使令牌生成器过期 return InvalidToken
Expire token generator return InvalidToken
我正在尝试创建过期令牌生成器。但是,当我使用 generate_token
然后在 get_token_value
中使用令牌时,我不断得到 cryptography.fernet.InvalidToken
我猜这是两个函数中编码的问题,但我不太清楚确定我缺少什么?
发电机
from datetime import datetime, timedelta
import cryptography
from cryptography.fernet import Fernet
from django.utils.http import urlsafe_base64_encode, urlsafe_base64_decode
from django.utils.encoding import force_bytes, force_text
class ExpiringTokenGenerator(object):
FERNET_KEY = Fernet.generate_key()
fernet = Fernet(FERNET_KEY)
DATE_FORMAT = '%Y-%m-%d %H-%M-%S'
EXPIRATION_DAYS = 1
def _get_time(self):
"""Returns a string with the current UTC time"""
return datetime.utcnow().strftime(self.DATE_FORMAT)
def _parse_time(self, d):
"""Parses a string produced by _get_time and returns a datetime object"""
return datetime.strptime(d, self.DATE_FORMAT)
def generate_token(self, text):
"""Generates an encrypted token"""
full_text = str(text) + '|' + self._get_time()
token = self.fernet.encrypt(bytes(full_text, 'utf-8'))
return token
def get_token_value(self, token):
"""Gets a value from an encrypted token.
Returns None if the token is invalid or has expired.
"""
try:
value = self.fernet.decrypt(bytes(token, 'utf-8'))
separator_pos = value.rfind('|')
text = value[: separator_pos]
token_time = self._parse_time(value[separator_pos + 1: ])
print(token_time)
if token_time + timedelta(self.EXPIRATION_DAYS) < datetime.utcnow():
return None
except cryptography.fernet.InvalidToken:
return None
return text
def is_valid_token(self, token):
return self.get_token_value(token) != None
invoice_activation_token = ExpiringTokenGenerator()
如果您首先将 full_text
转换为字节会怎样?那行得通吗?
from datetime import datetime
from cryptography.fernet import Fernet
FERNET_KEY = Fernet.generate_key()
fernet = Fernet(FERNET_KEY)
get_time = datetime.utcnow().strftime('%Y-%m-%d %H-%M-%S')
text = 'abc'
full_text = bytes(str(text) + '|' + get_time, encoding='utf-8')
token = fernet.encrypt(full_text)
value = fernet.decrypt(token)
print('Token:', token)
print('Value:', value)
Returns:
Token: b'gAAAAABaIIPXtLrJ6YoJWUq9o9i5Q-1dCJ9Iae4mczFhHmW-UUQUKkgsPcm0MxzIJbBbIeziY3W-b2joT37kG-RxueEhwlx-x8n4B224thTWuebY1FfYXjI='
Value: b'abc|2017-11-30 22-19-03'
我正在尝试创建过期令牌生成器。但是,当我使用 generate_token
然后在 get_token_value
中使用令牌时,我不断得到 cryptography.fernet.InvalidToken
我猜这是两个函数中编码的问题,但我不太清楚确定我缺少什么?
发电机
from datetime import datetime, timedelta
import cryptography
from cryptography.fernet import Fernet
from django.utils.http import urlsafe_base64_encode, urlsafe_base64_decode
from django.utils.encoding import force_bytes, force_text
class ExpiringTokenGenerator(object):
FERNET_KEY = Fernet.generate_key()
fernet = Fernet(FERNET_KEY)
DATE_FORMAT = '%Y-%m-%d %H-%M-%S'
EXPIRATION_DAYS = 1
def _get_time(self):
"""Returns a string with the current UTC time"""
return datetime.utcnow().strftime(self.DATE_FORMAT)
def _parse_time(self, d):
"""Parses a string produced by _get_time and returns a datetime object"""
return datetime.strptime(d, self.DATE_FORMAT)
def generate_token(self, text):
"""Generates an encrypted token"""
full_text = str(text) + '|' + self._get_time()
token = self.fernet.encrypt(bytes(full_text, 'utf-8'))
return token
def get_token_value(self, token):
"""Gets a value from an encrypted token.
Returns None if the token is invalid or has expired.
"""
try:
value = self.fernet.decrypt(bytes(token, 'utf-8'))
separator_pos = value.rfind('|')
text = value[: separator_pos]
token_time = self._parse_time(value[separator_pos + 1: ])
print(token_time)
if token_time + timedelta(self.EXPIRATION_DAYS) < datetime.utcnow():
return None
except cryptography.fernet.InvalidToken:
return None
return text
def is_valid_token(self, token):
return self.get_token_value(token) != None
invoice_activation_token = ExpiringTokenGenerator()
如果您首先将 full_text
转换为字节会怎样?那行得通吗?
from datetime import datetime
from cryptography.fernet import Fernet
FERNET_KEY = Fernet.generate_key()
fernet = Fernet(FERNET_KEY)
get_time = datetime.utcnow().strftime('%Y-%m-%d %H-%M-%S')
text = 'abc'
full_text = bytes(str(text) + '|' + get_time, encoding='utf-8')
token = fernet.encrypt(full_text)
value = fernet.decrypt(token)
print('Token:', token)
print('Value:', value)
Returns:
Token: b'gAAAAABaIIPXtLrJ6YoJWUq9o9i5Q-1dCJ9Iae4mczFhHmW-UUQUKkgsPcm0MxzIJbBbIeziY3W-b2joT37kG-RxueEhwlx-x8n4B224thTWuebY1FfYXjI='
Value: b'abc|2017-11-30 22-19-03'