def generate_token_string(self, action=None):
"""Generate a hash of the given token contents that can be verified.
:param action:
A string representing the action that the generated hash is valid
for. This string is usually a URL.
:returns:
A string containing the hash contents of the given `action` and the
contents of the `XSRFToken`. Can be verified with
`verify_token_string`. The string is base64 encoded so it is safe
to use in HTML forms without escaping.
"""
digest_maker = self._digest_maker()
digest_maker.update(self.user_id)
digest_maker.update(self._DELIMITER)
if action:
digest_maker.update(action)
digest_maker.update(self._DELIMITER)
digest_maker.update(str(self.current_time))
return base64.urlsafe_b64encode(
self._DELIMITER.join([digest_maker.hexdigest(),
str(self.current_time)]))
评论列表
文章目录
