summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBerker Peksag <berker.peksag@gmail.com>2014-11-15 12:03:04 +0200
committerTim Graham <timograham@gmail.com>2014-11-15 19:36:33 +0100
commitd2d6c0c097072e2a8ece755fdc2d50c111104e7d (patch)
treef5d2cf4ff979c3de21a391c0be66bcdb6b80348e
parentfa680ce1e252666d125264b2e93782c127ebe8c8 (diff)
Fixed #21363 -- Added datetime.timedelta support to TimestampSigner.unsign().
-rw-r--r--django/core/signing.py3
-rw-r--r--docs/releases/1.8.txt7
-rw-r--r--docs/topics/signing.txt10
-rw-r--r--tests/signing/tests.py7
4 files changed, 25 insertions, 2 deletions
diff --git a/django/core/signing.py b/django/core/signing.py
index d1f204bfc1..d46a386c6d 100644
--- a/django/core/signing.py
+++ b/django/core/signing.py
@@ -36,6 +36,7 @@ These functions make use of all of them.
from __future__ import unicode_literals
import base64
+import datetime
import json
import time
import zlib
@@ -192,6 +193,8 @@ class TimestampSigner(Signer):
value, timestamp = result.rsplit(self.sep, 1)
timestamp = baseconv.base62.decode(timestamp)
if max_age is not None:
+ if isinstance(max_age, datetime.timedelta):
+ max_age = max_age.total_seconds()
# Check timestamp is not older than max_age
age = time.time() - timestamp
if age > max_age:
diff --git a/docs/releases/1.8.txt b/docs/releases/1.8.txt
index dc3b4211c8..5135151234 100644
--- a/docs/releases/1.8.txt
+++ b/docs/releases/1.8.txt
@@ -186,6 +186,13 @@ Cache
* The ``incr()`` method of the
``django.core.cache.backends.locmem.LocMemCache`` backend is now thread-safe.
+Cryptography
+^^^^^^^^^^^^
+
+* The ``max_age`` parameter of the
+ :meth:`django.core.signing.TimestampSigner.unsign` method now also accept a
+ :py:class:`datetime.timedelta` object.
+
Database backends
^^^^^^^^^^^^^^^^^
diff --git a/docs/topics/signing.txt b/docs/topics/signing.txt
index 3092f297f0..18d963c41b 100644
--- a/docs/topics/signing.txt
+++ b/docs/topics/signing.txt
@@ -114,6 +114,7 @@ Verifying timestamped values
timestamp to the value. This allows you to confirm that a signed value was
created within a specified period of time::
+ >>> from datetime import timedelta
>>> from django.core.signing import TimestampSigner
>>> signer = TimestampSigner()
>>> value = signer.sign('hello')
@@ -126,6 +127,8 @@ created within a specified period of time::
SignatureExpired: Signature age 15.5289158821 > 10 seconds
>>> signer.unsign(value, max_age=20)
'hello'
+ >>> signer.unsign(value, max_age=timedelta(seconds=20))
+ 'hello'
.. class:: TimestampSigner(key=None, sep=':', salt=None)
@@ -136,7 +139,12 @@ created within a specified period of time::
.. method:: unsign(value, max_age=None)
Checks if ``value`` was signed less than ``max_age`` seconds ago,
- otherwise raises ``SignatureExpired``.
+ otherwise raises ``SignatureExpired``. The ``max_age`` parameter can
+ accept an integer or a :py:class:`datetime.timedelta` object.
+
+ .. versionchanged:: 1.8
+
+ Previously, the ``max_age`` parameter only accepted an integer.
Protecting complex data structures
----------------------------------
diff --git a/tests/signing/tests.py b/tests/signing/tests.py
index 740fc1cde4..707cbba445 100644
--- a/tests/signing/tests.py
+++ b/tests/signing/tests.py
@@ -1,5 +1,6 @@
from __future__ import unicode_literals
+import datetime
import time
from django.core import signing
@@ -126,9 +127,13 @@ class TestTimestampSigner(TestCase):
self.assertEqual(signer.unsign(ts), value)
time.time = lambda: 123456800
+ self.assertEqual(signer.unsign(ts, max_age=13), value)
self.assertEqual(signer.unsign(ts, max_age=12), value)
- self.assertEqual(signer.unsign(ts, max_age=11), value)
+ # max_age parameter can also accept a datetime.timedelta object
+ self.assertEqual(signer.unsign(ts, max_age=datetime.timedelta(seconds=11)), value)
self.assertRaises(
signing.SignatureExpired, signer.unsign, ts, max_age=10)
+ with self.assertRaises(signing.SignatureExpired):
+ self.assertEqual(signer.unsign(ts, max_age=datetime.timedelta(seconds=10)), value)
finally:
time.time = _time