def main():
abspath = os.path.abspath(__file__)
dname = os.path.dirname(abspath)
os.chdir(dname)
action = sys.argv[1]
secret_key = sys.argv[2]
if action == "generate":
filename = sys.argv[3]
basename = filename.split(".")[-2]
extension = filename.split(".")[-1]
digest = hashlib.sha512(secret_key + basename).hexdigest()
des = URLSafeSerializer(digest)
credentials = {'filename': filename.encode("base64"),
'ext': extension,
'length': len(filename),
'signature': digest}
print des.dumps(credentials, salt="donttread")
return
signed_serial = sys.argv[3]
result = URLSafeSerializer("").loads_unsafe(signed_serial)
img = "snek.jpg"
try:
if result[1]:
signature = result[1]['signature']
extension = result[1]['ext']
filename = result[1]['filename'].decode("base64")
length = result[1]['length']
if len(filename) == length and len(extension) == 3:
basename = filename.split(".")[-2]
digest = hashlib.sha512(secret_key + splitext(filename)[0]).hexdigest()
if digest == signature:
des = URLSafeSerializer(digest)
des.loads(signed_serial, salt="donttread")
img = "%s.%s" % (basename, extension)
except:
pass
proc = subprocess.Popen(["./read_file", img], stdout=subprocess.PIPE)
imgo = proc.stdout.read().encode("base64").replace("\n", "")
output = '<img src="data:image/png;base64,%s" alt="i am %s" />' % (imgo, img)
print output
评论列表
文章目录
