MCPcopy
hub / github.com/django/django / Signer

Class Signer

django/core/signing.py:190–264  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

188
189
190class Signer:
191 def __init__(
192 self, *, key=None, sep=":", salt=None, algorithm=None, fallback_keys=None
193 ):
194 self.key = key or settings.SECRET_KEY
195 self.fallback_keys = (
196 fallback_keys
197 if fallback_keys is not None
198 else settings.SECRET_KEY_FALLBACKS
199 )
200 self.sep = sep
201 self.salt = salt or "%s.%s" % (
202 self.__class__.__module__,
203 self.__class__.__name__,
204 )
205 self.algorithm = algorithm or "sha256"
206 if _SEP_UNSAFE.match(self.sep):
207 raise ValueError(
208 "Unsafe Signer separator: %r (cannot be empty or consist of "
209 "only A-z0-9-_=)" % sep,
210 )
211
212 def signature(self, value, key=None):
213 key = key or self.key
214 return base64_hmac(self.salt + "signer", value, key, algorithm=self.algorithm)
215
216 def sign(self, value):
217 return "%s%s%s" % (value, self.sep, self.signature(value))
218
219 def unsign(self, signed_value):
220 if self.sep not in signed_value:
221 raise BadSignature('No "%s" found in value' % self.sep)
222 value, sig = signed_value.rsplit(self.sep, 1)
223 for key in [self.key, *self.fallback_keys]:
224 if constant_time_compare(sig, self.signature(value, key)):
225 return value
226 raise BadSignature('Signature "%s" does not match' % sig)
227
228 def sign_object(self, obj, serializer=JSONSerializer, compress=False):
229 """
230 Return URL-safe, hmac signed base64 compressed JSON string.
231
232 If compress is True (not the default), check if compressing using zlib
233 can save some space. Prepend a '.' to signify compression. This is
234 included in the signature, to protect against zip bombs.
235
236 The serializer is expected to return a bytestring.
237 """
238 data = serializer().dumps(obj)
239 # Flag for if it's been compressed or not.
240 is_compressed = False
241
242 if compress:
243 # Avoid zlib dependency unless compress is being used.
244 compressed = zlib.compress(data)
245 if len(compressed) < (len(data) - 1):
246 data = compressed
247 is_compressed = True

Callers 1

get_cookie_signerFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected