Esempio n. 1
0
 def process_request(self, request):
     for name, signed_value in request.COOKIES.items():
         if name in UNSIGNED_COOKIES:
             continue
         try:
             signed_name, user_pk, value = signed.loads(signed_value, extra_key=SIGNED_COOKIE_SECRET)
             if user_pk != getattr(request.user, 'pk', None) or signed_name != name:
                 raise ValueError()
             request.COOKIES[name] = value
         except (signed.BadSignature, ValueError):
             del request.COOKIES[name]
Esempio n. 2
0
 def parse_token(self, token):
     data, timestamp = signed.loads(token, extra_key=self.extra_key)
     if time.time() - timestamp > self.ttl:
         raise ValueError("token expired")
     return data, timestamp