From 952d7073628a15058b5670e2ac1cef457209e2a2 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 20 Nov 2019 00:27:34 +0100 Subject: [PATCH] Make the linter gods happy --- moulinette/authenticators/__init__.py | 8 ++++---- test/test_auth.py | 3 --- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/moulinette/authenticators/__init__.py b/moulinette/authenticators/__init__.py index f8b0b45d..6622baf0 100644 --- a/moulinette/authenticators/__init__.py +++ b/moulinette/authenticators/__init__.py @@ -167,14 +167,14 @@ class BaseAuthenticator(object): raise MoulinetteError('unable_retrieve_session', exception=e) else: # - # session_id (or just id) : This is unique id for the current session from the user. Not too important + # session_id (or just id) : This is unique id for the current session from the user. Not too important # if this info gets stolen somehow. It is stored in the client's side (browser) using regular cookies. # - # session_token (or just token) : This is a secret info, like some sort of ephemeral password, - # used to authenticate the session without the user having to retype the password all the time... + # session_token (or just token) : This is a secret info, like some sort of ephemeral password, + # used to authenticate the session without the user having to retype the password all the time... # - It is generated on our side during the initial auth of the user (which happens with the actual admin password) # - It is stored on the client's side (browser) using (signed) cookies. - # - We also store it on our side in the form of a hash of {id}:{token} (c.f. _store_session). + # - We also store it on our side in the form of a hash of {id}:{token} (c.f. _store_session). # We could simply store the raw token, but hashing it is an additonal low-cost security layer # in case this info gets exposed for some reason (e.g. bad file perms for reasons...) # diff --git a/test/test_auth.py b/test/test_auth.py index 3c0aa1ae..df0f749f 100644 --- a/test/test_auth.py +++ b/test/test_auth.py @@ -57,9 +57,6 @@ def test_login_then_legit_request(moulinette_webapi): login(moulinette_webapi) - #for cookie in moulinette_webapi.cookiejar: - # cookie.domain = "localhost" - assert moulinette_webapi.get("/test-auth/default", status=200).text == '"some_data_from_default"'