Use Python 3.6 compatible HMAC code
This commit is contained in:
parent
2fc2fb43e1
commit
05c3440a33
GPG Key ID:
7234E476BF21C61A
|
|
@ -80,8 +80,8 @@ def import_signed(request):
|
|||
if 'sig' not in request.GET:
|
||||
return HttpResponse('Expected a signature parameter', status=400)
|
||||
|
||||
sig_expected = hmac.digest(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), request.GET['email'].encode('utf-8'), 'sha256').hex()
|
||||
if sig_expected != request.GET['sig']:
|
||||
sig_expected = hmac.new(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), request.GET['email'].encode('utf-8'), 'sha256').hexdigest()
|
||||
if not hmac.compare_digest(sig_expected, request.GET['sig']):
|
||||
return HttpResponse('Invalid signature', status=403)
|
||||
|
||||
member = mimport.by_email(request.GET['email'])
|
||||
|
|
@ -108,15 +108,15 @@ def import_search(request):
|
|||
'member': member,
|
||||
'years': models.Member.YEARS,
|
||||
'email_orig': member.email if member else None,
|
||||
'sig': hmac.digest(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), member.email.encode('utf-8'), 'sha256').hex() if member else None
|
||||
'sig': hmac.new(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), member.email.encode('utf-8'), 'sha256').hexdigest() if member else None
|
||||
})
|
||||
|
||||
def import_save(request):
|
||||
if request.method != 'POST':
|
||||
return redirect(reverse('import_index'))
|
||||
|
||||
sig_expected = hmac.digest(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), request.POST['email_orig'].encode('utf-8'), 'sha256').hex()
|
||||
if sig_expected != request.POST['sig']:
|
||||
sig_expected = hmac.new(settings.SECRET_KEY_MEMBERSIG.encode('utf-8'), request.POST['email_orig'].encode('utf-8'), 'sha256').hexdigest()
|
||||
if not hmac.compare_digest(sig_expected, request.POST['sig']):
|
||||
return HttpResponse('Invalid signature', status=403)
|
||||
|
||||
member = mimport.by_email(request.POST['email_orig'])
|
||||
|
|
|
|||
Loading…
Reference in New Issue