cc1  v2.1
CC1 source code docs
 All Classes Namespaces Files Functions Variables Pages
tokens.py
Go to the documentation of this file.
1 # -*- coding: utf-8 -*-
2 # @COPYRIGHT_begin
3 #
4 # Copyright [2010-2014] Institute of Nuclear Physics PAN, Krakow, Poland
5 #
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
9 #
10 # http://www.apache.org/licenses/LICENSE-2.0
11 #
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
17 #
18 # @COPYRIGHT_end
19 
20 ##
21 # @package src.clm.utils.tokens
22 #
23 # @author Piotr W√≥jcik
24 # @date 21.09.2010
25 #
26 
27 from django.utils.http import int_to_base36, base36_to_int
28 
29 
30 ##
31 #
32 # Class for generating tokens during password reset.
33 #
35  ##
36  #
37  # @parameter{user,User} instance of the User whom Token should be
38  # generated for
39  #
40  # @returns{string} Token with timestamp generated for specified User
41  #
42  def make_token(self, user):
43  import hashlib
44  h = hashlib.sha1(user.password +
45  unicode(user.last_login_date) +
46  unicode(user.id)).hexdigest()[::2]
47  return "%s-%s" % (int_to_base36(user.id), h)
48 
49  ##
50  #
51  # @parameter{user,User} instance of the User whose Token should be
52  # checked.
53  # @parameter{token,string} Token to check
54  #
55  # @returns{bool} @val{true} for right Token, @val{false} for wrong Token
56  #
57  def check_token(self, user, token):
58  try:
59  ts_b36 = token.split("-")[0]
60  except ValueError:
61  return False
62 
63  try:
64  uid = base36_to_int(ts_b36)
65  except ValueError:
66  return False
67 
68  # Check that the uid has not been tampered with
69  if uid != user.id:
70  return False
71 
72  if self.make_token(user) != token:
73  return False
74 
75  return True
76 
77 default_token_generator = PasswordResetTokenGenerator()
78