-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #46 from gnosischain/dev
Add waiting period
- Loading branch information
Showing
12 changed files
with
136 additions
and
53 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
FLASK_APP=api FAUCET_DATABASE_URI=sqlite:///test.db python3 -m flask db upgrade | ||
FLASK_APP=api FAUCET_DATABASE_URI=sqlite:///test.db python3 -m flask create_enabled_token xDAI 10200 0x0000000000000000000000000000000000000000 10 native | ||
FLASK_APP=api FAUCET_DATABASE_URI=sqlite:///test.db python3 -m flask create_access_keys | ||
FLASK_APP=api FAUCET_DATABASE_URI=sqlite:///$(pwd)/test.db python3 -m flask db upgrade | ||
FLASK_APP=api FAUCET_DATABASE_URI=sqlite:///$(pwd)/test.db python3 -m flask create_enabled_token xDAI 10200 0x0000000000000000000000000000000000000000 0.0001 native | ||
FLASK_APP=api FAUCET_DATABASE_URI=sqlite:///$(pwd)/test.db python3 -m flask create_access_keys | ||
# Take note of the access keys | ||
# Run API on port 3000 | ||
FLASK_APP=api FAUCET_DATABASE_URI=sqlite:///test.db python3 -m flask run -p 3000 | ||
FLASK_APP=api FAUCET_DATABASE_URI=sqlite:///$(pwd)/test.db python3 -m flask run -p 8000 |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,30 @@ | ||
from .conftest import BaseTest | ||
|
||
from datetime import datetime | ||
|
||
|
||
class TestCSRF(BaseTest): | ||
|
||
def test_values(self): | ||
token_obj = self.csrf.generate_token() | ||
timestamp = datetime(2020, 1, 18, 9, 30, 0).timestamp() | ||
token_obj = self.csrf.generate_token(timestamp=timestamp) | ||
self.assertTrue( | ||
self.csrf.validate_token(token_obj.request_id, token_obj.token) | ||
self.csrf.validate_token(token_obj.request_id, token_obj.token, token_obj.timestamp) | ||
) | ||
self.assertFalse( | ||
self.csrf.validate_token('myfakeid', token_obj.token, token_obj.timestamp) | ||
) | ||
self.assertFalse( | ||
self.csrf.validate_token('myfakeid', token_obj.token) | ||
self.csrf.validate_token('myfakeid', 'myfaketoken', token_obj.timestamp) | ||
) | ||
self.assertFalse( | ||
self.csrf.validate_token('myfakeid', 'myfaketoken') | ||
self.csrf.validate_token(token_obj.request_id, 'myfaketoken', token_obj.timestamp) | ||
) | ||
# test with timestamp for which diff between now() and creation time in seconds | ||
# is lower than min. waiting period. | ||
# Validation must return False since time interval is lower than mimimum waiting period. | ||
timestamp = datetime.now().timestamp() | ||
token_obj = self.csrf.generate_token(timestamp=timestamp) | ||
self.assertFalse( | ||
self.csrf.validate_token(token_obj.request_id, 'myfaketoken') | ||
self.csrf.validate_token(token_obj.request_id, token_obj.token, token_obj.timestamp) | ||
) |
Oops, something went wrong.