def process_request(self, request):
for name, signed_value in request.COOKIES.items():
if name in UNSIGNED_COOKIES:
continue
try:
signed_name, user_pk, value = signed.loads(signed_value, extra_key=SIGNED_COOKIE_SECRET)
if user_pk != getattr(request.user, 'pk', None) or signed_name != name:
raise ValueError()
request.COOKIES[name] = value
except (signed.BadSignature, ValueError):
del request.COOKIES[name]
def parse_token(self, token):
data, timestamp = signed.loads(token, extra_key=self.extra_key)
if time.time() - timestamp > self.ttl:
raise ValueError("token expired")
return data, timestamp