itsdangerous

mattseh · Sep 12, 2013

Code:

In [13]: from itsdangerous import TimedJSONWebSignatureSerializer

In [14]: s = TimedJSONWebSignatureSerializer('secret-key')

In [15]: s.dumps(4)
Out[15]: 'eyJhbGciOiJIUzI1NiIsImV4cCI6MTM3ODk4Nzg2MCwiaWF0IjoxMzc4OTg0MjYwfQ.NA.u6eBnrbtEj-FQC9geOx-vCp-f5I_msIpB0sNLxhMA04'

In [16]: s.loads(_, max_age=86400)
Out[16]: 4

Will take in anything that could be turned into JSON. Pretty neat, no need to store tokens in a database.

link: itsdangerous — itsdangerous

Kiopa_Matt · Sep 12, 2013

Kinda like base64_encode(serialize($json_object)); ???

mattseh · Sep 12, 2013

Kiopa_Matt said:
Kinda like base64_encode(serialize($json_object)); ???

No. This signs it, using 'secret-key'. "loads" verifies the signature and makes sure the data is not too old (max age). This is for data a system would emit, then consume again, like a forgotten password token.

mattseh · Sep 12, 2013

...or maybe a time limited API key.

mattseh · Sep 12, 2013

Also, it may not be clear to non-python people, "_" is the output of the last command run in the REPL, in this case what "dumps" produced.

j0hnsmith · Sep 12, 2013

mattseh said:
Also, it may not be clear to non-python people, "_" is the output of the last command run in the REPL, in this case what "dumps" produced.

I didn't know that.

Search

Search

itsdangerous

mattseh

import this

Kiopa_Matt

Banned

mattseh

import this

mattseh

import this

mattseh

import this

j0hnsmith

Enlightened Member