Python Itsdangerous

参考:
http://bbs.itheima.com/forum.php?mod=viewthread&tid=420455
https://segmentfault.com/q/1010000019136867/a-1020000019181039

带时间戳,就是在解密的时候,只解密规定时间内的数据,超过时间的不解密,报错

>>> from itsdangerous import TimedSerializer
>>> s=TimedSerializer('secret-key')
>>> s.dumps([1,2,3,4])
'[1, 2, 3, 4].DI7WHQ.yVOjwQWau5mVRGuVkoqa7654VXc'
>>> s.loads('[1, 2, 3, 4].DI7WHQ.yVOjwQWau5mVRGuVkoqa7654VXc')
[1, 2, 3, 4]
>>> s.loads('[1, 2, 3, 4].DI7WHQ.yVOjwQWau5mVRGuVkoqa7654VXc',max_age=10)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/lib/python2.7/site-packages/itsdangerous.py", line 643, in loads
    .unsign(s, max_age, return_timestamp=True)
  File "/usr/local/lib/python2.7/site-packages/itsdangerous.py", line 463, in unsign
    date_signed=self.timestamp_to_datetime(timestamp))
itsdangerous.SignatureExpired: Signature age 28 > 10 seconds
>>> s.loads('[1, 2, 3, 4].DI7WHQ.yVOjwQWau5mVRGuVkoqa7654VXc',max_age=40)
[1, 2, 3, 4]

https://blog.csdn.net/qq_36474164/article/details/89156034

官方文档:

from itsdangerous import Signer

# 1.简单使用
s = Signer('secret-key')
s.sign('my string') # 'my string.wh6tMHxLgJqB6oY1uT73iMlyrOA

s.unsign('my string.wh6tMHxLgJqB6oY1uT73iMlyrOA')  # my string

# 如果串改了字符串,则会报错,将最后一个大写的A换成小写a
s.unsign('my string.wh6tMHxLgJqB6oY1uT73iMlyrOa')  # my string

# 2.使用过期时间
from itsdangerous import TimestampSigner
s = TimestampSigner('secret-key')
string = s.sign('foo')
s.unsign(string, max_age=5)


# 3.序列化
from itsdangerous import Serializer
s = Serializer('secret-key')
s.dumps([1, 2, 3, 4])
s.loads('[1, 2, 3, 4].r7R9RhGgDPvvWl3iNzLuIIfELmo')


# 4.连接安全序列化
from itsdangerous import URLSafeSerializer
s = URLSafeSerializer('secret-key')
s.dumps([1, 2, 3, 4])
s.loads('WzEsMiwzLDRd.wSPHqC0gR7VUqivlSukJ0IeTDgo')


# 5.jws
from itsdangerous import JSONWebSignatureSerializer
s = JSONWebSignatureSerializer('secret-key')
s.dumps({'x': 42})

##
s.dumps(0, header_fields={'v': 1})


# 6.盐

s1 = URLSafeSerializer('secret-key', salt='activate-salt')
s1.dumps(42)

s2 = URLSafeSerializer('secret-key', salt='upgrade-salt')
s2.dumps(42)

s2.loads(s1.dumps(42))



# 7.失败






# 8.应用
import itsdangerous
from itsdangerous import SignatureExpired, BadSignature

# 设置签名
signer = '123'
ts = itsdangerous.TimedJSONWebSignatureSerializer(signer, expires_in=30)
token = ts.dumps({'wang': '123'}).decode()  # 加密生成token
# eyJhbGciOiJIUzI1NiIsImlhdCI6MTU3NTAxMzkyMSwiZXhwIjoxNTc1MDEzOTUxfQ.eyJ3YW5nIjoiMTIzIn0.pr8sKywKKZA-snUVuWkxwG3bIvG9xKNdRhsK1YIY3lo

# 解密部分/如果超过过期时间则会报SignatureExpired错误/值有误会报BadSignature错误
try:
    ret = ts.loads(token)
    print(ret)
except SignatureExpired as e:
    print('超时')
except BadSignature as e:
    print('token有误')


"""
https://pythonhosted.org/itsdangerous/
"""

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值