使令牌生成器过期 return InvalidToken

Expire token generator return InvalidToken

我正在尝试创建过期令牌生成器。但是,当我使用 generate_token 然后在 get_token_value 中使用令牌时,我不断得到 cryptography.fernet.InvalidToken 我猜这是两个函数中编码的问题,但我不太清楚确定我缺少什么?

发电机

from datetime import datetime, timedelta

import cryptography
from cryptography.fernet import Fernet
from django.utils.http import urlsafe_base64_encode, urlsafe_base64_decode
from django.utils.encoding import force_bytes, force_text
class ExpiringTokenGenerator(object):
    FERNET_KEY = Fernet.generate_key()
    fernet = Fernet(FERNET_KEY)

    DATE_FORMAT = '%Y-%m-%d %H-%M-%S'
    EXPIRATION_DAYS = 1

    def _get_time(self):
        """Returns a string with the current UTC time"""
        return datetime.utcnow().strftime(self.DATE_FORMAT)

    def _parse_time(self, d):
        """Parses a string produced by _get_time and returns a datetime object"""
        return datetime.strptime(d, self.DATE_FORMAT)

    def generate_token(self, text):
        """Generates an encrypted token"""
        full_text = str(text) + '|' + self._get_time()
        token = self.fernet.encrypt(bytes(full_text, 'utf-8'))

        return token

    def get_token_value(self, token):
        """Gets a value from an encrypted token.
        Returns None if the token is invalid or has expired.
        """
        try:
            value = self.fernet.decrypt(bytes(token, 'utf-8'))
            separator_pos = value.rfind('|')

            text = value[: separator_pos]
            token_time = self._parse_time(value[separator_pos + 1: ])
            print(token_time)
            if token_time + timedelta(self.EXPIRATION_DAYS) < datetime.utcnow():
                return None

        except cryptography.fernet.InvalidToken:
            return None

        return text

    def is_valid_token(self, token):
        return self.get_token_value(token) != None


invoice_activation_token = ExpiringTokenGenerator()

如果您首先将 full_text 转换为字节会怎样?那行得通吗?

from datetime import datetime
from cryptography.fernet import Fernet

FERNET_KEY = Fernet.generate_key()
fernet = Fernet(FERNET_KEY)
get_time = datetime.utcnow().strftime('%Y-%m-%d %H-%M-%S')
text = 'abc'
full_text = bytes(str(text) + '|' + get_time, encoding='utf-8')
token = fernet.encrypt(full_text)
value = fernet.decrypt(token)

print('Token:', token)
print('Value:', value)

Returns:

Token: b'gAAAAABaIIPXtLrJ6YoJWUq9o9i5Q-1dCJ9Iae4mczFhHmW-UUQUKkgsPcm0MxzIJbBbIeziY3W-b2joT37kG-RxueEhwlx-x8n4B224thTWuebY1FfYXjI='
Value: b'abc|2017-11-30 22-19-03'