From e24dace846fa52dea03b0214207c6093dad794e7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laura=20Kl=C3=BCnder?= <laura@codingcatgirl.de>
Date: Tue, 24 Oct 2017 23:26:09 +0200
Subject: [PATCH] set tile access cookie

---
 src/c3nav/mapdata/render/base.py | 16 ++++++++++++++++
 src/c3nav/settings.py            |  1 +
 src/c3nav/site/views.py          |  5 ++++-
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/src/c3nav/mapdata/render/base.py b/src/c3nav/mapdata/render/base.py
index 68ef9ae4..1a8b9822 100644
--- a/src/c3nav/mapdata/render/base.py
+++ b/src/c3nav/mapdata/render/base.py
@@ -1,11 +1,17 @@
+import base64
+import hashlib
+import hmac
 import pickle
+import time
 
+from django.conf import settings
 from django.core.cache import cache
 from django.db import transaction
 from shapely.ops import unary_union
 
 from c3nav.mapdata.cache import MapHistory
 from c3nav.mapdata.models import Level, MapUpdate
+from c3nav.mapdata.models.access import AccessPermission
 
 
 def get_render_level_ids(cache_key=None):
@@ -19,6 +25,16 @@ def get_render_level_ids(cache_key=None):
     return levels
 
 
+def set_tile_access_cookie(request, response):
+    access_permissions = AccessPermission.get_for_request(request)
+
+    if access_permissions or True:
+        value = ','.join(str(i) for i in access_permissions)+':'+str(int(time.time())+60)
+        key = hashlib.sha1(settings.SECRET_TILE_KEY.encode()).digest()
+        signed = base64.b64encode(hmac.new(key, msg=value.encode(), digestmod=hashlib.sha256).digest()).decode()
+        response.set_cookie(settings.TILE_ACCESS_COOKIE_NAME, value+':'+signed, max_age=60)
+
+
 class AltitudeAreaGeometries:
     def __init__(self, altitudearea=None, colors=None):
         if altitudearea is not None:
diff --git a/src/c3nav/settings.py b/src/c3nav/settings.py
index baaa9c64..48b1aaf7 100644
--- a/src/c3nav/settings.py
+++ b/src/c3nav/settings.py
@@ -161,6 +161,7 @@ STATIC_ROOT = os.path.join(os.path.dirname(__file__), 'static.dist')
 SESSION_COOKIE_NAME = 'c3nav_session'
 LANGUAGE_COOKIE_NAME = 'c3nav_language'
 CSRF_COOKIE_NAME = 'c3nav_csrftoken'
+TILE_ACCESS_COOKIE_NAME = 'c3nav_tile_access'
 SESSION_COOKIE_HTTPONLY = True
 
 # Application definition
diff --git a/src/c3nav/site/views.py b/src/c3nav/site/views.py
index 81dd271a..dda8775d 100644
--- a/src/c3nav/site/views.py
+++ b/src/c3nav/site/views.py
@@ -11,6 +11,7 @@ from django.utils import timezone
 
 from c3nav.mapdata.models import Source
 from c3nav.mapdata.models.level import Level
+from c3nav.mapdata.render.base import set_tile_access_cookie
 
 ctype_mapping = {
     'yes': ('up', 'down'),
@@ -64,7 +65,9 @@ def map_index(request):
     ctx = {
         'bounds': json.dumps(Source.max_bounds())
     }
-    return render(request, 'site/map.html', ctx)
+    response = render(request, 'site/map.html', ctx)
+    set_tile_access_cookie(request, response)
+    return response
 
 
 def main(request, location=None, origin=None, destination=None):