Mercurial > p > roundup > code
view roundup/cgi/timestamp.py @ 6578:b1f1539c6a31
issue2551182 - ... allow loading values from external file. flake8 cleanups
Secrets (passwords, secrets) can specify a file using file:// or
file:///. The first line of the file is used as the secret. This
allows committing config.ini to a VCS.
Following settings are changed:
[tracker] secret_key
[tracker] jwt_secret
[rdbms] password
[mail] password
details:
in roundup/configuration.py:
Defined SecretMandatoryOptions and SecretNullableOptions. Converted
all secret keys and password to one of the above.
Also if [mail] username is defined but [mail] password is not it
throws an error at load.
Cleaned up a couple of methods whose call signature included:
def ...(..., settings={}):
settings=None and it is set to empty dict inside the method.
Also replace exception.message with str(exception) for python3
compatibility.
in test/test_config:
changed munge_configini to support changing only within a section,
replacing keyword text.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Mon, 03 Jan 2022 22:18:57 -0500 |
| parents | 5ec3171580a6 |
| children | 07ce4e4110f5 |
line wrap: on
line source
'''Set of functions of adding/checking timestamp to be used to limit form submission for cgi actions. ''' import time, struct, binascii, base64 from roundup.cgi.exceptions import FormError from roundup.i18n import _ from roundup.anypy.strings import b2s, s2b def pack_timestamp(): return b2s(base64.b64encode(struct.pack("i", int(time.time()))).strip()) def unpack_timestamp(s): try: timestamp = struct.unpack("i", base64.b64decode(s2b(s)))[0] except (struct.error, binascii.Error, TypeError): raise FormError(_("Form is corrupted.")) return timestamp class Timestamped: def timecheck(self, field, delay): try: created = unpack_timestamp(self.form[field].value) except KeyError: raise FormError(_("Form is corrupted, missing: %s." % field)) if time.time() - created < delay: raise FormError(_("Responding to form too quickly.")) return True