-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathploverdojo.py
96 lines (68 loc) · 2.94 KB
/
ploverdojo.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
import hashlib
import hmac
import jinja2
import os
import re
import webapp2
from google.appengine.ext import db
from google.appengine.api import users
template_directory = os.path.join(os.path.dirname(__file__), 'templates')
jinja_environment = jinja2.Environment(
loader=jinja2.FileSystemLoader(template_directory), autoescape=True)
hmac_message = os.path.join(os.path.dirname(__file__), 'secret/message')
f = open(hmac_message, 'r')
SECRET = f.read().strip()
f.close()
def render_template(template, **template_values):
"""Renders the given template with the given template_values"""
# retrieve the html template
t = jinja_environment.get_template(template)
# render the html template with th given dictionary
return t.render(template_values)
def create_salt():
return hashlib.sha256(os.urandom(16)).hexdigest()
def create_salt_hash_pair(input, salt=None):
if not salt:
salt = create_salt()
hash = hmac.new(SECRET, salt + input, hashlib.sha256).hexdigest()
return "%s|%s" % (salt, hash)
def validate_salt_hash_pair(input, hash):
salt = hash.split('|')[0]
return hash == create_salt_hash_pair(input, salt)
def create_value_salt_hash_triplet(value, salt=None):
if not salt:
salt = create_salt()
hash = hmac.new(SECRET, str(value) + salt).hexdigest()
return "%s|%s|%s" % (value, salt, hash)
def validate_value_salt_hash_triplet(hash):
value = hash.split('|')[0]
salt = hash.split('|')[1]
if hash == create_value_salt_hash_triplet(value, salt):
return value
class BaseHandler(webapp2.RequestHandler):
"""Represents a handler which contains functions necessary for multiple
handlers"""
def write_template(self, template, **template_values):
"""Function to write out the given template with the given
template_values"""
self.response.out.write(render_template(template, **template_values))
def set_cookie(self, name, value):
"""Function to set an http cookie"""
self.response.headers.add_header('Set-Cookie', '%s=%s; Path=/' % (name, value))
def get_cookie(self, name):
"""Function to get the value of a named parameter of an http cookie"""
return self.request.cookies.get(name)
def set_encrypted_cookie(self, name, value):
"""Function to set an http cookie"""
self.response.headers.add_header('Set-Cookie', '%s=%s; Path=/' % (name, create_value_salt_hash_triplet(value)))
def get_encrypted_cookie(self, name):
"""Function to get the value of a named parameter of an http cookie"""
return validate_value_salt_hash_triplet(self.request.cookies.get(name))
class MainPage(BaseHandler):
def get(self):
user = users.get_current_user()
if user:
self.write_template('ploverdojo.html', **{'user': user})
else:
self.redirect(users.create_login_url(self.request.uri))
app = webapp2.WSGIApplication([('/?', MainPage)], debug=True)