def cookie2user(cookie_str):
'''
Parse cookie and load user if cookie is valid.
'''
if not cookie_str:
return None
try:
L = cookie_str.split('-')
if len(L) != 3:
return None
uid, expires, sha1 = L
if int(expires) < time.time():
return None
user = yield from User.find(uid)
local_auths = yield from LocalAuth.findAll('user_id=?',[uid])
local_auth = local_auths[0]
if user is None:
return None
s = '%s-%s-%s-%s' % (uid, local_auth.user_pwd, expires, _COOKIE_KEY)
if sha1 != hashlib.sha1(s.encode('utf-8')).hexdigest():
logging.info('invalid sha1')
return None
return user
except Exception as e:
logging.exception(e)
return None
