def extract_secret(self, resp, user=None): setup_signer = self.signer(user or self.user) return base64.b32decode(setup_signer.unsign(resp.context[-1]['form'].secret))