theSage21
commented
4 years ago They call the same function twice and so the token generator gives two different values.
Otp is shown in the url while emailing a person and the other is set in the cookie once the person logs in.
On Mon 20 Apr, 2020, 07:23 Shivank Gautam, notifications@github.com wrote:
@Shivank98 commented on this pull request.
In src/soa/models.py https://github.com/PyJaipur/Summer-of-Algorithm/pull/11#discussion_r411044800 :
permissions = Column(JSON)---------------
is_anon = False
+class LoginToken(Base):
- tablename = "logintoken"
- id = Column(Integer, primary_key=True)
- user_id = Column(Integer, ForeignKey("user.id"))
- otp = Column(String, nullable=False, unique=True)
- token = Column(String, nullable=False, unique=True)
- is_consumed = Column(Boolean, default=False)
- has_logged_out = Column(Boolean, default=False)
- user = relationship("User")
- @staticmethod
- def loop_create(session, **kwargs):
- "Try to create a token and retry if uniqueness fails"
- while True:
- tok = LoginToken(otp=token_urlsafe(), token=token_urlsafe(), **kwargs)
otp and token has the same value. why we need them both of them?
— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub https://github.com/PyJaipur/Summer-of-Algorithm/pull/11#pullrequestreview-396096637, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB2WHUPTSHKYRGBN63MUAL3RNOTIBANCNFSM4MGPNSNQ .
10
Tasks are tracked in the issue.