Get hash from signing the user and store in cookie

README.md

@@ -53,7 +53,7 @@ Edit src/app/models/database.py to point at local server
 
 
 
-Run app
+###Run app
 
 $ cd src/app/
 

src/app/views/app.py

@@ -1,3 +1,4 @@
+import os
 import web
 from views.utils import get_nav_bar
 from views.login import Login
@@ -8,7 +9,7 @@ from views.new_project import New_project
 from views.open_projects import Open_projects
 from views.project import Project
 from views.index import Index
-
+#from views.apply import Apply
 
 # Define application routes
 urls = (
@@ -20,6 +21,7 @@ urls = (
     '/open_projects', 'Open_projects',
     '/project', 'Project',
     '/admin', 'Admin',
+    '/apply', 'Apply',
 )
                               
 # Initialize application using the web py framework

src/app/views/login.py

@@ -2,12 +2,20 @@ import web
 from views.forms import login_form
 import models.login
 from views.utils import get_nav_bar
+import os, hmac, base64, pickle, hashlib
+from io import StringIO
 
 # Get html templates
 render = web.template.render('templates/')
 
+
+
 class Login():
 
+    # Get the server secret to perform signatures
+    secret = web.config.get('session_parameters')['secret_key']
+
+
     def GET(self):
         """
         Show the login page
@@ -20,6 +28,9 @@ class Login():
         else:
             friends = [[],[]]
         nav = get_nav_bar(session)
+        if 1 == 1:
+            print(web.cookies())
+
         return render.login(nav, login_form, friends)
 
     def POST(self):
@@ -36,8 +47,38 @@ class Login():
             friends = models.login.get_users()
             session.username = user[0][1]
             session.userid = user[0][0]
+            print('remember me')
+            
+            web.setcookie('remember', self.rememberme())
         else:
             friends = [[],[]]
         nav = get_nav_bar(session)
         return render.login(nav, login_form, friends)
 
+    def rememberme(self):
+        session = web.ctx.session
+        creds = [session.username , self.sign() ]
+        print(creds)
+        return base64.b64encode(pickle.dumps(creds))
+
+    def sign(self):
+        session = web.ctx.session
+        return self.sign_username(session.username)
+
+    @classmethod
+    def sign_username(self, username):
+        secret = base64.b64decode(self.secret)
+        print(username)
+        return hmac.HMAC(secret, username.encode('utf-8')).hexdigest()
+ 
+    @classmethod
+    def valid_rememberme(self, cookie):
+        userame, userid, sign = pickle.load(StringIO.StringIO(base64.b64decode(cookie)))
+        if User.sign_username(user) == sign:
+            return True
+        return False
+        
+    @classmethod
+    def from_rememberme(self, cookie):
+        user, sign= pickle.load(StringIO.StringIO(base64.b64decode(cookie)))
+        return user