当前位置: 首页>>代码示例>>Python>>正文


Python itsdangerous.BadData方法代码示例

本文整理汇总了Python中itsdangerous.BadData方法的典型用法代码示例。如果您正苦于以下问题:Python itsdangerous.BadData方法的具体用法?Python itsdangerous.BadData怎么用?Python itsdangerous.BadData使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在itsdangerous的用法示例。


在下文中一共展示了itsdangerous.BadData方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: str_to_claims

# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def str_to_claims(token_str):
    try:
        claims = current_app.tokenauth_serializer.loads(token_str)
    except BadData:
        logger.warning("Got invalid signature in token %r", token_str)
        return None
    except Exception:
        logger.exception("Error processing signature in token %r", token_str)
        return None

    # convert v1 to ra2
    if claims.get('v') == 1:
        return {'iss': 'ra2', 'typ': 'prm', 'jti': 't%d' % claims['id']}

    if claims.get('iss') != TOKENAUTH_ISSUER:
        return None

    return claims 
开发者ID:mozilla,项目名称:build-relengapi,代码行数:20,代码来源:tokenstr.py

示例2: validate_invitation_token

# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def validate_invitation_token(invitation_type, token):

    max_age_seconds = 60 * 60 * 24 * current_app.config['INVITATION_EXPIRATION_DAYS']

    try:
        invited_user_id = check_token(token,
                                      current_app.config['SECRET_KEY'],
                                      current_app.config['DANGEROUS_SALT'],
                                      max_age_seconds)
    except SignatureExpired:
        errors = {'invitation':
                  ['Your invitation to GOV.UK Notify has expired. '
                   'Please ask the person that invited you to send you another one']}
        raise InvalidRequest(errors, status_code=400)
    except BadData:
        errors = {'invitation': 'Something’s wrong with this link. Make sure you’ve copied the whole thing.'}
        raise InvalidRequest(errors, status_code=400)

    if invitation_type == 'service':
        invited_user = get_invited_user_by_id(invited_user_id)
        return jsonify(data=invited_user_schema.dump(invited_user).data), 200
    elif invitation_type == 'organisation':
        invited_user = dao_get_invited_organisation_user(invited_user_id)
        return jsonify(data=invited_user.serialize()), 200
    else:
        raise InvalidRequest("Unrecognised invitation type: {}".format(invitation_type)) 
开发者ID:alphagov,项目名称:notifications-api,代码行数:28,代码来源:rest.py

示例3: verify_weixin_state

# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def verify_weixin_state(self):
        state = self.get_weixin_state()
        try:
            serializer = URLSafeTimedSerializer(settings.SECRET_KEY)
            return serializer.loads(state) == self.get_local_netloc()
        except BadData:
            return False 
开发者ID:forcemain,项目名称:notes,代码行数:9,代码来源:weixin_user.py

示例4: session

# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def session(callback):
    cookie_name = 'session'
    serializer = URLSafeSerializer(conf['SECRET'])

    def inner(*args, **kwargs):
        data_raw = data = request.get_cookie(cookie_name)
        if data_raw:
            try:
                data = serializer.loads(data_raw)
            except (BadSignature, BadData):
                data = None

        if data:
            conf['USER'] = data['username']

        request.session = data or {}

        try:
            return callback(*args, **kwargs)
        finally:
            if request.session:
                save(request.session)
            elif not data_raw:
                pass
            else:
                response.delete_cookie(cookie_name)

    def save(session):
        cookie_opts = {
            # keep session for 3 days
            'max_age': 3600 * 24 * 3,

            # for security
            'httponly': True,
            'secure': request.headers.get('X-Forwarded-Proto') == 'https',
        }
        data = serializer.dumps(session)
        response.set_cookie(cookie_name, data, **cookie_opts)
    return inner 
开发者ID:naspeh,项目名称:mailur,代码行数:41,代码来源:web.py

示例5: check_signature

# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def check_signature():
    g.signer = TimedSerializer(current_app.config['rpc_signature'])
    try:
        g.signed = g.signer.loads(request.data)
    except BadData:
        abort(403) 
开发者ID:simplecrypto,项目名称:simplecoin_multi,代码行数:8,代码来源:rpc_views.py

示例6: loads

# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def loads(data):
        if data[:3] != 'FK:':
            raise BadData('Not a fake token')
        else:
            return json.loads(data[3:])

# sample tokens, both a function to insert, and a JSON representation of the
# corresponding result. 
开发者ID:mozilla,项目名称:build-relengapi,代码行数:10,代码来源:util.py

示例7: validate_csrf

# 需要导入模块: import itsdangerous [as 别名]
# 或者: from itsdangerous import BadData [as 别名]
def validate_csrf(data, secret_key=None, time_limit=None, token_key=None):
    """Check if the given data is a valid CSRF token. This compares the given
    signed token to the one stored in the session.

    :param data: The signed CSRF token to be checked.
    :param secret_key: Used to securely sign the token. Default is
        ``WTF_CSRF_SECRET_KEY`` or ``SECRET_KEY``.
    :param time_limit: Number of seconds that the token is valid. Default is
        ``WTF_CSRF_TIME_LIMIT`` or 3600 seconds (60 minutes).
    :param token_key: Key where token is stored in session for comparision.
        Default is ``WTF_CSRF_FIELD_NAME`` or ``'csrf_token'``.

    :raises ValidationError: Contains the reason that validation failed.

    .. versionchanged:: 0.14
        Raises ``ValidationError`` with a specific error message rather than
        returning ``True`` or ``False``.
    """

    secret_key = _get_config(
        secret_key, 'WTF_CSRF_SECRET_KEY', current_app.secret_key,
        message='A secret key is required to use CSRF.'
    )
    field_name = _get_config(
        token_key, 'WTF_CSRF_FIELD_NAME', 'csrf_token',
        message='A field name is required to use CSRF.'
    )
    time_limit = _get_config(
        time_limit, 'WTF_CSRF_TIME_LIMIT', 3600, required=False
    )

    if not data:
        raise ValidationError('The CSRF token is missing.')

    if field_name not in session:
        raise ValidationError('The CSRF session token is missing.')

    s = URLSafeTimedSerializer(secret_key, salt='wtf-csrf-token')

    try:
        token = s.loads(data, max_age=time_limit)
    except SignatureExpired:
        raise ValidationError('The CSRF token has expired.')
    except BadData:
        raise ValidationError('The CSRF token is invalid.')

    if not safe_str_cmp(session[field_name], token):
        raise ValidationError('The CSRF tokens do not match.') 
开发者ID:liantian-cn,项目名称:RSSNewsGAE,代码行数:50,代码来源:csrf.py


注:本文中的itsdangerous.BadData方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。