· 7 years ago · Oct 10, 2018, 12:02 PM
1from flask.sessions import SecureCookieSessionInterface
2from itsdangerous import URLSafeTimedSerializer
3
4class SimpleSecureCookieSessionInterface(SecureCookieSessionInterface):
5 # Override method
6 # Take secret_key instead of an instance of a Flask app
7 def get_signing_serializer(self, secret_key):
8 if not secret_key:
9 return None
10 signer_kwargs = dict(
11 key_derivation=self.key_derivation,
12 digest_method=self.digest_method
13 )
14 return URLSafeTimedSerializer(secret_key, salt=self.salt,
15 serializer=self.serializer,
16 signer_kwargs=signer_kwargs)
17
18def decodeFlaskCookie(secret_key, cookieValue):
19 sscsi = SimpleSecureCookieSessionInterface()
20 signingSerializer = sscsi.get_signing_serializer(secret_key)
21 return signingSerializer.loads(cookieValue)
22
23# Keep in mind that flask uses unicode strings for the
24# dictionary keys
25def encodeFlaskCookie(secret_key, cookieDict):
26 sscsi = SimpleSecureCookieSessionInterface()
27 signingSerializer = sscsi.get_signing_serializer(secret_key)
28 return signingSerializer.dumps(cookieDict)
29
30if __name__=='__main__':
31 sk = 'youWillNeverGuess'
32 sessionDict = {u'Hello':'World'}
33 cookie = encodeFlaskCookie(sk, sessionDict)
34 decodedDict = decodeFlaskCookie(sk, cookie)
35 assert sessionDict==decodedDict
36cok=".eJwljztuAzEMBe-i2gUpUhLpyxgUP0gQIAF27SrI3b1AutfMYN5ve9SR50e7P49X3trjM9q9dWNeSwfLjqSdSgCbg1jLbYv00uohPYlsTgQOWBJRGlUpQJBuPLRi4ZpwLYqByJjLt2ltRUxGZUGOZWbTt-DwwQ6jGKjdmp9HPZ4_X_l99WCFF8kcvYvljEGxKJf2aXVJELxPwvSLe515_J_g9vcGleI-lw.Dp9yvQ.C6PXkKCR4VpMfcyeWV9tioKTqrc"
37pasw="a155eb4e1743baef085ff6ecfed943f2"
38sesssion=decodeFlaskCookie(pasw,cok)
39sesssion['user_id']=1
40print(encodeFlaskCookie(pasw,sesssion))