Mercurial > p > roundup > code
view roundup/cgi/engine_chameleon.py @ 7809:be6cb2e0d471
feat: add support for rotating jwt keys
This allows jwt_secret to have multiple ',' separated secrets. The
first/leftmost should be used to sign new JWTs. All of them are used
(starting from left/newest) to try to verify a JWT.
If the first secret is < 32 chars in length JWTs are disabled. If any
of the other secrets are < 32 chars, the configuration code causes the
software to exit. This prevents insecure (too short) secrets from
being used.
Updated doc examples and tests.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 14 Mar 2024 19:04:19 -0400 |
| parents | ac0802452818 |
| children | 310e19beba3e |
line wrap: on
line source
"""Templating engine adapter for the Chameleon.""" __docformat__ = 'restructuredtext' import chameleon from roundup.cgi.templating import context, TALLoaderBase from roundup.anypy.strings import s2u class Loader(TALLoaderBase): def __init__(self, template_dir): self.template_dir = template_dir self.loader = chameleon.PageTemplateLoader(template_dir) def load(self, tplname): src, filename = self._find(tplname) return RoundupPageTemplate(self.loader.load(src)) class RoundupPageTemplate(object): def __init__(self, pt): self._pt = pt def render(self, client, classname, request, **options): c = context(client, self, classname, request) c.update({'options': options}) def translate(msgid, domain=None, mapping=None, default=None): result = client.translator.translate(domain, msgid, mapping=mapping, default=default) return s2u(result) output = self._pt.render(None, translate, **c) return output.encode(client.charset) def __getitem__(self, name): return self._pt[name] def __getattr__(self, name): return getattr(self._pt, name)