https://juejin.im/entry/56b30250df0eea0054375e1d
安装
pip install itsdangerous
使用
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer # 导入itsdangerous里面的类 实现加密 from django.conf import settings # 创建序列化对象 # Serializer(私钥, 生命周期(秒)) # serializer = Serializer('secretkey', 3600) # 私钥不能公开,不然就能被篡改 可以借助django里setting.py配置文件中的SECRET_KEY serializer = Serializer(settings.SECRET_KEY, 3600) info = {'confirm':1} # 通过序列化器dumps方法进行加密 data = serializer.dumps(info) # dumps里传的是键值对 是二进制 # 编码 data = data.decode('utf-8') print(data) # 解密 res = serializer.loads(data) print(res)
实例user/views.py
from django.shortcuts import render, redirect from django.http import HttpResponse, JsonResponse from django.core.urlresolvers import reverse # 反响解析 from django.views.generic import View # 导入类试图 from django.conf import settings # 导入配置文件 获取私钥 from itsdangerous import TimedJSONWebSignatureSerializer as Serializer # 导入itsdangerous里面的类 实现加密 import re from user.models import * # Create your views here. class RegisterView(View): '''注册''' def get(self, request): '''显示注册页面''' return render(request, 'register.html') def post(self, request): '''进行注册处理''' # 接受数据 username = request.POST.get('user_name') password = request.POST.get('pwd') email = request.POST.get('email') allow = request.POST.get('allow') # 校验 # 数据完整度 if not all([username, password, email]): return render(request, 'register.html', {'errmsg': '数据不完整'}) # 邮箱验证 if not re.match(r'^[A-Za-z0-9\u4e00-\u9fa5]+@[a-zA-Z0-9_-]+(\.[a-zA-Z0-9_-]+)+$', email): return render(request, 'register.html', {'errmsg': '邮箱格式不正确'}) # 校验协议 if allow != 'on': return render(request, 'register.html', {'errmsg': '请同意协议'}) # 校验用户是否存在 try: user = User.objects.get(username=username) except Exception as e: user = None if user: # 用户已存在 return render(request, 'register.html', {'errmsg': '用户名已存在'}) # 进行用户注册 # create_user() 注册用户 user = User.objects.create_user(username, email, password) user.is_active = 0 # 0为未激活状态 user.save() # 进行token加密 serializer = Serializer(settings.SECRET_KEY, 3600) info = {'confirm':user.id} token = serializer.dumps(info).decode('utf-8') return redirect(reverse('goods:index')) # 用户激活 from itsdangerous import SignatureExpired # 解密信息过期错误 class ActiveView(View): def get(self, request, token): '''进行用户激活''' # 进行解密 获取要激活的用户信息 serializer = Serializer(settings.SECRET_KEY, 3600) try: info = serializer.loads(token) # 获取待激活用户id user_id = info['confirm'] # 根据id获取用户信息 user = User.objects.get(id=user_id) user.is_active = 1 user.save() # 跳转登录页面 return redirect(reverse('user:login')) except SignatureExpired as e: # 激活链接已过期 return HttpResponse('激活链接已过期')