Mercurial > templog
diff web/secure.py @ 189:101c66da848d
watcher script
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sun, 09 Feb 2014 11:41:13 +0800 |
parents | adbf70d1449f |
children | 8318d50d766d |
line wrap: on
line diff
--- a/web/secure.py Fri Feb 07 23:32:08 2014 +0800 +++ b/web/secure.py Sun Feb 09 11:41:13 2014 +0800 @@ -4,13 +4,27 @@ import hmac import binascii import sys +import hashlib + +import bottle import config -__all__ = ["get_csrf_blob", "check_csrf_blob", "setup_csrf"] +__all__ = ["get_csrf_blob", "check_csrf_blob", "setup_csrf", "get_user_hash"] + +HASH=hashlib.sha1 def get_user_hash(): - return "aaa" + if bottle.request.environ.get('SSL_CLIENT_VERIFY', '') != 'GENEROUS': + return 'FAILVERIFY' + blob = bottle.request.environ.get('SSL_CLIENT_CERT') + if not blob: + return 'NOCERT' + + b64 = ''.join(l for l in blob.split('\n') + if not l.startswith('-')) + + return HASH(binascii.a2b_base64(b64)).hexdigest() def setup_csrf(): NONCE_SIZE=16