Opened 22 months ago

Last modified 22 months ago

#18615 new New feature

Allow retrieval of the signature age using the signing API

Reported by: brutasse Owned by: nobody
Component: Core (Other) Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no


Currently there is no way to retrieve the time a value was dumped when unsigning it. One way to do hack around this limitation is to do:

import datetime

from django.core import signing
from django.utils import timezone

def loads_with_timestamp(value, salt):
        data = signing.loads(value, salt=salt, max_age=-1)
    except signing.SignatureExpired as e:
        age = float(str(e).split('Signature age ')[1].split(' >')[0])
        timestamp = - datetime.timedelta(seconds=age)
    return timestamp, signing.loads(value, salt=salt)

This isn't particularly elegant. It'd be great if the API allowed that kind of thing, although I'm not sure what's the best way to do it:

  • a flag that changes the return value of the loads function? (ugh)
  • a new function, loads_with_timestamp? (name bikeshedding ensues)
  • an API change in Django 1.7 and opt-in in previous versions?

Maybe there are other ways…

Attachments (0)

Change History (1)

comment:1 Changed 22 months ago by aaugustin

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Triage Stage changed from Unreviewed to Accepted

Add Comment

Modify Ticket

Change Properties
<Author field>
as new
The owner will be changed from nobody to anonymous. Next status will be 'assigned'
as The resolution will be set. Next status will be 'closed'

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.