2 python encryption django django-urls
如何在不使用任何包的情况下从 django url 加密和解密 pk 基本上我有一个像
example.com/update/1
其中 pk=1
我想像 pk 1 = 345345435cgsfd2asdfaas 一样加密 pk
我认为没有 inbuld 方法可以做到这一点,但是使用TimestampSigner,您可以执行以下操作:
使用 TimestampSigner,您可以加密您的 PK,然后在需要原始字符串时解密。
>>> from datetime import timedelta
>>> from django.core.signing import TimestampSigner
>>> signer = TimestampSigner()
>>> value = signer.sign(str(pk)) # encrypt the PK.
>>> value
'1:1NMg5H:oPVuCqlJWmChm1rA2lyTUtelC-c'
>>> value = value.replace(pk,"") # doing this because, it append the original primary key + encrypted string.
>>> value # use this PK to show in the URL.
'1NMg5H:oPVuCqlJWmChm1rA2lyTUtelC-c'
>>> repack = "{}:{}".format(pk,value) # When you want back the original PK, add the PK + encrypted string.
>>>repack
'1:1NMg5H:oPVuCqlJWmChm1rA2lyTUtelC-c'
>>> signer.unsign(repack) # decrypt the PK.
'1'
希望这对您有帮助。
如果您不想暴露pkurl,则可以signing.dumps在加密和signing.loads解密时使用。序列化对象使用 TimestampSigner 进行签名。
>>> from django.core import signing
>>> value = signing.dumps({"pk": "25"})
>>> value
'eyJwayI6IjI1In0:1g9Q4d:RJRYtpklLqaa3ey9c4d4sI0DKMc'
>>> signing.loads(value)
{'pk': '25'}
>>> signing.loads(value,max_age=10)
Traceback (most recent call last):
File "<console>", line 1, in <module>
File "/home/avinash/.virtualenvs/mapd/lib/python3.6/site-packages/django/core/signing.py", line 140, in loads
base64d = force_bytes(TimestampSigner(key, salt=salt).unsign(s, max_age=max_age))
File "/home/avinash/.virtualenvs/mapd/lib/python3.6/site-packages/django/core/signing.py", line 209, in unsign
'Signature age %s > %s seconds' % (age, max_age))
django.core.signing.SignatureExpired: Signature age 25.847949981689453 > 10 seconds
>>>
| 归档时间: |
|
| 查看次数: |
3532 次 |
| 最近记录: |