· 4 years ago · Nov 03, 2020, 01:20 PM
1>>> from hashlib import blake2b
2>>> from hmac import compare_digest
3>>>
4>>> SECRET_KEY = b'pseudorandomly generated server secret key'
5>>> AUTH_SIZE = 16
6>>>
7>>> def sign(cookie):
8... h = blake2b(digest_size=AUTH_SIZE, key=SECRET_KEY)
9... h.update(cookie)
10... return h.hexdigest().encode('utf-8')
11>>>
12>>> def verify(cookie, sig):
13... good_sig = sign(cookie)
14... return compare_digest(good_sig, sig)
15>>>
16>>> cookie = b'user-alice'
17>>> sig = sign(cookie)
18>>> print("{0},{1}".format(cookie.decode('utf-8'), sig))
19user-alice,b'43b3c982cf697e0c5ab22172d1ca7421'
20>>> verify(cookie, sig)
21True
22>>> verify(b'user-bob', sig)
23False
24>>> verify(cookie, b'0102030405060708090a0b0c0d0e0f00')
25False