def check_signature(self, query):
"""
验证消息真实性
:param query: url请求键值对
:return: bool
"""
assert self._token
signature = query.get('signature','')
timestamp = query.get('timestamp','')
nonce = query.get('nonce','')
tmp_list = [self._token, timestamp, nonce]
tmp_list.sort()
tmp_str = ''.join(tmp_list)
return signature == Util.sha1(tmp_str)
def sign(cls, appid, jsapi_ticket, page_url):
"""
对页面进行签名.
网页url, 不含#之后的部分(函数内会自动过滤)
返回{'appid':'', 'timestamp':123456789, 'nonce_str':'', 'signature':''}
"""
params = {
'noncestr': Util.generate_nonce(15),
'timestamp': Util.timestamp(),
'jsapi_ticket': jsapi_ticket,
'url': page_url.partition('#')[0],
}
string = '&'.join(['%s=%s' % (key.lower(), params[key]) for key in sorted(params.keys())])
signature = Util.sha1(string)
return {
'appid': appid,
'timestamp': params['timestamp'],
'nonce_str': params['noncestr'],
'signature':signature
}
