Mercurial > kallithea
view scripts/generate-ini.py @ 7701:9c2fc1390291
tests: prepare for adding CSRF protection on login forms
CSRF is about avoiding abuse of credentials by doing things in existing
sessions. The login form does not have any previous credentials, so there is
nothing to abuse and no real need for CSRF protection. But there is still an
unauth session, so we *can* have CSRF protection.
CSRF protection is currently in LoginRequired (which obviously isn't
applied to the login form), but let's prepare for changing that.
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Fri, 04 Jan 2019 03:42:17 +0100 |
parents | 451b3f9d814e |
children | bbf7be28a11e |
line wrap: on
line source
#!/usr/bin/env python2 """ Based on kallithea/lib/paster_commands/template.ini.mako, generate development.ini """ import re from kallithea.lib import inifile # files to be generated from the mako template ini_files = [ ('development.ini', { '[server:main]': { 'host': '0.0.0.0', }, '[app:main]': { 'debug': 'true', 'app_instance_uuid': 'development-not-secret', 'beaker.session.secret': 'development-not-secret', }, '[handler_console]': { 'formatter': 'color_formatter', }, '[handler_console_sql]': { 'formatter': 'color_formatter_sql', }, '[logger_routes]': { 'level': 'DEBUG', }, '[logger_beaker]': { 'level': 'DEBUG', }, '[logger_templates]': { 'level': 'INFO', }, '[logger_kallithea]': { 'level': 'DEBUG', }, '[logger_tg]': { 'level': 'DEBUG', }, '[logger_gearbox]': { 'level': 'DEBUG', }, '[logger_whoosh_indexer]': { 'level': 'DEBUG', }, }, ), ] def main(): # make sure all mako lines starting with '#' (the '##' comments) are marked up as <text> makofile = inifile.template_file print 'reading:', makofile mako_org = open(makofile).read() mako_no_text_markup = re.sub(r'</?%text>', '', mako_org) mako_marked_up = re.sub(r'\n(##.*)', r'\n<%text>\1</%text>', mako_no_text_markup, flags=re.MULTILINE) if mako_marked_up != mako_org: print 'writing:', makofile open(makofile, 'w').write(mako_marked_up) # create ini files for fn, settings in ini_files: print 'updating:', fn inifile.create(fn, None, settings) if __name__ == '__main__': main()