python itsdangerous[留下记录，以便回忆]

python的 itsdangerous 作用：Sometimes you just want to send some data to untrusted environments. But how to do this safely? The trick involves signing. Given a key only you know, you can cryptographically sign your data and hand it over to someone else. When you get the data back you can easily ensure that nobody tampered with it.简单一点讲就是用指定的密钥对“数据”加密，然后可以根据密钥进行解密。

pip install itsdangerous #安装

pip install -U itsdangerous #升级，在python3中用pip3 install itsdangerous

Example Use Cases¶

• You can serialize and sign a user ID in a URL and email it to them to unsubscribe from a newsletter. This way you don’t need to generate one-time tokens and store them in the database. Same thing with any kind of activation link for accounts and similar things.
• Signed objects can be stored in cookies or other untrusted sources which means you don’t need to have sessions stored on the server, which reduces the number of necessary database queries.
• Signed information can safely do a roundtrip between server and client in general which makes them useful for passing server-side state to a client and then back.

实际中运用：

from itsdangerous import TimedJSONWebSignatureSerializer as Serializer, SignatureExpired

serial = Serializer(secret_key='your secret key',salt='thisis salt',expires_in=60)#60秒过期
ss = serial.dumps({'username':u'中文','user_id':1})
token = ss.decode()
print(token)
#将生成的字符进行解密
try:
    res = serial.loads('eyJhbGciOiJIUzUxMiIsImlhdCI6MTU2MTA0MTk1NiwiZXhwIjoxNTYxMDQyMDE2fQ.eyJ1c2VybmFtZSI6IuadqOS4h-i2hSIsInVzZXJfaWQiOjF9.1wbKHogOjY29sqdNX7l21kn8EWvNBF9LyHWjS6WDEl1smiOKq4i8a5ebHgNkCHTT1toOx9IiGUeKJLcutnkXYg')
    print(res)
    error = ""
except SignatureExpired:
    error = u"你的钥匙过期了"