mirror/notebook
2
0
Fork 0
mirror of https://github.com/jupyter/notebook.git synced 2025-01-18 11:55:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3009 from Carreau/hashpw

Browse Source 
Hash cookie secret with user hashed password.
This commit is contained in:
Min RK 2017-11-03 11:16:49 +01:00 committed by GitHub
commit 9a05f28677
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
notebook/notebookapp.py
View File

@ -27,6 +27,7 @@ import threading
import time
import warnings
import webbrowser
import hmac
try: #PY3
from base64 import encodebytes
@ -674,11 +675,16 @@ class NotebookApp(JupyterApp):
def _default_cookie_secret(self):
if os.path.exists(self.cookie_secret_file):
with io.open(self.cookie_secret_file, 'rb') as f:
return f.read()
key = f.read()
else:
secret = encodebytes(os.urandom(1024))
self._write_cookie_secret_file(secret)
return secret
key = encodebytes(os.urandom(1024))
self._write_cookie_secret_file(key)
h = hmac.HMAC(key)
h.digest_size = len(key)
h.update(self.password.encode())
return h.digest()
def _write_cookie_secret_file(self, secret):
"""write my secret to my secret_file"""