aboutsummaryrefslogtreecommitdiff
path: root/wqflask
diff options
context:
space:
mode:
authorBonfaceKilz2020-10-29 16:12:13 +0300
committerGitHub2020-10-29 16:12:13 +0300
commit6e6911b466c2727b16a190d8b714f55d7842d7e2 (patch)
treebc395eceb7a58002286c9275d40d21a8c885d2be /wqflask
parentf3e01550a63238688a12152ab560db6d02e09a82 (diff)
parentca22bbfdd36351e2b7d8f346b5a3ab81c94f7203 (diff)
downloadgenenetwork2-6e6911b466c2727b16a190d8b714f55d7842d7e2.tar.gz
Merge pull request #469 from BonfaceKilz/bug/fix-cookies-verification
Bug/Fix cookie verification bug
Diffstat (limited to 'wqflask')
-rw-r--r--wqflask/tests/utility/test_hmac.py13
-rw-r--r--wqflask/tests/wqflask/test_user_session.py15
-rw-r--r--wqflask/utility/hmac.py2
3 files changed, 29 insertions, 1 deletions
diff --git a/wqflask/tests/utility/test_hmac.py b/wqflask/tests/utility/test_hmac.py
index 7c61c0a6..4e3652f8 100644
--- a/wqflask/tests/utility/test_hmac.py
+++ b/wqflask/tests/utility/test_hmac.py
@@ -17,6 +17,19 @@ class TestHmacUtil(unittest.TestCase):
"""Test hmac creation with a utf-8 string"""
self.assertEqual(hmac_creation("ファイ"), "7410466338cfe109e946")
+ @mock.patch("utility.hmac.app.config",
+ {'SECRET_HMAC_CODE': ('\x08\xdf\xfa\x93N\x80'
+ '\xd9\\H@\\\x9f`\x98d^'
+ '\xb4a;\xc6OM\x946a\xbc'
+ '\xfc\x80:*\xebc')})
+ def test_hmac_creation_with_cookie(self):
+ """Test hmac creation with a cookie"""
+ cookie = "3f4c1dbf-5b56-4260-87d6-f35445bda37e:af4fcf5eace9e7c864ce"
+ uuid_, _, signature = cookie.partition(":")
+ self.assertEqual(
+ hmac_creation(uuid_),
+ "af4fcf5eace9e7c864ce")
+
@mock.patch("utility.hmac.app.config", {'SECRET_HMAC_CODE': "secret"})
def test_data_hmac(self):
"""Test data_hmac fn with a utf-8 string"""
diff --git a/wqflask/tests/wqflask/test_user_session.py b/wqflask/tests/wqflask/test_user_session.py
new file mode 100644
index 00000000..ebb0334a
--- /dev/null
+++ b/wqflask/tests/wqflask/test_user_session.py
@@ -0,0 +1,15 @@
+"""Test cases for some methods in user_session.py"""
+
+import unittest
+from wqflask.user_session import verify_cookie
+
+
+class TestUserSession(unittest.TestCase):
+ def test_verify_cookie(self):
+ """
+ Test cookie verification
+ """
+ self.assertEqual(
+ "3f4c1dbf-5b56-4260-87d6-f35445bda37e",
+ verify_cookie(("3f4c1dbf-5b56-4260-87d6-"
+ "f35445bda37e:af4fcf5eace9e7c864ce")))
diff --git a/wqflask/utility/hmac.py b/wqflask/utility/hmac.py
index 6623f69a..29891677 100644
--- a/wqflask/utility/hmac.py
+++ b/wqflask/utility/hmac.py
@@ -10,7 +10,7 @@ def hmac_creation(stringy):
"""Helper function to create the actual hmac"""
secret = app.config['SECRET_HMAC_CODE']
- hmaced = hmac.new(bytearray(secret, "utf-8"),
+ hmaced = hmac.new(bytearray(secret, "latin-1"),
bytearray(stringy, "utf-8"),
hashlib.sha1)
hm = hmaced.hexdigest()