Python itsdangerous.URLSafeTimedSerializer() Examples
The following are 30
code examples of itsdangerous.URLSafeTimedSerializer().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
itsdangerous
, or try the search function
.
.
Example #1
| Source File: views.py From flask-app-blueprint with MIT License | 7 votes |
|
def send_password_reset_email(user_email):
password_reset_serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
password_reset_url = url_for(
'users.reset_with_token',
token=password_reset_serializer.dumps(user_email, salt='password-reset-salt'),
_external=True)
html = render_template(
'email_password_reset.html',
password_reset_url=password_reset_url)
send_email('Password Reset Requested', [user_email], html)
# ROUTES
Example #2
| Source File: email_confirmation.py From daimaduan.com with BSD 3-Clause "New" or "Revised" License | 6 votes |
|
def validate_token(config, token, expire_time=3600):
"""from token and expire_time to confirm user's email"""
serializer = URLSafeTimedSerializer(config['SECRET_KEY'])
try:
confirmed_email = serializer.loads(token, max_age=expire_time, salt=config['EMAIL']['salt'])
except Exception:
return False
return confirmed_email
Example #3
| Source File: core.py From flask-security with MIT License | 6 votes |
|
def _get_serializer(app, name):
secret_key = app.config.get("SECRET_KEY")
salt = app.config.get("SECURITY_%s_SALT" % name.upper())
return URLSafeTimedSerializer(secret_key=secret_key, salt=salt)
Example #4
| Source File: test_utils.py From flask-security with MIT License | 6 votes |
|
def get_session(response):
""" Return session cookie contents.
This a base64 encoded json.
Returns a dict
"""
# Alas seems like if there are multiple set-cookie headers - we are on our own
for index, h in enumerate(response.headers):
if h[0] == "Set-Cookie":
cookie = parse_cookie(response.headers[index][1])
encoded_cookie = cookie.get("session", None)
if encoded_cookie:
serializer = URLSafeTimedSerializer(
"secret", serializer=TaggedJSONSerializer()
)
val = serializer.loads_unsafe(encoded_cookie)
return val[1]
Example #5
| Source File: session.py From Flask-Unsign with MIT License | 6 votes |
|
def get_serializer(secret: str, legacy: bool, salt: str) -> URLSafeTimedSerializer:
"""
Get a (cached) serializer instance
:param secret: Secret key
:param salt: Salt
:param legacy: Should the legacy timestamp generator be used?
:return: Flask session serializer
"""
if legacy:
signer = LegacyTimestampSigner
else:
signer = TimestampSigner
return URLSafeTimedSerializer(
secret_key=secret,
salt=salt,
serializer=TaggedJSONSerializer(),
signer=signer,
signer_kwargs={
'key_derivation': 'hmac',
'digest_method': hashlib.sha1})
Example #6
| Source File: token.py From infosec_mentors_project with GNU General Public License v3.0 | 5 votes |
|
def confirm_request(token, expiration=259200):
serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
try:
email = serializer.loads(token, salt = app.config['PASSWORD_SALT'], max_age = expiration)
except:
return False
return email
Example #7
| Source File: sessions.py From data with GNU General Public License v3.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #8
| Source File: server.py From yats with MIT License | 5 votes |
|
def success(self):
self.token.user = self.request.user
self.token.save()
serializer = URLSafeTimedSerializer(self.token.consumer.private_key)
parse_result = urlparse(self.token.redirect_to)
query_dict = QueryDict(parse_result.query, mutable=True)
query_dict['access_token'] = serializer.dumps(self.token.access_token)
url = urlunparse((parse_result.scheme, parse_result.netloc, parse_result.path, '', query_dict.urlencode(), ''))
return HttpResponseRedirect(url)
Example #9
| Source File: client.py From yats with MIT License | 5 votes |
|
def get(self, request):
raw_access_token = request.GET['access_token']
access_token = URLSafeTimedSerializer(self.client.private_key).loads(raw_access_token)
user = self.client.get_user(access_token)
user.backend = self.client.backend
login(request, user)
next = self.get_next()
return HttpResponseRedirect(next)
Example #10
| Source File: sessions.py From Flask with Apache License 2.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #11
| Source File: sessions.py From Flask with Apache License 2.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #12
| Source File: token.py From flask-registration with MIT License | 5 votes |
|
def confirm_token(token, expiration=3600):
serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
try:
email = serializer.loads(
token,
salt=app.config['SECURITY_PASSWORD_SALT'],
max_age=expiration
)
except:
return False
return email
Example #13
| Source File: token.py From flask-registration with MIT License | 5 votes |
|
def generate_confirmation_token(email):
serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
return serializer.dumps(email, salt=app.config['SECURITY_PASSWORD_SALT'])
Example #14
| Source File: sessions.py From android_universal with MIT License | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #15
| Source File: session.py From conifer with Apache License 2.0 | 5 votes |
|
def signed_cookie_to_id(self, sesh_cookie):
serial = URLSafeTimedSerializer(self.secret_key)
try:
return serial.loads(sesh_cookie)
except BadSignature as b:
return None
Example #16
| Source File: sessions.py From data with GNU General Public License v3.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #17
| Source File: sessions.py From data with GNU General Public License v3.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #18
| Source File: sessions.py From data with GNU General Public License v3.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #19
| Source File: local.py From cloudstorage with MIT License | 5 votes |
|
def _make_serializer(self) -> itsdangerous.URLSafeTimedSerializer:
"""Returns URL Safe Timed Serializer for signing payloads.
:return: Serializer for dumping and loading into a URL safe string.
:rtype: :class:`itsdangerous.URLSafeTimedSerializer`
"""
# TODO: Throw exception if secret / salt not set.
return itsdangerous.URLSafeTimedSerializer(
secret_key=self.secret,
salt=self.salt,
signer_kwargs={"key_derivation": "hmac", "digest_method": "SHA1"},
)
Example #20
| Source File: EmailToken.py From website with MIT License | 5 votes |
|
def remove_validate_token(self, token):
serializer = utsr(self.security_key)
print(serializer.loads(token, salt=self.salt))
return serializer.loads(token, salt=self.salt)
Example #21
| Source File: EmailToken.py From website with MIT License | 5 votes |
|
def confirm_validate_token(self, token, expiration=3600):
serializer = utsr(self.security_key)
return serializer.loads(token, salt=self.salt, max_age=expiration)
Example #22
| Source File: EmailToken.py From website with MIT License | 5 votes |
|
def generate_validate_token(self, username):
serializer = utsr(self.security_key)
return serializer.dumps(username, self.salt)
Example #23
| Source File: sessions.py From appengine-try-python-flask with Apache License 2.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #24
| Source File: token.py From runbook with Apache License 2.0 | 5 votes |
|
def confirm_token(token, expiration=3600):
'''
Given a token and expiration (in seconds),
as long as it has not expired an email will be returned.
'''
serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
try:
user_info = serializer.loads(
token,
salt=app.config['SECURITY_PASSWORD_SALT'],
max_age=expiration
)
except:
return False
return user_info
Example #25
| Source File: token.py From runbook with Apache License 2.0 | 5 votes |
|
def generate_confirmation_token(email, user_id, timestamp):
'''
Given a user email address, create a unique token.
'''
serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
return serializer.dumps(
[email, user_id, timestamp],
salt=app.config['SECURITY_PASSWORD_SALT']
)
Example #26
| Source File: sessions.py From arithmancer with Apache License 2.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #27
| Source File: sessions.py From syntheticmass with Apache License 2.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #28
| Source File: sessions.py From cloud-playground with Apache License 2.0 | 5 votes |
|
def get_signing_serializer(self, app):
if not app.secret_key:
return None
signer_kwargs = dict(
key_derivation=self.key_derivation,
digest_method=self.digest_method
)
return URLSafeTimedSerializer(app.secret_key, salt=self.salt,
serializer=self.serializer,
signer_kwargs=signer_kwargs)
Example #29
| Source File: views.py From flask-app-blueprint with MIT License | 5 votes |
|
def reset_with_token(token):
try:
password_reset_serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
email = password_reset_serializer.loads(token, salt='password-reset-salt', max_age=3600)
except:
message = Markup(
"The password reset link is invalid or has expired.")
flash(message, 'danger')
return redirect(url_for('users.login'))
form = PasswordForm()
if form.validate_on_submit():
try:
user = User.query.filter_by(email=email).first_or_404()
except:
message = Markup(
"Invalid email address!")
flash(message, 'danger')
return redirect(url_for('users.login'))
user.password = form.password.data
db.session.add(user)
db.session.commit()
message = Markup(
"Your password has been updated!")
flash(message, 'success')
return redirect(url_for('users.login'))
return render_template('reset_password_with_token.html', form=form, token=token)
Example #30
| Source File: views.py From flask-app-blueprint with MIT License | 5 votes |
|
def confirm_email(token):
try:
confirm_serializer = URLSafeTimedSerializer(app.config['SECRET_KEY'])
email = confirm_serializer.loads(token, salt='email-confirmation-salt', max_age=3600)
except:
message = Markup(
"The confirmation link is invalid or has expired.")
flash(message, 'danger')
return redirect(url_for('users.login'))
user = User.query.filter_by(email=email).first()
if user.email_confirmed:
message = Markup(
"Account already confirmed. Please login.")
flash(message, 'info')
else:
user.email_confirmed = True
user.email_confirmed_on = datetime.now()
db.session.add(user)
db.session.commit()
message = Markup(
"Thank you for confirming your email address!")
flash(message, 'success')
return redirect(url_for('home'))
