PEP8-ification.
This commit is contained in:
parent
6bfbe02426
commit
5d2abe45b2
@ -37,14 +37,16 @@ class CsrfForm(Form):
|
|||||||
csrf_token = HiddenField("",
|
csrf_token = HiddenField("",
|
||||||
[validators.Required()])
|
[validators.Required()])
|
||||||
|
|
||||||
|
|
||||||
def render_csrf_form_token(request):
|
def render_csrf_form_token(request):
|
||||||
"""Render the CSRF token in a format suitable for inclusion in a
|
"""Render the CSRF token in a format suitable for inclusion in a
|
||||||
form."""
|
form."""
|
||||||
|
|
||||||
form = CsrfForm(csrf_token = request.environ['CSRF_TOKEN'])
|
form = CsrfForm(csrf_token=request.environ['CSRF_TOKEN'])
|
||||||
|
|
||||||
return form.csrf_token
|
return form.csrf_token
|
||||||
|
|
||||||
|
|
||||||
class CsrfMiddleware(object):
|
class CsrfMiddleware(object):
|
||||||
"""CSRF Protection Middleware
|
"""CSRF Protection Middleware
|
||||||
|
|
||||||
@ -87,7 +89,8 @@ class CsrfMiddleware(object):
|
|||||||
response.set_cookie(
|
response.set_cookie(
|
||||||
mg_globals.app_config['csrf_cookie_name'],
|
mg_globals.app_config['csrf_cookie_name'],
|
||||||
request.environ['CSRF_TOKEN'],
|
request.environ['CSRF_TOKEN'],
|
||||||
max_age=60*60*24*7*52, path='/',
|
max_age=60 * 60 * 24 * 7 * 52,
|
||||||
|
path='/',
|
||||||
domain=mg_globals.app_config.get('csrf_cookie_domain', None),
|
domain=mg_globals.app_config.get('csrf_cookie_domain', None),
|
||||||
secure=(request.scheme.lower() == 'https'),
|
secure=(request.scheme.lower() == 'https'),
|
||||||
httponly=True)
|
httponly=True)
|
||||||
@ -100,8 +103,7 @@ class CsrfMiddleware(object):
|
|||||||
|
|
||||||
return hashlib.md5("%s%s" %
|
return hashlib.md5("%s%s" %
|
||||||
(randrange(0, self.MAX_CSRF_KEY),
|
(randrange(0, self.MAX_CSRF_KEY),
|
||||||
mg_globals.app_config['secret_key'])
|
mg_globals.app_config['secret_key'])).hexdigest()
|
||||||
).hexdigest()
|
|
||||||
|
|
||||||
def verify_tokens(self, request):
|
def verify_tokens(self, request):
|
||||||
"""Verify that the CSRF Cookie exists and that it matches the
|
"""Verify that the CSRF Cookie exists and that it matches the
|
||||||
@ -128,4 +130,3 @@ class CsrfMiddleware(object):
|
|||||||
# either the tokens didn't match or the form token wasn't
|
# either the tokens didn't match or the form token wasn't
|
||||||
# present; either way, the request is denied
|
# present; either way, the request is denied
|
||||||
return HTTPForbidden()
|
return HTTPForbidden()
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user