#!/usr/bin/env python |
# encoding: utf-8 |
'' |
generate_keys.py |
Generate CSRF and Session keys, output to secret_keys.py file |
Usage: |
generate_keys.py [-f] |
Outputs secret_keys.py file in current folder |
By default, an existing secret_keys file will not be replaced. |
Use the '-f' flag to force the new keys to be written to the file |
'' |
importstring |
importos.path |
fromoptparseimportOptionParser |
fromrandomimportchoice |
fromstringimportTemplate |
# File settings |
file_name='secret_keys.py' |
file_path=os.path.join( |
os.path.dirname(os.path.realpath(__file__)), file_name) |
file_template=Template(''# CSRF- and Session keys |
CSRF_SECRET_KEY = '$csrf_key' |
SESSION_KEY = '$session_key' |
'') |
# Get options from command line |
parser=OptionParser() |
parser.add_option( |
'-d', |
'--dir', |
dest='dir', |
help='specify dir to output to') |
parser.add_option( |
'-f', |
'--force', |
dest='force', |
help='force overwrite of existing secret_keys file', |
action='store_true') |
parser.add_option( |
'-r', |
'--randomness', |
dest='randomness', |
help='length (randomness) of generated key; default = 24', |
default=24) |
(options, args) =parser.parse_args() |
defgenerate_randomkey(length): |
''Generate random key, given a number of characters'' |
chars=string.letters+string.digits |
return'.join([choice(chars) foriinrange(length)]) |
defwrite_file(contents): |
ifoptions.dirisnotNone: |
file_path=os.path.join(os.path.dirname( |
os.path.realpath(__file__)), |
options.dir, |
file_name) |
withopen(file_path, 'wb') asf: |
f.write(contents) |
defgenerate_keyfile(csrf_key, session_key): |
''Generate random keys for CSRF- and session key'' |
output=file_template.safe_substitute(dict( |
csrf_key=csrf_key, session_key=session_key |
)) |
ifos.path.exists(file_path): |
ifoptions.forceisNone: |
print('Warning: secret_keys.py file exists. ') |
print('Use 'generate_keys.py --force' to force overwrite.') |
else: |
write_file(output) |
else: |
write_file(output) |
defmain(): |
r=options.randomness |
csrf_key=generate_randomkey(r) |
session_key=generate_randomkey(r) |
generate_keyfile(csrf_key, session_key) |
if__name__'__main__': |
main() |
Session data in Python Flask. Unlike cookies, Session (session) data is stored on the server.The session is the interval at which the client logs on to the server and logs out the server.The data that is required to be saved in the session is stored in a temporary directory on the server. Assign session IDs to sessions for each client. On the server, JWTs are generated by signing user information via a secret key, which are then securely stored on the client. This form of auth works well with modern, single page applications. For more on this, along with the pros and cons of using JWTs vs. Session and cookie-based auth, please review the following articles.
The generated DN will use the value 'Unknown' for any fields you don't specify. You must enter the DNS name that is used to access the Reflection Gateway server (for example gateway.mycompany.com). Keytool generate rsa key pair. See the example below to enter these values directly on the command line.keytool -genkeypair -alias rgateway -keyalg RSA -keysize 2048 -keystore newkeystore.jks -validity 365 -storetype JCEKS.The keytool prompts you to enter a password and values for the items that make up the distinguished name (DN) in the certificate (name = CN, organizational unit = OU, organization = O, city or locality = L, state or province = S, two letter country code = C). The example shown here prompts you to enter values for items that make up the distinguished name (DN) in the certificate. .When you are prompted with “What is your first and last name?'