, req.remote_addr, int(time.time())),
)
db.commit()
req.authname = remote_user
req.outcookie["trac_auth"] = cookie
req.outcookie["trac_auth"]["path"] = req.base_path or "/"
if self.env.secure_cookies:
req.outcookie["trac_auth"]["secure"] = True
开发者ID:gdgkyoto,项目名称:kyoto-gtug,代码行数:46,代码来源:auth.py
示例8: _get_form_token
def _get_form_token(self, req):
"""Used to protect against CSRF.
The 'form_token' is strong shared secret stored in a user cookie.
By requiring that every POST form to contain this value we're able to
protect against CSRF attacks. Since this value is only known by the
user and not by an attacker.
If the the user does not have a `trac_form_token` cookie a new
one is generated.
"""
if req.incookie.has_key('trac_form_token'):
return req.incookie['trac_form_token'].value
else:
req.outcookie['trac_form_token'] = hex_entropy(24)
req.outcookie['trac_form_token']['path'] = req.base_path
return req.outcookie['trac_form_token'].value
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:17,代码来源:main.py
示例9: save
def save(self, db=None):
handle_commit = False
if db is None:
db = self.env.get_db_cnx()
handle_commit = True
cursor = db.cursor()
if self.key is None:
self.key = hex_entropy(16)
if self.exists:
cursor.execute('UPDATE tracbl_apikeys SET key=%s WHERE email=%s', (self.key, self.email)) # ???: Is this needed?
else:
cursor.execute('INSERT INTO tracbl_apikeys (email, key) VALUES (%s, %s)', (self.email, self.key))
if handle_commit:
db.commit()
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:17,代码来源:model.py
示例10: _do_login
def _do_login(self, req, remote_user):
"""Log the remote user in."""
cookie = hex_entropy()
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute("INSERT INTO auth_cookie "
"(cookie ,name ,ipnr ,time) "
"VALUES (%s, %s, %s, %s)",
(cookie, remote_user, req.remote_addr,
int(time.time())))
db.commit()
req.outcookie['db_auth'] = cookie
req.outcookie['db_auth']['path'] = req.href()
req.outcookie['db_auth']['expires'] = 100000000
self._update_email(remote_user)
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:18,代码来源:auth.py
示例11: send_auth_request
def send_auth_request(self, environ, start_response, stale="false"):
"""Send a digest challange to the browser. Record used nonces
to avoid replay attacks.
"""
nonce = hex_entropy()
self.active_nonces.append(nonce)
if len(self.active_nonces) > self.MAX_NONCES:
self.active_nonces = self.active_nonces[-self.MAX_NONCES :]
start_response(
"401 Unauthorized",
[
(
"WWW-Authenticate",
'Digest realm="%s", nonce="%s", qop="auth", stale="%s"' % (self.realm, nonce, stale),
),
("Content-Length", "0"),
],
)("")
开发者ID:wiraqutra,项目名称:photrackjp,代码行数:18,代码来源:auth.py
示例12: _do_login
def _do_login(self, req):
"""Log the remote user in."""
remote_user, pwd = req.args.get('uid'), req.args.get('pwd')
remote_user = remote_user.lower()
cookie = hex_entropy()
db = get_db(self.env)
cursor = db.cursor()
cursor.execute("INSERT INTO trac_cookies "
"(envname, cookie, username, ipnr, unixtime) "
"VALUES (%s, %s, %s, %s, %s)", (self.envname, cookie, remote_user,
req.remote_addr, int(time.time())))
db.commit()
req.authname = remote_user
req.outcookie['trac_db_auth'] = cookie
req.outcookie['trac_db_auth']['expires'] = 100000000
req.outcookie['trac_db_auth']['path'] = self.env.href()
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:19,代码来源:auth.py
示例13: _create_auth_cookie
def _create_auth_cookie(self, req, remote_user):
cookie = hex_entropy()
sql = """
INSERT IGNORE INTO auth_cookie (cookie, name, ipnr, time)
VALUES (%s, %s, %s, %s)
"""
with admin_transaction() as cursor:
try:
cursor.execute(sql, (cookie, remote_user, req.remote_addr, int(time.time())))
except Exception:
self.log.exception("Failed to store auth cookie into database")
raise
# Make new cookie
self._set_outcookie(req, cookie)
# Create cached cookie
self.cookie.add(cookie)
return cookie
开发者ID:alvabai,项目名称:trac-multiproject,代码行数:20,代码来源:login.py
示例14: __init__
def __init__(self, env, req):
super(Session, self).__init__(env, None)
self.req = req
if req.incookie:
sid = ''
need_bake = False
if not req.incookie.has_key(COOKIE_KEY):
sid = hex_entropy(32)
need_bake = True
else:
sid = req.incookie[COOKIE_KEY].value
self.get_session(sid)
if need_bake or sid != self.sid:
self.bake_cookie()
else:
env.log.warning('no incookie')
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:20,代码来源:session.py
示例15: __init__
def __init__(self, env, req):
dict.__init__(self)
self.env = env
self.req = req
self.sid = None
self.last_visit = 0
self._new = True
self._old = {}
if req.authname == 'anonymous':
if not req.incookie.has_key(COOKIE_KEY):
self.sid = hex_entropy(24)
self.bake_cookie()
else:
sid = req.incookie[COOKIE_KEY].value
self.get_session(sid)
else:
if req.incookie.has_key(COOKIE_KEY):
sid = req.incookie[COOKIE_KEY].value
self.promote_session(sid)
self.get_session(req.authname, authenticated=True)
开发者ID:cyphactor,项目名称:lifecyclemanager,代码行数:20,代码来源:session.py
示例16: html_to_pdf
def html_to_pdf(self, req, html_pages, book=True, title='', subject='', version='', date=''):
self.env.log.debug('WikiPrint => Start function html_to_pdf')
page = Markup('\n<div><pdf:nextpage /></div>'.join(html_pages))
#Replace PageOutline macro with Table of Contents
if book:
#If book, remove [[TOC]], and add at beginning
page = page.replace('[[pdf-toc]]','')
page = Markup(self.get_toc()) + Markup(page)
else:
page = page.replace('[[pdf-toc]]',self.get_toc())
page = self.add_headers(req, page, book, title=title, subject=subject, version=version, date=date)
page = page.encode(self.default_charset, 'replace')
css_data = self.get_css(req)
pdf_file = StringIO.StringIO()
auth_cookie = hex_entropy()
loader = linkLoader(self.env, req, auth_cookie)
#Temporary authentication
self.env.log.debug("Storing temporary auth cookie %s for user %s", auth_cookie, req.authname)
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute("INSERT INTO auth_cookie (cookie,name,ipnr,time) "
"VALUES (%s, %s, %s, %s)", (auth_cookie, req.authname, '127.0.0.1', int(time.time())))
db.commit()
pdf = pisa.CreatePDF(page, pdf_file, show_errors_as_pdf = True, default_css = css_data, link_callback = loader.getFileName)
out = pdf_file.getvalue()
pdf_file.close()
cursor.execute("DELETE FROM auth_cookie WHERE cookie=%s", (auth_cookie,))
db.commit()
self.env.log.debug('WikiPrint => Finish function html_to_pdf')
return out
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:41,代码来源:wikiprint.py
示例17: _login
def _login(self, req, response):
"""Store login information into session."""
cookie = hex_entropy()
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute(
"INSERT INTO auth_cookie " "(cookie ,name ,ipnr ,time) " "VALUES (%s, %s, %s, %s)",
(cookie, response.identity_url, req.remote_addr, int(time.time())),
)
db.commit()
req.outcookie["trac_auth"] = cookie
req.outcookie["trac_auth"]["path"] = self.env.href()
req.outcookie["trac_auth"]["expires"] = 60 * 60 * 24
# update user's contact details
info = response.extensionResponse("sreg")
if info and info.has_key("fullname") and len(info["fullname"]) > 0:
req.session["name"] = info["fullname"]
if info and info.has_key("email") and len(info["email"]) > 0:
req.session["email"] = info["email"]
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:21,代码来源:auth.py
示例18: _get_form_token
def _get_form_token(self, req):
"""Used to protect against CSRF.
The 'form_token' is strong shared secret stored in a user
cookie. By requiring that every POST form to contain this
value we're able to protect against CSRF attacks. Since this
value is only known by the user and not by an attacker.
If the the user does not have a `trac_form_token` cookie a new
one is generated.
"""
if 'trac_form_token' in req.incookie:
return req.incookie['trac_form_token'].value
else:
req.outcookie['trac_form_token'] = hex_entropy(24)
req.outcookie['trac_form_token']['path'] = req.base_path or '/'
if self.env.secure_cookies:
req.outcookie['trac_form_token']['secure'] = True
if sys.version_info >= (2, 6):
req.outcookie['trac_form_token']['httponly'] = True
return req.outcookie['trac_form_token'].value
开发者ID:exocad,项目名称:exotrac,代码行数:21,代码来源:main.py
示例19: _do_login
def _do_login(self, req):
"""Log the remote user in.
This function expects to be called when the remote user name is
available. The user name is inserted into the `auth_cookie` table and a
cookie identifying the user on subsequent requests is sent back to the
client.
If the Authenticator was created with `ignore_case` set to true, then
the authentication name passed from the web server in req.remote_user
will be converted to lower case before being used. This is to avoid
problems on installations authenticating against Windows which is not
case sensitive regarding user names and domain names
"""
if not req.remote_user:
raise TracError(html(u"Pas d'information d'authentification disponible. "
u"Merci de vous référer à la ",
html.a(u"documentation d'installation",
title="Configuration de l'authentification",
href=req.href.wiki('TracInstall') +
"#ConfiguringAuthentication"), "."))
remote_user = req.remote_user
if self.ignore_case:
remote_user = remote_user.lower()
assert req.authname in ('anonymous', remote_user), \
u'Déjà connecté sous %s.' % req.authname
cookie = hex_entropy()
db = self.env.get_db_cnx()
cursor = db.cursor()
cursor.execute("INSERT INTO auth_cookie (cookie,name,ipnr,time) "
"VALUES (%s, %s, %s, %s)", (cookie, remote_user,
req.remote_addr, int(time.time())))
db.commit()
req.authname = remote_user
req.outcookie['trac_auth'] = cookie
req.outcookie['trac_auth']['path'] = req.href()
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:39,代码来源:auth.py
示例20: _do_login
def _do_login(self, req):
"""Log the remote user in."""
remote_user = req.args.get('uid')
remote_user = remote_user.lower()
cookie = hex_entropy()
db = get_db(self.env)
cursor = db.cursor()
sql = "INSERT INTO %s " \
"(%s, %s, %s, %s, %s) " \
"VALUES (%%s, %%s, %%s, %%s, %%s)" % \
(self.cookies['table'], self.cookies['envname'],
self.cookies['cookie'], self.cookies['username'],
self.cookies['ipnr'], self.cookies['unixtime'])
cursor.execute(sql, (self.envname, cookie, remote_user,
req.remote_addr, int(time.time())))
db.commit()
req.authname = remote_user
req.outcookie['trac_db_auth'] = cookie
req.outcookie['trac_db_auth']['expires'] = 100000000
req.outcookie['trac_db_auth']['path'] = self.env.href()
开发者ID:nyuhuhuu,项目名称:trachacks,代码行数:23,代码来源:auth.py
注:本文中的trac.util.hex_entropy函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论