当前位置: 首页>>代码示例>>Python>>正文


Python crypto.salted_hmac方法代码示例

本文整理汇总了Python中django.utils.crypto.salted_hmac方法的典型用法代码示例。如果您正苦于以下问题:Python crypto.salted_hmac方法的具体用法?Python crypto.salted_hmac怎么用?Python crypto.salted_hmac使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在django.utils.crypto的用法示例。


在下文中一共展示了crypto.salted_hmac方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: _make_token_with_timestamp

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def _make_token_with_timestamp(self, user, timestamp):
        # timestamp is number of days since 2001-1-1.  Converted to
        # base 36, this gives us a 3 digit string until about 2121
        ts_b36 = int_to_base36(timestamp)

        # By hashing on the internal state of the user and using state
        # that is sure to change (the password salt will change as soon as
        # the password is set, at least for current Django auth, and
        # last_login will also change), we produce a hash that will be
        # invalid as soon as it is used.
        # We limit the hash to 20 chars to keep URL short
        key_salt = "django.contrib.auth.tokens.PasswordResetTokenGenerator"

        # Ensure results are consistent across DB backends
        login_timestamp = '' if user.last_login is None else user.last_login.replace(microsecond=0, tzinfo=None)

        value = (six.text_type(user.pk) + user.password +
                six.text_type(login_timestamp) + six.text_type(timestamp))
        hash = salted_hmac(key_salt, value).hexdigest()[::2]
        return "%s-%s" % (ts_b36, hash) 
开发者ID:lanbing510,项目名称:GTDWeb,代码行数:22,代码来源:tokens.py

示例2: _make_token_with_timestamp

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def _make_token_with_timestamp(self, user, timestamp):
        # timestamp is number of days since 2001-1-1.  Converted to
        # base 36, this gives us a 3 digit string until about 2121
        ts_b36 = int_to_base36(timestamp)

        # By hashing on the internal state of the user and using state
        # that is sure to change (the password salt will change as soon as
        # the password is set, at least for current Django auth, and
        # last_login will also change), we produce a hash that will be
        # invalid as soon as it is used.
        # We limit the hash to 20 chars to keep URL short

        hash = salted_hmac(
            self.key_salt,
            self._make_hash_value(user, timestamp),
            secret=self.secret,
        ).hexdigest()[::2]
        return "%s-%s" % (ts_b36, hash) 
开发者ID:reBiocoder,项目名称:bioforum,代码行数:20,代码来源:tokens.py

示例3: _make_token_with_timestamp

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def _make_token_with_timestamp(self, user, timestamp):
        # timestamp is number of days since 2001-1-1.  Converted to
        # base 36, this gives us a 3 digit string until about 2121
        ts_b36 = int_to_base36(timestamp)

        # By hashing on the internal state of the user and using state
        # that is sure to change (the password salt will change as soon as
        # the password is set, at least for current Django auth, and
        # last_login will also change), we produce a hash that will be
        # invalid as soon as it is used.
        # We limit the hash to 20 chars to keep URL short
        key_salt = "django.contrib.auth.tokens.PasswordResetTokenGenerator"

        # Ensure results are consistent across DB backends
        if user.date_updated:
            login_timestamp = user.date_updated.replace(microsecond=0, tzinfo=None)
        elif user.last_login:
            login_timestamp = user.last_login.replace(microsecond=0, tzinfo=None)
        else:
            login_timestamp = user.date_joined.replace(microsecond=0, tzinfo=None)

        value = (six.text_type(user.pk) + user.password +
                 six.text_type(login_timestamp) + six.text_type(timestamp))
        hash = salted_hmac(key_salt, value).hexdigest()[::2]
        return "%s-%s" % (ts_b36, hash) 
开发者ID:restran,项目名称:fomalhaut-panel,代码行数:27,代码来源:tokens.py

示例4: send_sender_confirmation

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def send_sender_confirmation(self, use_https, domain):
        stripped_email = strip_email(self.sender_email)
        if BlacklistedEmail.objects.filter(stripped_email=stripped_email).count():
            return

        blacklist_digest = salted_hmac(BLACKLIST_HMAC_SALT, self.sender_email).hexdigest()
        blacklist_url = reverse('messaging:blacklist_email', kwargs={'email': self.sender_email, 'digest': blacklist_digest})
        self.sender_email_token = readable_random_token(alphanumeric=True)
        context = {
            'message': self,
            'protocol': 'https' if use_https else 'http',
            'domain': domain,
            'recipient': self.sender_email,
            'blacklist_url': blacklist_url,
        }
        subject = render_to_string('messaging/sender_confirmation_subject.txt', context)
        subject = ' '.join(subject.splitlines())
        body_txt = render_to_string('messaging/sender_confirmation_mail.txt', context)
        body_html = render_to_string('messaging/sender_confirmation_mail.html', context)
        send_html_mail(subject, body_txt, body_html, self.sender_email)
        self.save() 
开发者ID:happinesspackets,项目名称:happinesspackets,代码行数:23,代码来源:models.py

示例5: send_to_recipient

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def send_to_recipient(self, use_https, domain):
        stripped_email = strip_email(self.recipient_email)
        if BlacklistedEmail.objects.filter(stripped_email=stripped_email).count():
            return

        blacklist_digest = salted_hmac(BLACKLIST_HMAC_SALT, self.recipient_email).hexdigest()
        blacklist_url = reverse('messaging:blacklist_email', kwargs={'email': self.recipient_email, 'digest': blacklist_digest})
        self.recipient_email_token = readable_random_token(alphanumeric=True)
        self.status = Message.STATUS.sent
        context = {
            'message': self,
            'protocol': 'https' if use_https else 'http',
            'domain': domain,
            'recipient': self.recipient_email,
            'blacklist_url': blacklist_url,
        }
        subject = render_to_string('messaging/recipient_subject.txt', context)
        subject = ' '.join(subject.splitlines())
        body_txt = render_to_string('messaging/recipient_mail.txt', context)
        body_html = render_to_string('messaging/recipient_mail.html', context)
        send_html_mail(subject, body_txt, body_html, self.recipient_email)
        self.save() 
开发者ID:happinesspackets,项目名称:happinesspackets,代码行数:24,代码来源:models.py

示例6: _make_hash_value

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def _make_hash_value(self, user, timestamp):
        """
        Hash the user's primary key and some user state that's sure to change
        after a password reset to produce a token that invalidated when it's
        used:
        1. The password field will change upon a password reset (even if the
           same password is chosen, due to password salting).
        2. The last_login field will usually be updated very shortly after
           a password reset.
        Failing those things, settings.PASSWORD_RESET_TIMEOUT_DAYS eventually
        invalidates the token.

        Running this data through salted_hmac() prevents password cracking
        attempts using the reset token, provided the secret isn't compromised.
        """
        # Truncate microseconds so that tokens are consistent even if the
        # database doesn't support microseconds.
        login_timestamp = '' if user.last_login is None else user.last_login.replace(microsecond=0, tzinfo=None)
        return str(user.pk) + user.password + str(login_timestamp) + str(timestamp) 
开发者ID:PacktPublishing,项目名称:Hands-On-Application-Development-with-PyCharm,代码行数:21,代码来源:tokens.py

示例7: _make_token_with_timestamp

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def _make_token_with_timestamp(self, user, timestamp):
        # timestamp is number of days since 2001-1-1.  Converted to
        # base 36, this gives us a 3 digit string until about 2121
        ts_b36 = int_to_base36(timestamp)

        # By hashing on the internal state of the user and using state
        # that is sure to change (the password salt will change as soon as
        # the password is set, at least for current Django auth, and
        # last_login will also change), we produce a hash that will be
        # invalid as soon as it is used.
        # We limit the hash to 20 chars to keep URL short

        hash = salted_hmac(
            self.key_salt,
            self._make_hash_value(user, timestamp),
        ).hexdigest()[::2]
        return "%s-%s" % (ts_b36, hash) 
开发者ID:drexly,项目名称:openhgsenti,代码行数:19,代码来源:tokens.py

示例8: _hash

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def _hash(self, value):
        """
        Creates an HMAC/SHA1 hash based on the value and the project setting's
        SECRET_KEY, modified to make it unique for the present purpose.
        """
        key_salt = 'django.contrib.messages'
        return salted_hmac(key_salt, value).hexdigest() 
开发者ID:lanbing510,项目名称:GTDWeb,代码行数:9,代码来源:cookie.py

示例9: get_session_auth_hash

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def get_session_auth_hash(self):
        """
        Returns an HMAC of the password field.
        """
        key_salt = "django.contrib.auth.models.AbstractBaseUser.get_session_auth_hash"
        return salted_hmac(key_salt, self.password).hexdigest()


# A few helper functions for common logic between User and AnonymousUser. 
开发者ID:lanbing510,项目名称:GTDWeb,代码行数:11,代码来源:models.py

示例10: base64_hmac

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def base64_hmac(salt, value, key):
    return b64_encode(salted_hmac(salt, value, key).digest()) 
开发者ID:lanbing510,项目名称:GTDWeb,代码行数:4,代码来源:signing.py

示例11: get_dispatch_hash

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def get_dispatch_hash(cls, dispatch_id: int, message_id: int) -> str:
        """Returns a hash string for validation purposes.

        :param dispatch_id:
        :param message_id:

        """
        return salted_hmac('%s' % dispatch_id, '%s|%s' % (message_id, dispatch_id)).hexdigest() 
开发者ID:idlesign,项目名称:django-sitemessage,代码行数:10,代码来源:base.py

示例12: _hash

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def _hash(self, value):
        """
        Create an HMAC/SHA1 hash based on the value and the project setting's
        SECRET_KEY, modified to make it unique for the present purpose.
        """
        key_salt = 'django.contrib.messages'
        return salted_hmac(key_salt, value).hexdigest() 
开发者ID:reBiocoder,项目名称:bioforum,代码行数:9,代码来源:cookie.py

示例13: get_session_auth_hash

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def get_session_auth_hash(self):
        """
        Return an HMAC of the password field.
        """
        key_salt = "django.contrib.auth.models.AbstractBaseUser.get_session_auth_hash"
        return salted_hmac(key_salt, self.password).hexdigest() 
开发者ID:reBiocoder,项目名称:bioforum,代码行数:8,代码来源:base_user.py

示例14: _make_token_with_timestamp

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def _make_token_with_timestamp(self, user, timestamp):

        ts_b36 = int_to_base36(timestamp)
        key_salt = 'users.utils.EmailActivationTokenGenerator'
        login_timestamp = '' if user.last_login is None else \
            user.last_login.replace(microsecond=0, tzinfo=None)
        value = (six.text_type(user.pk) + six.text_type(user.email) +
                 six.text_type(login_timestamp) + six.text_type(timestamp))
        hash = salted_hmac(key_salt, value).hexdigest()[::2]
        return '%s-%s' % (ts_b36, hash) 
开发者ID:mishbahr,项目名称:django-users2,代码行数:12,代码来源:utils.py

示例15: get_zoom_sid

# 需要导入模块: from django.utils import crypto [as 别名]
# 或者: from django.utils.crypto import salted_hmac [as 别名]
def get_zoom_sid(request: HttpRequest) -> str:
    # This is used to prevent CSRF attacks on the Zoom OAuth
    # authentication flow.  We want this value to be unpredictable and
    # tied to the session, but we don’t want to expose the main CSRF
    # token directly to the Zoom server.

    csrf.get_token(request)
    # Use 'mark_sanitized' to cause Pysa to ignore the flow of user controlled
    # data out of this function. 'request.META' is indeed user controlled, but
    # post-HMAC ouptut is no longer meaningfully controllable.
    return mark_sanitized(
        ""
        if getattr(request, "_dont_enforce_csrf_checks", False)
        else salted_hmac("Zulip Zoom sid", request.META["CSRF_COOKIE"]).hexdigest()
    ) 
开发者ID:zulip,项目名称:zulip,代码行数:17,代码来源:video_calls.py


注:本文中的django.utils.crypto.salted_hmac方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。