Modified to get it working in python3 django2 and up
My strucutre was: from apps.libraries.urlcrypt
you will probably need to change this
django-urlcrypt encrypts information in urls, such as login credentials.
For example, assume I have url patterns that looks like this:
urlpatterns = patterns('', url(r'^inbox/$', 'message_inbox', name='message_inbox'), (r'^r/', include('urlcrypt.urls')), )
I can use django-urlcrypt to generate a url for a user that looks like:
http://www.mydomain.com/r/TkNJBkNFAghDWkdFGPUAQEfcDUJfEBIREgEUFl1BQ18IQkdDUUcPSh4ADAYAWhYKHh8KHBsHEw
and will automatically log that person in and redirects them to /inbox/
.
easy_install django-urlcrypt
orpip install django-urlcrypt
Add
urlcrypt
to yourINSTALLED_APPS
In settings.py add
'urlcrypt.auth_backends.UrlCryptBackend'
toAUTHENTICATION_BACKENDS
In urls.py add:
(r'^r/', include('urlcrypt.urls')),
(recommended) If you wish to use RSA encryption on your tokens, generate a private key with
ssh-keygen -t rsa -f <path to private key>
if you don't already have one, and then set the path to the private key as URLCRYPT_PRIVATE_KEY_PATH. RSA encryption makes the token much longer but is more secure. Thepycrypto
library is required.
In a view:
from django.core.urlresolvers import reverse from urlcrypt import lib as urlcrypt token = urlcrypt.generate_login_token(user, reverse('message_inbox')) encoded_url = reverse('urlcrypt_redirect', args=(token,)) # yours will look slightly different because you have a different SECRET_KEY, but approximately # encoded_url == /r/TkNJBkNFAghDWkdFGPUAQEfcDUJfEBIREgEUFl1BQ18IQkdDUUcPSh4ADAYAWhYKHh8KHBsHEw
In a template:
{% load urlcrypt_tags %} <a href="{% encoded_url user message_inbox %}">click me to log in as {{user.username}} and go to {% url message_inbox %}</a>
Advanced lib usage:
from urlcrypt import lib as urlcrypt message = { 'url': u'/users/following/', 'user_id': '12345' } token = urlcrypt.encode_token((message['user_id'], message['url'])) decoded_message = urlcrypt.decode_token(token, ('user_id', 'url', 'timestamp')) >>> print token TkNJBkNFAghDWkdFGPUAQEfcDUJfEBIREgEUFl1BQ18IQkdDUUcPSh4ADAYAWhYKHh8KHBsHEw >>> print decoded_message {'url': '/users/following/', 'user_id': '12345'}
URLCRYPT_LOGIN_URL
- default:
LOGIN_URL
- If urlcrypt authentication fails, redirects to
URLCRYPT_LOGIN_URL
.URLCRYPT_RATE_LIMIT
- default:
60
- The number of urlcrypt requests a unique visitor is allowed to make per minute.
URLCRYPT_PRIVATE_KEY_PATH
- default:
None
- The path to the RSA private key file in PEM format. If
None
, RSA encryption will not be used.RUNNING_TESTS
- default:
False
- Set
RUNNING_TESTS
to True when running the urlcrypt tests.