whoogle-search/app/utils/session.py

from cryptography.fernet import Fernet
from flask import current_app as app

REQUIRED_SESSION_VALUES = ['uuid', 'config', 'fernet_keys']


def generate_user_keys(cookies_disabled=False) -> dict:
    """Generates a set of user keys

    Args:
        cookies_disabled: Flag for whether or not cookies are disabled by the
                          user. If so, the user can only use the default key
                          set generated on app init for queries.

    Returns:
        dict: A new Fernet key set

    """
    if cookies_disabled:
        return app.default_key_set

    # Generate/regenerate unique key per user
    return {
        'element_key': Fernet.generate_key(),
        'text_key': Fernet.generate_key()
    }


def valid_user_session(session: dict) -> bool:
    """Validates the current user session

    Args:
        session: The current Flask user session

    Returns:
        bool: True/False indicating that all required session values are
              available

    """
    # Generate secret key for user if unavailable
    for value in REQUIRED_SESSION_VALUES:
        if value not in session:
            return False

    return True