Home       Trees       Indices       Help   
wsgitools
Package wsgitools :: Module digest :: Class StatelessNonceStore
[hide private]
[frames] | no frames]

Class StatelessNonceStore

source code

This is a stateless nonce storage that cannot check the usage count for a nonce and thus cannot protect against replay attacks. It however can make it difficult by posing a timeout on nonces and making it difficult to forge nonces.

This nonce store is usable with scgi.forkpool.

>>> s = StatelessNonceStore()
>>> n = s.newnonce()
>>> s.checknonce("spam")
False
>>> s.checknonce(n)
True
>>> s.checknonce(n)
True
>>> s.checknonce(n.rsplit(':', 1)[0] + "bad hash")
False
Instance Methods [hide private]
 
__init__(self, maxage=300, secret=None)
x.__init__(...) initializes x; see help(type(x)) for signature		 source code
str
newnonce(self, ident=None)
Generates a new nonce string.		 source code
bool
checknonce(self, nonce, count=1, ident=None)
Check whether the provided string is a nonce.		 source code

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

__init__(self, maxage=300, secret=None)
(Constructor)

source code 

x.__init__(...) initializes x; see help(type(x)) for signature

Parameters:
  • maxage (int) - is the number of seconds a nonce may be valid. Choosing a large value may result in more memory usage whereas a smaller value results in more requests. Defaults to 5 minutes.
  • secret (str) - if not given, a secret is generated and is therefore shared after forks. Knowing this secret permits creating nonces.
Overrides: object.__init__

newnonce(self, ident=None)

source code 

Generates a new nonce string.

Parameters:
  • ident (None or str) - is an identifier to be associated with this nonce
Returns: str
Overrides: NonceStoreBase.newnonce

checknonce(self, nonce, count=1, ident=None)

source code 

Check whether the provided string is a nonce.

Parameters:
  • count (int) - indicates how often the nonce has been used (including this check)
  • ident (None or str) - it is also checked that the nonce was associated to this identifier when given
  • nonce (str)
Returns: bool
Overrides: NonceStoreBase.checknonce

   Home       Trees       Indices       Help   
wsgitools
Generated by Epydoc 3.0.1 on Tue Mar 10 15:01:50 2020 http://epydoc.sourceforge.net