diff options
| author | Elrond <elrond+mediagoblin.org@samba-tng.org> | 2013-03-22 19:09:19 +0100 | 
|---|---|---|
| committer | Elrond <elrond+mediagoblin.org@samba-tng.org> | 2013-03-22 19:09:19 +0100 | 
| commit | 5a8aae3abac43fdebe6818330ad3c5d951de42b9 (patch) | |
| tree | 608a8f4b8d43d3dec4cc151aefb3d322b5a44b4d | |
| parent | 5907154a593bf5fc02c1e0fbc8afe683ac7d3602 (diff) | |
| download | mediagoblin-5a8aae3abac43fdebe6818330ad3c5d951de42b9.tar.lz mediagoblin-5a8aae3abac43fdebe6818330ad3c5d951de42b9.tar.xz mediagoblin-5a8aae3abac43fdebe6818330ad3c5d951de42b9.zip | |
Docs for get_timed_signer_url.
| -rw-r--r-- | mediagoblin/tools/crypto.py | 26 | 
1 files changed, 26 insertions, 0 deletions
| diff --git a/mediagoblin/tools/crypto.py b/mediagoblin/tools/crypto.py index 46752b55..3294f135 100644 --- a/mediagoblin/tools/crypto.py +++ b/mediagoblin/tools/crypto.py @@ -50,6 +50,32 @@ def setup_crypto():  def get_timed_signer_url(namespace): +    """ +    This gives a basic signing/verifying object. + +    The namespace makes sure signed tokens can't be used in +    a different area. Like using a forgot-password-token as +    a session cookie. + +    Basic usage: + +    .. code-block:: python + +       _signer = None +       TOKEN_VALID_DAYS = 10 +       def setup(): +           global _signer +           _signer = get_timed_signer_url("session cookie") +       def create_token(obj): +           return _signer.dumps(obj) +       def parse_token(token): +           # This might raise an exception in case +           # of an invalid token, or an expired token. +           return _signer.loads(token, max_age=TOKEN_VALID_DAYS*24*3600) + +    For more details see +    http://pythonhosted.org/itsdangerous/#itsdangerous.URLSafeTimedSerializer +    """      assert __itsda_secret is not None      return itsdangerous.URLSafeTimedSerializer(__itsda_secret,           salt=namespace) | 
