views.py 文件源码-python代码片段

views.py 文件源码

python

阅读 26 收藏 0 点赞 0 评论 0

项目：DjanGoat 作者: Contrast-Security-OSS 项目源码文件源码

def check_if_valid_token(request):
    if 'HTTP_AUTHORIZATION' not in request.META:
        return False
    else:
        token = urlparse.unquote(request.META['HTTP_AUTHORIZATION'])
        regex = re.compile("(.*?)-(.*)")
        split_token = token.split('=')[1]
        regex_groups = regex.search(split_token)
        if regex_groups.group(1):
            id = regex_groups.group(1)
        else:
            return False
        if regex_groups.group(2):
            hash = regex_groups.group(2)
        else:
            return False

    sha = SHA.new()
    sha.update(ACCESS_TOKEN_SALT + ":" + str(id))
    return hash == sha.hexdigest()