Validate token in controller's HTTP handlers

src/controller/handlers/solution_check_handler.py

@@ -1,15 +1,19 @@
-from tornado.web import RequestHandler
+import secrets
+from tornado.web import RequestHandler, HTTPError
 
 from tfw.config.logs import logging
 log = logging.getLogger(__name__)
 
 class SolutionCheckHandler(RequestHandler):
-    def initialize(self, solvable_connector):
+    def initialize(self, solvable_connector, token):
         self.solvable_connector = solvable_connector
+        self.token = token
 
     async def get(self):
         log.debug('Sending request to solvable')
         self.solvable_connector.send('solution_check', {})
-        resp_key, resp_data = await self.solvable_connector.recv()
+        resp_token, resp_data = await self.solvable_connector.recv()
+        if not secrets.compare_digest(self.token, resp_token):
+            raise HTTPError(500, 'Solvable didn\'t provide initial token.')
         log.debug('Received answer from solvable')
         self.write(resp_data)

src/controller/handlers/test_handler.py

@@ -1,11 +1,15 @@
-from tornado.web import RequestHandler
+import secrets
+from tornado.web import RequestHandler, HTTPError
 
 
 class TestHandler(RequestHandler):
-    def initialize(self, solvable_connector):
+    def initialize(self, solvable_connector, token):
         self.solvable_connector = solvable_connector
+        self.token = token
 
     async def get(self):
         self.solvable_connector.send('test', {})
-        resp_key, resp_data = await self.solvable_connector.recv()
+        resp_token, resp_data = await self.solvable_connector.recv()
+        if not secrets.compare_digest(self.token, resp_token):
+            raise HTTPError(500, 'Solvable didn\'t provide initial token.')
         self.write(resp_data)