Mercurial > p > roundup > code

view roundup/cgi/timestamp.py @ 7201:da751d3a2138

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2551253 - Modify password PBKDF2 method to use SHA512 Added new PBKDF2S5 using PBKDF2 with SHA512 rather than the original PBKDF2 which used SHA1. Currently changes to interfaces.py are required to use it. If we choose to adopt it, need to decide if mechanisms will be available via config.ini to choose methods and force migration.
author John Rouillard <rouilj@ieee.org>
date Tue, 28 Feb 2023 15:49:47 -0500
parents 5ec3171580a6
children 07ce4e4110f5
line wrap: on
line source

'''Set of functions of adding/checking timestamp to be used to limit
   form submission for cgi actions.
'''

import time, struct, binascii, base64
from roundup.cgi.exceptions import FormError
from roundup.i18n import _
from roundup.anypy.strings import b2s, s2b


def pack_timestamp():
    return b2s(base64.b64encode(struct.pack("i", int(time.time()))).strip())


def unpack_timestamp(s):
    try:
        timestamp = struct.unpack("i", base64.b64decode(s2b(s)))[0]
    except (struct.error, binascii.Error, TypeError):
        raise FormError(_("Form is corrupted."))
    return timestamp


class Timestamped:
    def timecheck(self, field, delay):
        try:
            created = unpack_timestamp(self.form[field].value)
        except KeyError:
            raise FormError(_("Form is corrupted, missing: %s." % field))
        if time.time() - created < delay:
            raise FormError(_("Responding to form too quickly."))
        return True
Roundup Issue Tracker: http://roundup-tracker.org/