changeset 242:2caee09f41c4

merge from server
author Matt Johnston <matt@ucc.asn.au>
date Wed, 20 May 2015 00:03:53 +0800
parents 86e638d564b0 (current diff) c90190a380c6 (diff)
children c9b20d3d393a
files
diffstat 2 files changed, 15 insertions(+), 8 deletions(-) [+]
line wrap: on
line diff
--- a/web/templog.py	Tue May 19 23:58:51 2015 +0800
+++ b/web/templog.py	Wed May 20 00:03:53 2015 +0800
@@ -11,6 +11,7 @@
 import os
 import traceback
 import fcntl
+import hashlib
 
 import bottle
 from bottle import route, request, response
@@ -23,12 +24,23 @@
 DATE_FORMAT = '%Y%m%d-%H.%M'
 ZOOM_SCALE = 2.0
 
+class TemplogBottle(bottle.Bottle):
+    def run(*args, **argm):
+        argm['server'] = 'gevent'
+        super(TemplogBottle, self).run(*args, **argm)
+        print "ran custom bottle"
+
+#bottle.default_app.push(TemplogBottle())
+
+secure.setup_csrf()
+
 @route('/update', method='post')
 def update():
     js_enc = request.forms.data
     mac = request.forms.hmac
 
-    if hmac.new(config.HMAC_KEY, js_enc).hexdigest() != mac:
+    h = hmac.new(config.HMAC_KEY, js_enc.strip(), hashlib.sha256).hexdigest()
+    if h != mac:
         raise bottle.HTTPError(code = 403, output = "Bad key")
 
     js = zlib.decompress(binascii.a2b_base64(js_enc))
@@ -75,11 +87,6 @@
         csrf_blob = secure.get_csrf_blob(),
         allowed = allowed)
 
-@route('/set_current.json')
-def set_fresh():
-    response.set_header('Content-Type', 'application/javascript')
-    return log.get_current()
-
 @route('/')
 def top():
 
@@ -138,8 +145,6 @@
     response.set_header('Cache-Control', "public, max-age=1296000")
     return bottle.static_file(filename, root='static')
 
-secure.setup_csrf()
-
 def main():
     #bottle.debug(True)
     #bottle.run(reloader=True)
--- a/web/templog.wsgi	Tue May 19 23:58:51 2015 +0800
+++ b/web/templog.wsgi	Wed May 20 00:03:53 2015 +0800
@@ -1,3 +1,5 @@
+#from gevent import monkey; monkey.patch_all()
+
 import os
 import sys
 # Change working directory so relative paths (and template lookup) work again