_vg2ddlZddlZddlmZddlmZddlmZmZgdZ ej dZ dZ d Z e Zd Zd Zdd ZddZdZeZdZdS)N)signing)crypto)packerssettings) create_token detect_token parse_tokensesamecFd}tjr ||jz }tjr%|t ||z }tjr|t|jz }tj |tj tj tj S)ay When the value returned by this method changes, this revokes tokens. It is derived from the hashed password so that changing the password revokes tokens. It may be derived from the email so that changing the email revokes tokens too. For one-time tokens, it also contains the last login datetime so that logging in revokes existing tokens. )digest)rINVALIDATE_ON_PASSWORD_CHANGEpasswordINVALIDATE_ON_EMAIL_CHANGEgetattrget_email_field_nameONE_TIMEstr last_loginrpbkdf2SALT ITERATIONSDIGEST)userdatas M/var/www/pixelcanvas.ch/venv/lib/python3.11/site-packages/sesame/tokens_v1.pyget_revocation_keyrs D-  *; d7799:::% DO$$$ =      cztj tj}n tj}|tjdS)Nsha1)salt algorithm)rMAX_AGErSignerTimestampSignerr)r%s r get_signerr'/s3( 6x} 7 7 77rctj|}t|S)z9 Create a URL-safe, signed token from ``data``. )r b64_encodedecodesignersign)rs rr,r,:s2  d # # * * , ,D ;;t  rctjt|}n&t|tj}t j|S)z4 Extract the data from a signed ``token``. N)max_age)rr$r+unsignr b64_decodeencode)tokenrs rr/r/CsQ }}U##}}UH,<}==  dkkmm , ,,rr c|dkrtdtjt |t j}t|}t||zS)z/ Create a v1 signed token for a user. r v1 tokens don't support scope) NotImplementedErrorrpackerpack_pkrrPRIMARY_KEY_FIELDrr,)rscope primary_keykeys rrrOs^  {{!"ABBB.((x7Q)R)RSSK T " "C  c! " ""rc"|dkrtd|td t|}n#tj$rtd|YdStj$rtd|YdSt$rtdYdSwxYw tj |\}}n+#t$rtdYdSwxYw||}|td |dStj |t|std |dStd |||S) z0 Obtain a user from a v1 signed token. r r4Nzv1 tokens don't support max_agezExpired token: %sz Bad token: %szkValid signature but unexpected token; if you enabled or disabled SESAME_MAX_AGE, you must regenerate tokensz^Valid signature but unexpected token; if you changed SESAME_PACKER, you must regenerate tokenszUnknown or inactive user: %szInvalid token: %szValid token for user %s: %s)r5r/rSignatureExpiredloggerdebug BadSignature Exception exceptionrr6 unpack_pkrconstant_time_comparer)r2get_userr9r.ruser_pkr;rs rr r [s  {{!"ABBB!"CDDD e}}  # (%000tt   _e,,,tt  E   tt ~//55   8   tt  8G  D | 3W===t  '-?-E-E F F (%000t LL.e<<< Ks-8*B8%)B8#B87B8<"C$DDcjtjtjdStjdS)Nz#[A-Za-z0-9-_]{4,}:[A-Za-z0-9-_]{27}z2[A-Za-z0-9-_]{4,}:[0-9A-Za-z]{6}:[A-Za-z0-9-_]{27})rr$recompilerr get_token_rerKs1z@AAA zOPPPrc:t|duS)z7 Tell whether token may be a v1 signed token. N)token_re fullmatch)r2s rr r s   e $ $D 00r)r )r N)loggingrH django.corer django.utilsrr rr__all__ getLoggerr>rr'r+r,r/rr rKrMr rJrrrTs  9 9 9  8 $ $B888  - - - # # # #++++\ Q Q Q <>>11111r