Opened 3 years ago

Last modified 3 years ago

#18615 new New feature

Allow retrieval of the signature age using the signing API

Reported by: brutasse Owned by: nobody
Component: Core (Other) Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

Currently there is no way to retrieve the time a value was dumped when unsigning it. One way to do hack around this limitation is to do:

import datetime

from django.core import signing
from django.utils import timezone


def loads_with_timestamp(value, salt):
    try:
        data = signing.loads(value, salt=salt, max_age=-1)
    except signing.SignatureExpired as e:
        age = float(str(e).split('Signature age ')[1].split(' >')[0])
        timestamp = timezone.now() - datetime.timedelta(seconds=age)
    return timestamp, signing.loads(value, salt=salt)

This isn't particularly elegant. It'd be great if the API allowed that kind of thing, although I'm not sure what's the best way to do it:

  • a flag that changes the return value of the loads function? (ugh)
  • a new function, loads_with_timestamp? (name bikeshedding ensues)
  • an API change in Django 1.7 and opt-in in previous versions?

Maybe there are other ways…

Change History (1)

comment:1 Changed 3 years ago by aaugustin

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Triage Stage changed from Unreviewed to Accepted
Note: See TracTickets for help on using tickets.
Back to Top