Commits

Gregory Petukhov  committed 94c3fa0

Fix incorrect processing urls with non-empty hash part

  • Participants
  • Parent commits cb3e0ef

Comments (0)

Files changed (3)

             data_files.append(os.path.join(prefix, f))
 
 setup(
-    version = '0.1.3',
+    version = '0.1.4',
     description = 'Django application for user authentication with key in hypertext link',
     author = 'Grigoriy Petukhov',
     author_email = 'lorien@lorien.name',

File urlauth/tests.py

         self.assertEqual(url, '%s&%s=%s' % (clean_url,
                                             settings.URLAUTH_AUTHKEY_NAME, key.id))
 
+        # Test url with hash
+        AuthKey.objects.all().delete()
+        clean_url = 'http://ya.ru#hash'
+        url = wrap_url(clean_url, uid=self.user.pk, expired=expired)
+        key = AuthKey.objects.get()
+        self.assertEqual(url, 'http://ya.ru?%s=%s#hash' % (settings.URLAUTH_AUTHKEY_NAME,
+                                                           key.id))
+
+        # Test url with hash and non-empty querystring
+        AuthKey.objects.all().delete()
+        clean_url = 'http://ya.ru?foo=bar#hash'
+        url = wrap_url(clean_url, uid=self.user.pk, expired=expired)
+        key = AuthKey.objects.get()
+        self.assertEqual(url, 'http://ya.ru?foo=bar&%s=%s#hash' % (settings.URLAUTH_AUTHKEY_NAME,
+                                                           key.id))
+
     def test_validate_key(self):
         expired = datetime.now() - timedelta(seconds=1)
         key = AuthKey.objects.create_key(uid=self.user.pk, expired=expired, foo='bar')

File urlauth/util.py

     if not 'uid' in kwargs:
         raise Exception('wrap_url function requires uid name argument')
 
-    hash = AuthKey.objects.create_key(**kwargs)
+    key_id = AuthKey.objects.create_key(**kwargs)
     clue = '?' in url and '&' or '?'
-    url = '%s%s%s=%s' % (url, clue, settings.URLAUTH_AUTHKEY_NAME, hash)
+    parts = url.rsplit('#', 1)
+    if len(parts) > 1:
+        url, hash = parts
+        hash = '#%s' % hash
+    else:
+        hash = ''
+    url = '%s%s%s=%s%s' % (url, clue, settings.URLAUTH_AUTHKEY_NAME, key_id, hash)
     return url