# 生成token def generate_token(key, expire=3600): # 自己设定一个key值 # 过期时间默认为一个小时,可以修该过期时间 ts_str = str(time.time() + expire) ts_byte = ts_str.encode("utf-8") sha1_tshexstr = hmac.new(key.encode("utf-8"),ts_byte,'sha1').hexdigest() token = ts_str+':'+sha1_tshexstr b64_token = base64.urlsafe_b64encode(token.encode("utf-8")) return b64_token.decode("utf-8") # 验证token def certify_token(key, token): # key 和 token都是字符串类型的 token_str = base64.urlsafe_b64decode(token).decode('utf-8') token_list = token_str.split(':') if len(token_list) != 2: return False ts_str = token_list[0] if float(ts_str) < time.time(): # token的过期时间判断 return False known_sha1_tsstr = token_list[1] sha1 = hmac.new(key.encode("utf-8"),ts_str.encode('utf-8'),'sha1') calc_sha1_tsstr = sha1.hexdigest() if calc_sha1_tsstr != known_sha1_tsstr: # token认证失败返回false return False # token 验证成功返回true return True
python2 token和验证
最新推荐文章于 2023-10-17 14:33:34 发布