0002-templatetags-add-token-generation-with-seeds-31268.patch

Benjamin Dauvergne, 12 mars 2019 10:57

Voir les différences: en ligne côte à côte

Subject: [PATCH 2/2] templatetags: add token generation with seeds (#31268)

- add {% token_decimal/alphanum n seed1 .. seedn %} -> generate token
  based on hash of concatenation of seed1 .. seedn
- using a form linked information (like "form_number") as seed you can
  generate deterministic unique token for a formdata, removing the need to
  store the token in a backoffice field of the formdef.

 tests/test_templates.py           | 16 ++++++++++++++++
 wcs/qommon/templatetags/qommon.py | 19 +++++++++++++------
 2 files changed, 29 insertions(+), 6 deletions(-)

         assert not any(set(token) & set('01IiOo') for token in tokens)
         t = Template('{% if token1|token_check:token2 %}ok{% endif %}')
         assert t.render({'token1': tokens[0] + ' ', 'token2': tokens[0].lower()}) == 'ok'
     def test_token_alphanum_with_seed():
         tokens1 = [Template('{% token_alphanum 4 seed1 seed2 %}').render({'seed1': i, 'seed2': i + 1}) for i in range(100)]
         tokens2 = [Template('{% token_alphanum 4 seed1 seed2 %}').render({'seed1': i, 'seed2': i + 1}) for i in range(100)]
         assert all(len(token) == 4 for token in tokens1)
         assert all(token.upper() == token for token in tokens1)
         assert all(token.isalnum() for token in tokens1)
         assert all(len(token) == 4 for token in tokens2)
         assert all(token.upper() == token for token in tokens2)
         assert all(token.isalnum() for token in tokens2)
         assert tokens1 == tokens2
         # token_check is case insensitive
         t = Template('{% if token1|token_check:token2 %}ok{% endif %}')
         for token1, token2 in zip(tokens1, tokens2):
             assert t.render({'token1': token1 + ' ', 'token2': token2.lower()}) == 'ok'

         return decimal(abs(parse_decimal(value)))
     def generate_token(alphabet, length):
     def generate_token(alphabet, length, *seeds):
         # 128bits security is enough; for alphanum, 128 / log(32) = 36.9...
         if length > 37:
             raise ValueError('token_decimal/alphanum: length cannot be more than 37')
         choices = [random.SystemRandom().randrange(len(alphabet)) for i in range(length)]
         if seeds:
             choices = []
             seed = ''.join(map(str, seeds))
             for i in range(length):
                 seed = hashlib.sha256(seed).hexdigest()
                 choices.append(int(seed, 16) % len(alphabet))
         else:
             choices = [random.SystemRandom().randrange(len(alphabet)) for i in range(length)]
         return ''.join([alphabet[choice] for choice in choices])
     @register.simple_tag
     def token_decimal(length):
         return generate_token(string.digits, length)
     def token_decimal(length, *seeds):
         return generate_token(string.digits, length, *seeds)
     @register.simple_tag
     def token_alphanum(length):
         return generate_token('23456789ABCDEFGHJKLMNPQRSTUVWXYZ', length)
     def token_alphanum(length, *seeds):
         return generate_token('23456789ABCDEFGHJKLMNPQRSTUVWXYZ', length, *seeds)
     @register.filter
+    -

Projet

Général

Profil

Produits Entr'ouvert » w.c.s.

0002-templatetags-add-token-generation-with-seeds-31268.patch