Python itsdangerous 模块，URLSafeSerializer() 实例源码

def sign_url_safe(data, secret_key, expires_in=None, salt=None, **kw):
    """
    To sign url safe data.
    If expires_in is provided it will Time the signature
    :param data: (mixed) the data to sign
    :param secret_key: (string) the secret key
    :param expires_in: (int) in minutes. Time to expire
    :param salt: (string) a namespace key
    :param kw: kwargs for itsdangerous.URLSafeSerializer
    :return:
    """
    if expires_in:
        expires_in *= 60
        s = URLSafeTimedSerializer2(secret_key=secret_key,
                                    expires_in=expires_in,
                                    salt=salt,
                                    **kw)
    else:
        s = itsdangerous.URLSafeSerializer(secret_key=secret_key,
                                           salt=salt,
                                           **kw)
    return s.dumps(data)

def unsign_url_safe(token, secret_key, salt=None, **kw):
    """
    To sign url safe data.
    If expires_in is provided it will Time the signature
    :param token:
    :param secret_key:
    :param salt: (string) a namespace key
    :param kw:
    :return:
    """
    if len(token.split(".")) == 3:
        s = URLSafeTimedSerializer2(secret_key=secret_key, salt=salt, **kw)
        value, timestamp = s.loads(token, max_age=None, return_timestamp=True)
        now = datetime.datetime.utcnow()
        if timestamp > now:
            return value
        else:
            raise itsdangerous.SignatureExpired(
                'Signature age %s < %s ' % (timestamp, now),
                payload=value,
                date_signed=timestamp)
    else:
        s = itsdangerous.URLSafeSerializer(secret_key=secret_key, salt=salt, **kw)
        return s.loads(token)

def session_encode(string_input):
    data = (random_word(16)+"."+string_input+"."+random_word(16))
    s = urlsafe('generate:openedoo')
    b = s.dumps(data)
    return b

def session_decode(string_input):
    s = urlsafe('generate:openedoo')
    data = s.loads(string_input)
    words = data.split(".")
    return words[1]

def dumps_data(data):
    s = URLSafeSerializer(SECRET_KEY)
    return s.dumps(data)

def loads_data(data):
    s = URLSafeSerializer(SECRET_KEY)
    return s.loads(data)

def __init__(self, app):
        self.serializer = URLSafeSerializer(app.config['SECRET_KEY'])
        self.salt = app.config['SECRET_SALT']

def sign_auth_path(next_path):
    """returns a URL-safe signed next_path"""
    # next_path must start with a /
    if not next_path.startswith('/'):
        abort(503)
    # sign the next_path
    notary = itsdangerous.URLSafeSerializer(app.secret_key)
    next_path_signed = notary.dumps(next_path)
    return url_for('authenticate', next=next_path_signed)

def unsign_auth_path(path_signed):
    """returns the path from a signed/sealed next_path"""
    notary = itsdangerous.URLSafeSerializer(app.secret_key)
    next_path_unsigned = notary.loads(path_signed)
    return next_path_unsigned

def get_serializer(secret_key=None):
    if secret_key is None:
        secret_key = current_app.secret_key
    return URLSafeSerializer(secret_key)

def sign_auth_path(next_path):
    """returns a URL-safe signed next_path"""
    # next_path must start with a /
    if not next_path.startswith('/'):
        abort(503)
    # sign the next_path
    notary = itsdangerous.URLSafeSerializer(app.secret_key)
    next_path_signed = notary.dumps(next_path)
    return url_for('authenticate', next=next_path_signed)

def unsign_auth_path(path_signed):
    """returns the path from a signed/sealed next_path"""
    notary = itsdangerous.URLSafeSerializer(app.secret_key)
    next_path_unsigned = notary.loads(path_signed)
    return next_path_unsigned

def get_activation_link(user_id):
    s = URLSafeSerializer(current_app.secret_key)
    payload = s.dumps(user_id)
    return url_for('activate_user', payload=payload, _external=True)

def query_signer():
    return itsdangerous.URLSafeSerializer(current_app.config['SECRET_KEY'], salt='fdt-sql-query')

def get_serializer(secret_key=None):
    if secret_key is None:
        secret_key = app.secret_key
    return URLSafeSerializer(secret_key)

def query_signer():
    return itsdangerous.URLSafeSerializer(current_app.config['SECRET_KEY'],
                                          salt='fdt-sql-query')

def main():
    abspath = os.path.abspath(__file__)
    dname = os.path.dirname(abspath)
    os.chdir(dname)

    action = sys.argv[1]
    secret_key = sys.argv[2]

    if action == "generate":
        filename = sys.argv[3]
        basename = filename.split(".")[-2]
        extension = filename.split(".")[-1]
        digest = hashlib.sha512(secret_key + basename).hexdigest()
        des = URLSafeSerializer(digest)
        credentials = {'filename': filename.encode("base64"),
                       'ext': extension,
                       'length': len(filename),
                       'signature': digest}
        print des.dumps(credentials, salt="donttread")
        return

    signed_serial = sys.argv[3]

    result = URLSafeSerializer("").loads_unsafe(signed_serial)

    img = "snek.jpg"

    try:
        if result[1]:
            signature = result[1]['signature']
            extension = result[1]['ext']
            filename  = result[1]['filename'].decode("base64")
            length    = result[1]['length']
            if len(filename) == length and len(extension) == 3:
                basename = filename.split(".")[-2]
                digest = hashlib.sha512(secret_key + splitext(filename)[0]).hexdigest()
                if digest == signature:
                    des = URLSafeSerializer(digest)
                    des.loads(signed_serial, salt="donttread")
                    img = "%s.%s" % (basename, extension)
    except:
        pass

    proc = subprocess.Popen(["./read_file", img], stdout=subprocess.PIPE)
    imgo = proc.stdout.read().encode("base64").replace("\n", "")
    output = '<img src="data:image/png;base64,%s" alt="i am %s" />' % (imgo, img)
    print output