From: Mikael Frykholm <mikael@frykholm.com>
Date: Fri, 1 Apr 2016 04:14:54 +0000 (+0200)
Subject: Some more cleanup, storing secret for use with hashlib.hmac
X-Git-Url: https://git.frykholm.com/friends.git/commitdiff_plain/087a104b5bf65398adfb39f93c0fbe4b46e28147

Some more cleanup, storing secret for use with hashlib.hmac
---

diff --git a/friends/server.py b/friends/server.py
index 750ddc8..2895b8f 100644
--- a/friends/server.py
+++ b/friends/server.py
@@ -6,6 +6,7 @@ import sqlite3
 import arrow
 import datetime
 from rd import RD, Link
+import hashlib
 db = None
 #insert into user (name,email) values('mikael','mikael@frykholm.com');
 #insert into entry (userid,text) values (1,'My thoughts on ostatus');
@@ -36,12 +37,13 @@ class PushHandler(tornado.web.RequestHandler):
         path = hub_topic.split(self.settings['domain'])[1]
         user = path.split('user/')[1]
         row = db.execute("select id from user where name=?",(user,)).fetchone()
-        if row:
-            db.execute("INSERT into subscriptions (userid, expires, callback, verified) values (?,?,?,?)",(row['id'],datetime.datetime.now(),hub_callback,False))
+        if row: #FIXME calculate expire timestamp
+            db.execute("INSERT into subscriptions (userid, expires, callback, secret, verified) values (?,?,?,?)",(row['id'],datetime.datetime.now(),hub_secret,hub_callback,False))
             db.commit()
             self.set_status(202)
             #TODO add GET callback with the same data we got
-            #TODO store secret, add it to outgoing feeds with hmac
+            #TODO add secret to outgoing feeds with hmac
+
 class XrdHandler(tornado.web.RequestHandler):
     def get(self):
         self.render("templates/xrd.xml", hostname="ronin.frykholm.com", url=self.settings['domain'])
@@ -72,7 +74,6 @@ class FingerHandler(tornado.web.RequestHandler):
         rd.links.append(lnk)
         rd.links.append(lnk2)
         self.write(rd.to_json())
-        #self.render("templates/user.xml", user=user)
 
 class UserHandler(tornado.web.RequestHandler):
     def get(self, user):
@@ -111,6 +112,7 @@ def setup_db(path):
                                         userid integer,
                                         expires datetime,
                                         callback varchar,
+                                        secret varchar,
                                         verified bool,
                                         FOREIGN KEY(userid) REFERENCES user(id));""")
     con.commit()
diff --git a/friends/templates/user.xml b/friends/templates/user.xml
deleted file mode 100644
index d9862c4..0000000
--- a/friends/templates/user.xml
+++ /dev/null
@@ -1,4 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<XRD xmlns='http://docs.oasis-open.org/ns/xri/xrd-1.0'>
-    <Subject>{{user}}</Subject>
-</XRD>