accounts/utils/confirmation.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

# -*- coding: utf-8 -*-
from itsdangerous import BadSignature, SignatureExpired, URLSafeTimedSerializer
from werkzeug.exceptions import Forbidden
from accounts.app import accounts_app

from typing import Union, Optional, Any


class Confirmation(URLSafeTimedSerializer):

    def __init__(self, realm: str, key=None, **kwargs):
        if key is None:
            key = accounts_app.config['SECRET_KEY']
        super(Confirmation, self).__init__(key, salt=realm, **kwargs)

    def loads_http(self, s: Union[str, bytes],
                   max_age: Optional[int] = None,
                   return_timestamp: bool = False,
                   salt: Optional[bytes] = None) -> Any:
        """
        Like `Confirmation.loads`, but raise HTTP exceptions with appropriate
        messages instead of `BadSignature` or `SignatureExpired`.
        """

        try:
            return self.loads(s, max_age, return_timestamp, salt)
        except BadSignature:
            raise Forbidden('Ungültiger Bestätigungslink.')
        except SignatureExpired:
            raise Forbidden('Bestätigungslink ist zu alt.')