def check_signature(self, query): """ 验证消息真实性 :param query: url请求键值对 :return: bool """ assert self._token signature = query.get('signature','') timestamp = query.get('timestamp','') nonce = query.get('nonce','') tmp_list = [self._token, timestamp, nonce] tmp_list.sort() tmp_str = ''.join(tmp_list) return signature == Util.sha1(tmp_str)
def sign(cls, appid, jsapi_ticket, page_url): """ 对页面进行签名. 网页url, 不含#之后的部分(函数内会自动过滤) 返回{'appid':'', 'timestamp':123456789, 'nonce_str':'', 'signature':''} """ params = { 'noncestr': Util.generate_nonce(15), 'timestamp': Util.timestamp(), 'jsapi_ticket': jsapi_ticket, 'url': page_url.partition('#')[0], } string = '&'.join(['%s=%s' % (key.lower(), params[key]) for key in sorted(params.keys())]) signature = Util.sha1(string) return { 'appid': appid, 'timestamp': params['timestamp'], 'nonce_str': params['noncestr'], 'signature':signature }