Mercurial > p > roundup > code

view roundup/cgi/timestamp.py @ 6823:fe0091279f50

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Refactor session db logging and key generation for sessions/otks While I was working on the redis sessiondb stuff, I noticed that log_wanrning, get_logger ... was duplicated. Also there was code to generate a unique key for otks that was duplicated. Changes: creating new sessions_common.py and SessionsCommon class to provide methods: log_warning, log_info, log_debug, get_logger, getUniqueKey getUniqueKey method is closer to the method used to make session keys in client.py. sessions_common.py now report when random_.py chooses a weak random number generator. Removed same from rest.py. get_logger reconciles all logging under roundup.hyperdb.backends.<name of BasicDatabase class> some backends used to log to root logger. have BasicDatabase in other sessions_*.py modules inherit from SessionCommon. change logging to use log_* methods. In addition: remove unused imports reported by flake8 and other formatting changes modify actions.py, rest.py, templating.py to use getUniqueKey method. add tests for new methods test_redis_session.py swap out ModuleNotFoundError for ImportError to prevent crash in python2 when redis is not present. allow injection of username:password or just password into redis connection URL. set pytest_redis_pw envirnment variable to password or user:password when running test.
author John Rouillard <rouilj@ieee.org>
date Sun, 07 Aug 2022 01:51:11 -0400
parents 5ec3171580a6
children 07ce4e4110f5
line wrap: on
line source

'''Set of functions of adding/checking timestamp to be used to limit
   form submission for cgi actions.
'''

import time, struct, binascii, base64
from roundup.cgi.exceptions import FormError
from roundup.i18n import _
from roundup.anypy.strings import b2s, s2b


def pack_timestamp():
    return b2s(base64.b64encode(struct.pack("i", int(time.time()))).strip())


def unpack_timestamp(s):
    try:
        timestamp = struct.unpack("i", base64.b64decode(s2b(s)))[0]
    except (struct.error, binascii.Error, TypeError):
        raise FormError(_("Form is corrupted."))
    return timestamp


class Timestamped:
    def timecheck(self, field, delay):
        try:
            created = unpack_timestamp(self.form[field].value)
        except KeyError:
            raise FormError(_("Form is corrupted, missing: %s." % field))
        if time.time() - created < delay:
            raise FormError(_("Responding to form too quickly."))
        return True
Roundup Issue Tracker: http://roundup-tracker.org/