accounts/utils/confirmation.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

# -*- coding: utf-8 -*-
from itsdangerous import BadSignature, SignatureExpired, URLSafeTimedSerializer
from werkzeug.exceptions import Forbidden
from accounts.app import accounts_app


class Confirmation(URLSafeTimedSerializer):

    def __init__(self, realm: str, key=None, **kwargs):
        if key is None:
            key = accounts_app.config['SECRET_KEY']
        super(Confirmation, self).__init__(key, salt=realm, **kwargs)

    def loads_http(self, s, max_age=None, return_timestamp=False, salt=None):
        """
        Like `Confirmation.loads`, but raise HTTP exceptions with appropriate
        messages instead of `BadSignature` or `SignatureExpired`.
        """

        try:
            return self.loads(s, max_age, return_timestamp, salt)
        except BadSignature:
            raise Forbidden('Ungültiger Bestätigungslink.')
        except SignatureExpired:
            raise Forbidden('Bestätigungslink ist zu alt.')