Created
October 16, 2012 07:19
-
-
Save ykxpb/3897726 to your computer and use it in GitHub Desktop.
simple signed api.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class ApiBaseHandler(BaseHandler): | |
| def prepare(self): | |
| sign = self.get_argument('sign', None) | |
| platform = self.get_argument('platform', None) | |
| if not (sign and platform) or \ | |
| not self.verify_sign(platform, self.request.arguments, sign): | |
| jsonData = {'status': 401, 'result': 'Bad Sign'} | |
| self.write(jsonData) | |
| self.finish() | |
| def get_platform_token(self, name): | |
| key = self.db.get('SELECT token FROM api_token WHERE name=%s', name) | |
| if not key: | |
| return None | |
| return key['token'] | |
| def verify_sign(self, platform, req_arguments, sign): | |
| argList = [] | |
| argStr = None | |
| platformKey = self.get_platform_token(platform) | |
| if not platformKey: | |
| return False | |
| for i in sorted(req_arguments.keys()): | |
| if req_arguments.get(i, None) and i != "sign": | |
| argList.extend(req_arguments[i]) | |
| argStr = ''.join(argList) | |
| if sign == md5_digest(argStr + platformKey): | |
| return True | |
| else: | |
| return False |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment