def generate_auth_token(self, expiration):
s = Serializer(current_app.config['SECRET_KEY'],
expires_in=expiration)
return s.dumps({'id': self.id}).decode('ascii')
python类TimedJSONWebSignatureSerializer()的实例源码
def verify_auth_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token)
except:
return None
return User.query.get(data['id'])
def generate_auth_token(self):
"""
desc: ???????token
params: user_id ???????
return: token
date: 2016-10-28
"""
s = TimedJSONWebSignatureSerializer(current_app.config.get("SECRET_KEY", "No secret key"),
current_app.config.get("USER_TOKEN_EXPIRATION", 3600))
return s.dumps({"user_id": self.id})
def verify_auth_token(cls, token):
s = TimedJSONWebSignatureSerializer(current_app.config.get("SECRET_KEY", "No secret key"))
try:
data = s.loads(token)
except SignatureExpired:
raise TokenExpired(http_responses.HTTP_400_BAD_REQUEST(msg={"error": u"Token?????????"}))
except BadSignature:
raise BadToken(http_responses.HTTP_400_BAD_REQUEST(msg={"error": u"Token????????"}))
try:
user = User.get_object(id=data["user_id"])
except ObjectNotExists:
raise BadToken(http_responses.HTTP_400_BAD_REQUEST(msg={"error": u"Token????????"}))
return user
def set_password(token):
"""Set initial customer password. The template for this route contains
bootstrap.css, bootstrap-theme.css and main.css.
This is similar to the password reset option with two exceptions:
it has a longer expiration time and does not require old password.
:param token: Token generated by
:meth:`app.models.User.generate_reset_token`
:return:
"""
s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'])
try:
s.loads(token)
except BadSignature:
flash('Signature expired.')
return redirect(url_for('main.index'))
form = SetPasswordForm()
if form.validate_on_submit():
User.set_password(token, form.data['password'])
flash('Your new password has been set.')
return redirect(url_for('main.index'))
for field, err in form.errors.items():
flash(err[0], 'danger')
return render_template('auth/set_password.html', form=form, token=token)
def generate_reset_token(self, expiry=900):
"""Generate a JSON Web Signature that will be used to reset customer's
password. For details see
:meth:`itsdangerous.JSONWebSignatureSerializer.dumps`
:param expiry: Token expiration time (seconds)
:return:
"""
s = TimedJSONWebSignatureSerializer(
current_app.config['SECRET_KEY'], expiry
)
return s.dumps({'user_id': self.id})
def set_password(cls, token, passwd):
"""Set the password for user
:param token:
:param passwd:
:return:
"""
s = TimedJSONWebSignatureSerializer(current_app.config['SECRET_KEY'])
data = s.loads(token)
user = cls.get(data.get('user_id'))
user.password = passwd
db.session.add(user)
db.session.commit()
def generate_reset_token(self, expiration=3600):
"""Generate token for password reset only with email address.
"""
s = Serializer(current_app.config['SECRET_KEY'], expiration)
return s.dumps({'reset': self.id})
def reset_password(self, token, new_password):
"""Reset password with tokens.
"""
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token)
except:
return False
if data.get('reset') != self.id:
return False
self.password = new_password
db.session.add(self)
return True
def generate_email_change_token(self, new_email, expiration=3600):
"""Generate token for changing email address.
"""
s = Serializer(current_app.config['SECRET_KEY'], expiration)
return s.dumps({'change_email': self.id, 'new_email': new_email})
def generate_auth_token(self, expiration):
"""Generate token for authentication.
"""
s = Serializer(current_app.config['SECRET_KEY'],
expires_in=expiration)
return s.dumps({'id': self.id}).decode('ascii')
def verify_token(token):
from flask import current_app
expire_time = current_app.config.get("EXPIRES_TIME") or 3600
token_key = current_app.config["APP_KEY"]
s = TimedJSONWebSignatureSerializer(token_key, expires_in=expire_time)
try:
d = s.loads(token)
user = User.query.get(d["uid"])
g.session_id = d["session"]
return user
except:
return None
def generate_token(self, session):
from flask import current_app
expire_time = current_app.config.get("EXPIRES_TIME") or 3600
token_key = current_app.config["APP_KEY"]
s = TimedJSONWebSignatureSerializer(token_key, expires_in=expire_time)
d = s.dumps({"username": self.xh, "uid": self.id_, "session": session})
return d.decode("ascii")
def post(self):
"""Can be execute when receive HTTP Method `POST`."""
args = parsers.user_post_parser.parse_args()
user = User.query.filter_by(username=args['username']).first()
# Check the args['password'] whether as same as user.password.
if user.check_password(args['password']):
# serializer object will be saved the token period of time.
serializer = Serializer(
current_app.config['SECRET_KEY'],
expires_in=600)
return {'token': serializer.dumps({'id': user.id})}
else:
abort(401)
def _make_token(self, data, timeout):
s = Serializer(current_app.config['SECRET_KEY'], timeout)
return s.dumps(data)
def _verify_token(self, token):
s = Serializer(current_app.config['SECRET_KEY'])
data = None
expired, invalid = False, False
try:
data = s.loads(token)
except SignatureExpired:
expired = True
except Exception:
invalid = True
return expired, invalid, data
def generate_auth_token(self, expiration):
s = Serializer(current_app.config['ECRET_KEY'],expires_in=expiration)
return s.dumps({'id': self.id})
def verify_auth_token(token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token)
except:
return None
return User.query.get(data['id'])
# ??????JSON????????
# ???????????????????????
def generate_confirmation_token(self, expiration=3600):
s = Serializer(current_app.config['SECRET_KEY'], expiration)
return s.dumps({'confirm': self.id})
def confirm(self, token):
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token)
except:
return False
if data.get('confirm') != self.id:
return False
self.confirmed = True
db.session.add(self)
return True
