Commit 956402c7 authored by Pavol Otto's avatar Pavol Otto

fixed Nonce problem: the generation process moved to the registration view

parent afe61329
......@@ -52,18 +52,6 @@ class Nonce(models.Model):
def __str__(self):
return "Nonce: %s, %s" % (self.server_url, self.salt)
def __init__(self, *args, **kwargs):
# Generate default salt
if not 'salt' in kwargs:
kwargs['salt'] = os.urandom(30).encode('base64')[:-1]
# Set the timestamp if not present
if not 'timestamp' in kwargs:
kwargs['timestamp'] = time.time()
super(Nonce, self).__init__(*args, **kwargs)
@property
def registration_nonce(self):
return "%d==%s" % (self.timestamp, self.salt)
......
# django-openid-auth - OpenID integration for django.contrib.auth
# django-mojeid-auth - MojeID integration for django.contrib.auth
#
# Copyright (C) 2013 CZ.NIC
# Copyright (C) 2013-2015 CZ.NIC
# Copyright (C) 2008-2013 Canonical Ltd.
# Copyright (C) 2007 Simon Willison
#
......@@ -28,6 +28,8 @@
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
import time
try:
# python3
from urllib.parse import urlsplit
......@@ -46,10 +48,12 @@ from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_POST
from openid.consumer.consumer import SUCCESS, CANCEL, FAILURE
from openid.cryptutil import randomString
from openid.extensions import ax, pape
from openid.fetchers import HTTPFetchingError
from openid.kvform import dictToKV
from openid.message import Message
from openid.store.nonce import NONCE_CHARS
from openid.yadis.constants import YADIS_CONTENT_TYPE
from django_mojeid import errors
......@@ -191,7 +195,8 @@ def registration(request, attribute_set='default',
user_id = user.pk if user else None
# Create Nonce
nonce = Nonce(server_url=realm, user_id=user_id)
nonce = Nonce(server_url=realm, user_id=user_id,
timestamp=time.time(), salt=randomString(35, NONCE_CHARS))
nonce.save()
fields = []
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment