From 41e07e56e98672fd9b7eaaa5977ed84ee8e1d93b Mon Sep 17 00:00:00 2001 From: NewbieOrange Date: Wed, 28 Jul 2021 00:57:53 +0800 Subject: [PATCH] Make __token_dict private in KeyAuthService --- management/auth.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/management/auth.py b/management/auth.py index 6bb0756e..30f88190 100644 --- a/management/auth.py +++ b/management/auth.py @@ -16,7 +16,7 @@ class KeyAuthService: requests. The key is passed as the username field in the standard HTTP Basic Auth header. """ - token_dict = ExpiringDict(max_len=1024, max_age_seconds=600) + __token_dict = ExpiringDict(max_len=1024, max_age_seconds=600) def __init__(self): self.auth_realm = DEFAULT_AUTH_REALM @@ -84,7 +84,7 @@ class KeyAuthService: privs = self.check_user_auth(username, password, request, env) if not self.validate_user_token(username, request, env): token = secrets.token_hex(16) - KeyAuthService.token_dict[username] = token + KeyAuthService.__token_dict[username] = token return (username, privs, token) def check_user_auth(self, email, pw, request, env): @@ -139,7 +139,7 @@ class KeyAuthService: def check_user_token(self, email, token, request, env): # Check whether a token matches the one we stored for the user. - return token is not None and KeyAuthService.token_dict.get(email) == token + return token is not None and KeyAuthService.__token_dict.get(email) == token def validate_user_token(self, email, request, env): # Check whether the provided token in request cookie matches the one we stored for the user.