class TokenManager:
def __init__(self, aes_key, token_timeout):
self.crypto = AESCrypto(aes_key)
self.timeout = token_timeout
def create_token(self, uid):
rt = int(time.time())
token = self.crypto.encrypt('%d@%s' % (rt, uid))
redis.set('token:' + uid, token)
return token
def validate_token(self, token):
rt = int(time.time())
token_raw = self.crypto.decrypt(token)
if token_raw is None:
return False, None
try:
sp = token_raw.split('@')
tk_rt = int(sp[0])
tk_uid = sp[1]
active_token = redis.get('token:' + tk_uid)
if token != active_token:
return False, None
if tk_rt <= rt and (rt-tk_rt) <= self.timeout:
return True, tk_uid
else:
# token is outdated
return False, None
except Exception as e:
print('Validate token: %s' % e)
return False, None
@staticmethod
def clear_token(uid):
redis.delete('token:' + uid)
def __init__(self, aes_key, token_timeout):
self.crypto = AESCrypto(aes_key)
self.timeout = token_timeout
