生成Flask中使用的签名会话cookie值 [英] Generating signed session cookie value used in Flask
问题描述
我正在将Flask服务器与另一个需要向会话中注入项目的Flask服务器进行代理。
I'm proxying a Flask server with another Flask server that needs to inject items into the session.
这两个服务器都具有相同的密钥,因此加密签名将是相同的。使用Flask和会话时,http响应包含带有 session = text
的Set-Cookie标头,其中text是使用您签名的会话对象的编码JSON字符串
Both servers have the same secret key so the cryptographic signature will be the same. When using Flask and a session, the http response contains a Set-Cookie header with session=text
, where text is an encoded JSON string of your session object that is signed using you secret key.
从本质上讲,我需要能够重新创建此字符串,但是我找不到这样做的接口。
Essentially, I need to be able to re-create this string, but I can't find the interface to do so.
推荐答案
我找到烧瓶如何在源代码中完成。我很着急,所以没有时间更好地解释。
I ended up solving my own issue after finding how flask does this in the source. I was in a hurry at work so did not have time to better explain.
from flask import Flask, session
from flask.sessions import SecureCookieSessionInterface
app = Flask("example")
app.secret_key = "Tom Izzo 4 President"
# 1. this is what I was looking for
session_serializer = SecureCookieSessionInterface() \
.get_signing_serializer(app)
app.route("/")
def test():
session["lst"] = ["a", "b", "c", "d"]
# 2. and this is how I needed to use it
session_cookie = session_serializer.dumps(dict(session))
变量 session_cookie上面的
是使用给定secret_key的会话的有效cookie值。这样,我就可以将请求转发到另一个使用secret_key的烧瓶服务器。
The variable session_cookie
above is a valid cookie value for a session using the given secret_key. With this I am able to forward a request to another flask server that uses the secret_key.
这篇关于生成Flask中使用的签名会话cookie值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!