Given a secret (assumed to be a string of CSRF_ALLOWED_CHARS), generate a token by adding a mask and applying it to the secret.
(secret)
| 57 | |
| 58 | |
| 59 | def _mask_cipher_secret(secret): |
| 60 | """ |
| 61 | Given a secret (assumed to be a string of CSRF_ALLOWED_CHARS), generate a |
| 62 | token by adding a mask and applying it to the secret. |
| 63 | """ |
| 64 | mask = _get_new_csrf_string() |
| 65 | chars = CSRF_ALLOWED_CHARS |
| 66 | pairs = zip((chars.index(x) for x in secret), (chars.index(x) for x in mask)) |
| 67 | cipher = "".join(chars[(x + y) % len(chars)] for x, y in pairs) |
| 68 | return mask + cipher |
| 69 | |
| 70 | |
| 71 | def _unmask_cipher_token(token): |