wdf zdZddlmZddlZddlZddlmZddlmZmZddl m Z dd l m Z d Z Gd d e ZdS) a A provided CSRF implementation which puts CSRF data in a session. This can be used fairly comfortably with many `request.session` type objects, including the Werkzeug/Flask session store, Django sessions, and potentially other similar objects which use a dict-like API for storing session keys. The basic concept is a randomly generated value is stored in the user's session, and an hmac-sha1 of it (along with an optional expiration time, for extra security) is used as the value of the csrf_token. If this token validates with the hmac of the random value + expiration time, and the expiration time is not passed, the CSRF validation will pass. )unicode_literalsN)sha1)datetime timedelta)ValidationError)CSRF) SessionCSRFc`eZdZdZfdZdZdZdZedZ edZ xZ S)r z %Y%m%d%H%M%Scl|j|_tt||S)N)meta form_metasuperr setup_form)selfform __class__s Y/var/www/book.euthymeo.com/html/venv/lib/python3.11/site-packages/wtforms/csrf/session.pyrzSessionCSRF.setup_form s*[$''224888c(|j}|jtd|jt d|j}d|vr6t tjd |d<|j rA| |j z |j }|d|}n d}|d}tj|j|dt }|d| S) Nz>22<<>>GFO ? )xxzzDO3==d>NOOG#*6??GG">?? ? ? K HHJJ//0@AAMw&&%emm4H&I&IJJJ K K&&rc(tjS)zP Get the current time. Used for test mocking/overriding mainly. )rr(rs rr(zSessionCSRF.nowLs|~~rcJt|jdtdS)Ncsrf_time_limit)minutes)getattrrrr=s rr'zSessionCSRF.time_limitRs"t~'8)B:O:O:OPPPrcLt|jjd|jjS)Nr#)rBrr!r=s rr#zSessionCSRF.sessionVst~2It~?Z[[[r) __name__ __module__ __qualname__r*rr2r;r(propertyr'r# __classcell__)rs@rr r s K99999;;;,KKK$ QQXQ\\X\\\\\rr )__doc__ __future__rr+r$hashlibrrr validatorsrcorer __all__r rrrPs  (''''' (((((((((((((( ;\;\;\;\;\$;\;\;\;\;\r