Changeset 118


Ignore:
Timestamp:
Oct 7, 2007, 5:17:25 PM (16 years ago)
Author:
quentin
Message:

Generate real authentication tokens

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/vnc/vnc_server/vncexternalauth.py

    r115 r118  
    6666            return #FIXME
    6767        token = base64.urlsafe_b64decode(token)
    68         token = cPickle.load(token)
     68        token = cPickle.loads(token)
    6969        m = hmac.new(TOKEN_KEY, digestmod=sha)
    7070        m.update(token['data'])
    7171        if (m.digest() == token['digest']):
    72             data = cPickle.load(token['data'])
     72            data = cPickle.loads(token['data'])
    7373            expires = data["expires"]
    7474            if (time.time() < expires):
  • trunk/web/templates/main.py

    r113 r118  
    66import string
    77import subprocess
     8import time
     9import cPickle
     10import base64
    811
    912print 'Content-Type: text/html\n'
     
    207210    if machine is None: #gave error page already
    208211        return
    209     token = 'quentin'
     212   
     213    TOKEN_KEY = "0M6W0U1IXexThi5idy8mnkqPKEq1LtEnlK/pZSn0cDrN"
     214
     215    data = {}
     216    data["user"] = user
     217    data["machine"]=machine
     218    data["expires"]=time.time()+(5*60)
     219    pickledData = cPickle.dumps(data)
     220    m = hmac.new(TOKEN_KEY, digestmod=sha)
     221    m.update(pickledData)
     222    token = {'data': pickledData, 'digest': m.digest()}
     223    token = cPickle.dumps(token)
     224    token = base64.urlsafe_b64encode(token)
     225   
    210226    d = dict(user=user,
    211227             machine=machine,
Note: See TracChangeset for help on using the changeset viewer.