-
Notifications
You must be signed in to change notification settings - Fork 2k
/
hash.py
28 lines (24 loc) · 839 Bytes
/
hash.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
import hmac
import hashlib
from pylons import config, request
global secret
secret = None
def get_message_hash(value):
if not secret:
global secret
# avoid getting config value at module scope since config may
# not be read in yet
secret = config['beaker.session.secret']
return hmac.new(secret, value, hashlib.sha1).hexdigest()
def get_redirect():
'''Checks the return_to value against the hash, and if it
is valid then returns the return_to for redirect. Otherwise
it returns None.'''
return_to = request.params.get('return_to')
hash_given = request.params.get('hash', '')
if not (return_to and hash_given):
return None
hash_expected = get_message_hash(return_to)
if hash_given == hash_expected:
return return_to.encode('utf-8')
return None