def find_by_cookie(cls, cookie_str):
if not cookie_str:
return None
try:
L = cookie_str.split('-')
if len(L) != 3:
return None
uid, expires, sha1 = L
if int(expires) < time.time():
return None
user = await cls.find(uid)
if not user:
return None
s = '%s-%s-%s-%s' % (uid, user.get('password'), expires, COOKIE_KEY)
if sha1 != hashlib.sha1(s.encode('utf-8')).hexdigest():
logging.info('invalid sha1')
return None
user.password = '******'
return user
except Exception as e:
logging.exception(e)
return None
# ?????
评论列表
文章目录