python类URLSafeTimedSerializer()的实例源码

models.py 文件源码 项目:do-portal 作者: certeu 项目源码 文件源码 阅读 20 收藏 0 点赞 0 评论 0
def get_auth_token(self, last_totp=None):
        """Think of :class:`URLSafeTimedSerializer` `salt` parameter as
        namespace instead of salt. `The salt explained:
        <https://pythonhosted.org/itsdangerous/#the-salt>`_.
        """
        data = [self.email, self._password, str(self.id)]
        if last_totp:
            data.append(last_totp)
        s = URLSafeTimedSerializer(
            current_app.config['SECRET_KEY'],
            salt='user-auth',
            signer_kwargs=dict(
                key_derivation='hmac',
                digest_method=hashlib.sha256)
        )
        return s.dumps(data)
views.py 文件源码 项目:knowledge-base 作者: Axiacore 项目源码 文件源码 阅读 20 收藏 0 点赞 0 评论 0
def get(self, request, *args, **kwargs):
        if request.GET.get('key'):
            serializer = URLSafeTimedSerializer(settings.SECRET_KEY)
            try:
                user_id = serializer.loads(
                    request.GET.get('key'),
                    max_age=60 * 2,  # Signature expires after 2 minutes
                )
                user = get_object_or_404(User, id=user_id)
                user.backend = 'django.contrib.auth.backends.ModelBackend'
                login(request, user)

                return redirect('home')
            except (BadSignature, BadTimeSignature):
                return redirect('login')

        return super().get(request, *args, **kwargs)
views.py 文件源码 项目:knowledge-base 作者: Axiacore 项目源码 文件源码 阅读 28 收藏 0 点赞 0 评论 0
def form_valid(self, form):
        email = form.cleaned_data['email']
        user = User.objects.get(username=email)
        safe = URLSafeTimedSerializer(settings.SECRET_KEY)
        url = '{site}{path}?key={key}'.format(
            site=settings.SITE_URL,
            path=reverse('login'),
            key=safe.dumps(user.id),
        )

        send_mail(
            _('Link to login into the Knowledge Base'),
            url,
            settings.DEFAULT_FROM_EMAIL,
            [email],
            fail_silently=False,
            html_message=render_to_string(
                'login_email.html', {'url': url}
            ),
        )

        return redirect('home')
handlers.py 文件源码 项目:best-ever-chat 作者: lazymeadow 项目源码 文件源码 阅读 22 收藏 0 点赞 0 评论 0
def post(self):
        token = self.get_argument("token")
        try:
            from tornado_chat import SECRET_KEY
            serializer = URLSafeTimedSerializer(SECRET_KEY)
            parasite = serializer.loads(token, max_age=86400)  # do i really have to do 24hrs in secs?
            parasiteId = self.db.get("SELECT id, reset_token FROM parasite WHERE id = %s", parasite)
            if parasiteId is not None and self.get_argument("password") == self.get_argument(
                    "password2") and parasiteId.reset_token == token:
                hashed_password = yield executor.submit(
                    bcrypt.hashpw, tornado.escape.utf8(self.get_argument("password")),
                    bcrypt.gensalt())
                self.db.execute("UPDATE parasite SET password = %s, reset_token='' WHERE id = %s", hashed_password,
                                parasite)
                self.redirect("login?error=Password reset. Please login.")
            else:
                self.redirect("login?error=Password reset failed.")
        except:
            self.redirect("login?error=Password reset failed.")
authentication_service.py 文件源码 项目:tasking-manager 作者: hotosm 项目源码 文件源码 阅读 27 收藏 0 点赞 0 评论 0
def is_valid_token(token, token_expiry):
        """
        Validates if the supplied token is valid, and hasn't expired.
        :param token: Token to check
        :param token_expiry: When the token expires in seconds
        :return: True if token is valid, and user_id contained in token
        """
        entropy = current_app.secret_key if current_app.secret_key else 'un1testingmode'
        serializer = URLSafeTimedSerializer(entropy)

        try:
            tokenised_user_id = serializer.loads(token, max_age=token_expiry)
        except SignatureExpired:
            current_app.logger.debug('Token has expired')
            return False, None
        except BadSignature:
            current_app.logger.debug('Bad Token Signature')
            return False, None

        return True, tokenised_user_id
user.py 文件源码 项目:Albireo 作者: lordfriend 项目源码 文件源码 阅读 25 收藏 0 点赞 0 评论 0
def confirm_token(self, token, expiration=3600):
        from server import app
        serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
        session = SessionManager.Session()
        try:
            email = serializer.loads(
                token,
                salt=app.config['SECRET_PASSWORD_SALT'],
                max_age=expiration
            )
            if (email == self.email) and (not self.email_confirmed):
                self.email_confirmed = True
                user = session.query(User).filter(User.id == self.id).one()
                user.email_confirmed = True
                session.commit()
                rpc_request.send('email_changed', {'email': self.email, 'user_id': user.id})
                return json_resp({'message': 'ok'})
            else:
                raise ClientError('Invalid Token')
        except:
            raise ClientError('Invalid Token')
        finally:
            SessionManager.Session.remove()
sessions.py 文件源码 项目:Flask_Blog 作者: sugarguo 项目源码 文件源码 阅读 20 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
__init__.py 文件源码 项目:FRG-Crowdsourcing 作者: 97amarnathk 项目源码 文件源码 阅读 66 收藏 0 点赞 0 评论 0
def init_app(self, app):
        key = app.config['ITSDANGEROUSKEY']
        self.signer = URLSafeTimedSerializer(key)
sessions.py 文件源码 项目:swjtu-pyscraper 作者: Desgard 项目源码 文件源码 阅读 22 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:zanph 作者: zanph 项目源码 文件源码 阅读 20 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
register.py 文件源码 项目:NodeDefender 作者: CTSNE 项目源码 文件源码 阅读 20 收藏 0 点赞 0 评论 0
def generate_token(email):
    serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
    return serializer.dumps(email, salt=app.config['SECURITY_PASSWORD_SALT'])
register.py 文件源码 项目:NodeDefender 作者: CTSNE 项目源码 文件源码 阅读 22 收藏 0 点赞 0 评论 0
def confirm_token(token, expiration=3600):
    serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
    try:
        email = serializer.loads(
            token,
            salt=app.config['SECURITY_PASSWORD_SALT'],
            max_age=expiration
        )
    except:
        return False
    return email
csrf.py 文件源码 项目:Sci-Finder 作者: snverse 项目源码 文件源码 阅读 21 收藏 0 点赞 0 评论 0
def generate_csrf(secret_key=None, token_key=None):
    """Generate a CSRF token. The token is cached for a request, so multiple
    calls to this function will generate the same token.

    During testing, it might be useful to access the signed token in
    ``g.csrf_token`` and the raw token in ``session['csrf_token']``.

    :param secret_key: Used to securely sign the token. Default is
        ``WTF_CSRF_SECRET_KEY`` or ``SECRET_KEY``.
    :param token_key: Key where token is stored in session for comparision.
        Default is ``WTF_CSRF_FIELD_NAME`` or ``'csrf_token'``.
    """

    secret_key = _get_config(
        secret_key, 'WTF_CSRF_SECRET_KEY', current_app.secret_key,
        message='A secret key is required to use CSRF.'
    )
    field_name = _get_config(
        token_key, 'WTF_CSRF_FIELD_NAME', 'csrf_token',
        message='A field name is required to use CSRF.'
    )

    if field_name not in g:
        if field_name not in session:
            session[field_name] = hashlib.sha1(os.urandom(64)).hexdigest()

        s = URLSafeTimedSerializer(secret_key, salt='wtf-csrf-token')
        setattr(g, field_name, s.dumps(session[field_name]))

    return g.get(field_name)
sessions.py 文件源码 项目:Sci-Finder 作者: snverse 项目源码 文件源码 阅读 22 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
csrf.py 文件源码 项目:Sci-Finder 作者: snverse 项目源码 文件源码 阅读 22 收藏 0 点赞 0 评论 0
def generate_csrf(secret_key=None, token_key=None):
    """Generate a CSRF token. The token is cached for a request, so multiple
    calls to this function will generate the same token.

    During testing, it might be useful to access the signed token in
    ``g.csrf_token`` and the raw token in ``session['csrf_token']``.

    :param secret_key: Used to securely sign the token. Default is
        ``WTF_CSRF_SECRET_KEY`` or ``SECRET_KEY``.
    :param token_key: Key where token is stored in session for comparision.
        Default is ``WTF_CSRF_FIELD_NAME`` or ``'csrf_token'``.
    """

    secret_key = _get_config(
        secret_key, 'WTF_CSRF_SECRET_KEY', current_app.secret_key,
        message='A secret key is required to use CSRF.'
    )
    field_name = _get_config(
        token_key, 'WTF_CSRF_FIELD_NAME', 'csrf_token',
        message='A field name is required to use CSRF.'
    )

    if field_name not in g:
        if field_name not in session:
            session[field_name] = hashlib.sha1(os.urandom(64)).hexdigest()

        s = URLSafeTimedSerializer(secret_key, salt='wtf-csrf-token')
        setattr(g, field_name, s.dumps(session[field_name]))

    return g.get(field_name)
sessions.py 文件源码 项目:Texty 作者: sarthfrey 项目源码 文件源码 阅读 20 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
comm.py 文件源码 项目:sso 作者: hhr66 项目源码 文件源码 阅读 24 收藏 0 点赞 0 评论 0
def generate_validate_token(self, username):
        serializer = utsr(self.security_key)
        return serializer.dumps(username, self.salt)
comm.py 文件源码 项目:sso 作者: hhr66 项目源码 文件源码 阅读 23 收藏 0 点赞 0 评论 0
def confirm_validate_token(self, token, expiration=600):
        serializer = utsr(self.security_key)
        return serializer.loads(token, salt=self.salt, max_age=expiration)
comm.py 文件源码 项目:sso 作者: hhr66 项目源码 文件源码 阅读 27 收藏 0 点赞 0 评论 0
def remove_validate_token(self, token):
        serializer = utsr(self.security_key)
        return serializer.loads(token, salt=self.salt)
sessions.py 文件源码 项目:arithmancer 作者: google 项目源码 文件源码 阅读 25 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:tesismometro 作者: joapaspe 项目源码 文件源码 阅读 22 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:RPoint 作者: george17-meet 项目源码 文件源码 阅读 19 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:isni-reconcile 作者: cmh2166 项目源码 文件源码 阅读 21 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:flasky 作者: RoseOu 项目源码 文件源码 阅读 22 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:oa_qian 作者: sunqb 项目源码 文件源码 阅读 22 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:RealtimePythonChat 作者: quangtqag 项目源码 文件源码 阅读 21 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:gru 作者: similarweb 项目源码 文件源码 阅读 20 收藏 0 点赞 0 评论 0
def get_serializer(self, app):
        if not app.secret_key:
            return None
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt)
sessions.py 文件源码 项目:Indushell 作者: SecarmaLabs 项目源码 文件源码 阅读 19 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
sessions.py 文件源码 项目:Liljimbo-Chatbot 作者: chrisjim316 项目源码 文件源码 阅读 19 收藏 0 点赞 0 评论 0
def get_signing_serializer(self, app):
        if not app.secret_key:
            return None
        signer_kwargs = dict(
            key_derivation=self.key_derivation,
            digest_method=self.digest_method
        )
        return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
                                      serializer=self.serializer,
                                      signer_kwargs=signer_kwargs)
models.py 文件源码 项目:CodeGra.de 作者: CodeGra-de 项目源码 文件源码 阅读 18 收藏 0 点赞 0 评论 0
def get_reset_token(self) -> str:
        """Get a token which a user can use to reset his password.

        .. note:: Don't forget to commit the database.

        :returns: A token that can be used in :py:meth:`User.reset_password` to
            reset the password of a user.
        """
        ts = URLSafeTimedSerializer(psef.app.config['SECRET_KEY'])
        self.reset_token = str(uuid.uuid4())
        return str(ts.dumps(self.username, salt=self.reset_token))


问题


面经


文章

微信
公众号

扫码关注公众号