diff options
| author | 0livd <github@destras.fr> | 2017-12-15 17:10:28 +0100 |
|---|---|---|
| committer | Alexis Metaireau <alexis@notmyidea.org> | 2017-12-15 17:10:28 +0100 |
| commit | 8a68ac0d5b85f896dd59042c207bc63c3d026f7d (patch) | |
| tree | 888f9729d656eb0bec4f2e329301776bd31e1a9e /ihatemoney/models.py | |
| parent | 2866c868d55d197de8c39c34debc878b38929d98 (diff) | |
| download | ihatemoney-mirror-8a68ac0d5b85f896dd59042c207bc63c3d026f7d.zip ihatemoney-mirror-8a68ac0d5b85f896dd59042c207bc63c3d026f7d.tar.gz ihatemoney-mirror-8a68ac0d5b85f896dd59042c207bc63c3d026f7d.tar.bz2 | |
Use token based auth in invitation e-mails (#280)
* Use token based auth in invitation e-mails
Invitation e-mails no longer contain the clear
text project password
* Skip invite page after project creation
- Replace ``The project identifier is demo, remember it!``
by ``Invite other people to join this project!``
(linking to the invite page)
- Encourage users to share the project password via other
communication means in the reminder email
Diffstat (limited to 'ihatemoney/models.py')
| -rw-r--r-- | ihatemoney/models.py | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/ihatemoney/models.py b/ihatemoney/models.py index c801b74..9e11054 100644 --- a/ihatemoney/models.py +++ b/ihatemoney/models.py @@ -5,8 +5,8 @@ from flask_sqlalchemy import SQLAlchemy, BaseQuery from flask import g, current_app from sqlalchemy import orm -from itsdangerous import (TimedJSONWebSignatureSerializer - as Serializer, BadSignature, SignatureExpired) +from itsdangerous import (TimedJSONWebSignatureSerializer, URLSafeSerializer, + BadSignature, SignatureExpired) db = SQLAlchemy() @@ -201,22 +201,32 @@ class Project(db.Model): db.session.delete(self) db.session.commit() - def generate_token(self, expiration): + def generate_token(self, expiration=0): """Generate a timed and serialized JsonWebToken :param expiration: Token expiration time (in seconds) """ - serializer = Serializer(current_app.config['SECRET_KEY'], expiration) - return serializer.dumps({'project_id': self.id}).decode('utf-8') + if expiration: + serializer = TimedJSONWebSignatureSerializer( + current_app.config['SECRET_KEY'], + expiration) + token = serializer.dumps({'project_id': self.id}).decode('utf-8') + else: + serializer = URLSafeSerializer(current_app.config['SECRET_KEY']) + token = serializer.dumps({'project_id': self.id}) + return token @staticmethod - def verify_token(token): + def verify_token(token, token_type="timed_token"): """Return the project id associated to the provided token, None if the provided token is expired or not valid. :param token: Serialized TimedJsonWebToken """ - serializer = Serializer(current_app.config['SECRET_KEY']) + if token_type == "timed_token": + serializer = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY']) + else: + serializer = URLSafeSerializer(current_app.config['SECRET_KEY']) try: data = serializer.loads(token) except SignatureExpired: |