itsdangerous is a part of the pallets project. It contains helpers to pass data to untrusted environments and to get it back safe and sound. Data is cryptographically signed to ensure that a token has not been tampered with.
Questions tagged [itsdangerous]
24 questions
9
votes
4 answers
Python Flask import Error of module that isn´t being imported
I have a flask app running in Google App Engine. Yesterday, I deployed a new version of my app where I only change the HTML style. It deployed as it was supposed to. Today, I realized that I didn't change the title for each corresponding HTML page,…
santiagoorpi
- 119
- 1
- 6
7
votes
2 answers
How to forcefully expire token after using it (before expiry time set for the token using itsdangerous library in python)
My use case is to generate token for reset password api. Which I am doing with itsdangerous library in python.
https://pythonhosted.org/itsdangerous/.
This token(within reset password link) is forwarder through email to client, the token has expiry…
SHIVAM SAXENA
- 71
- 3
6
votes
1 answer
Which Timed JSONWebSignature Serializer replacement for itsdangerous is better? pyjwt or authlib
Currently I was using itsdangerous to generate timed json web signature as a token for users to auth and resetpassword etc. Here's the code:
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
class SampleCode:
def…
Justin Lee
- 800
- 1
- 11
- 22
2
votes
2 answers
Flask Webapp - Verify Email after Registration - Best Practice
I've been following along to Corey Schafer's awesome youtube tutorial on the basic flaskblog. In addition to Corey's code, I`d like to add a logic, where users have to verify their email-address before being able to login. I've figured to do this…
jaquatrezz
- 75
- 6
2
votes
1 answer
TimedJSONWebSignatureSerializer vs URLSafeTimedSerializer: When should I use what?
I found TimedJSONWebSignatureSerializer and URLSafeTimedSerializer. I wonder why those two methods exist. As a user of that library, what are reasons to chose one or the other?
What I've tried
I didn't even find TimedJSONWebSignatureSerializer in…
Martin Thoma
- 124,992
- 159
- 614
- 958
1
vote
1 answer
problem in setting expire time for email conformation in flask
i have this code for email confirm in my flask app but max_age dosent and always even i wait 2 hours its work i use this articel for writing this cod https://realpython.com/handling-email-confirmation-in-flask/ what is this cod problem and how can i…
Pourya Mohamadi
- 385
- 12
1
vote
4 answers
Why do "from a.b import c" and "from a import c" both work with some third-party libraries?
I assume the operation is the same, but why two imports of the same class? Are there specific situations when to use the first syntax and when to use the second?
In the current documentation (v2.1.x) there is a second way.
from itsdangerous import…
Keldro
- 33
- 6
1
vote
1 answer
Unsupported operand type(s) when using URLSafeTimedSerializer.dumps from itsdangerous
I'm having a problem to initiate a serializer in my Flask project
>>> from itsdangerous.url_safe import URLSafeTimedSerializer as Serializer
>>> s = Serializer ('secret', 30)
>>> token = s.dumps({'user_id': 1}).decode('utf-8')
Traceback (most recent…
anndi
- 13
- 3
1
vote
1 answer
How to delete the URLSafeTimedSerializer token after use in python?
I have created a token using python itsdangerous URLSafeTimedSerializer for forgot password functionality. The token is getting expired after the max-age but when the password is reset then i need to expire that token, so that the user is not able…
Natasha
- 11
- 4
1
vote
2 answers
AttributeError: module 'simplejson' has no attribute 'dumps' on "import flask"
On importing the flask module (or any module depending on flask) I get the following error:
Traceback (most recent call last):
File "main.py", line 2, in
from flask import Flask, request, render_template, redirect, abort,…
Sayan Sil
- 5,799
- 3
- 17
- 32
1
vote
0 answers
local variable referenced before assignment - token confirmation
I have a Flask API where I'm confirming accounts on registration. Itsdangerous is used to generate a token which I email to the user. Upon clicking the token, the API checks that the token is valid and checks that the email address of the user…
Derek C
- 323
- 3
- 13
1
vote
1 answer
Is it more secure to use itsdangerous with Flask-Login without the remember me option? Why or why not?
I am learning how to create a Flask app using a MongoDB database by putting together a user authentication system. When I went through the code with my superior at work, he said using werkzeug.security for hashing passwords may not be a good idea…
Aina
- 653
- 2
- 9
- 22
0
votes
1 answer
Error with Serialiser from itsdangerous concatenating an int with a bytes type
I have the following code:
from itsdangerous import URLSafeTimedSerializer as Serialiser
class User(db.Model, UserMixin):
def get_reset_token(self, expiration_sec=1800):
s = Serialiser(app.config['SECRET_KEY'], expiration_sec)
…
Michael
- 11
- 1
0
votes
2 answers
Itsdangerous security - TypeError: unsupported operand type(s) for +: 'int' and 'bytes'
I am using Python 3.9 and itsdangerous 2.1.2. I was testing things in the terminal and it does not appear to be working. This is my first experience with itsdangerous so maybe I don't understand it.
I want to get a token that can be emailed for when…
Shane S
- 1,747
- 14
- 31
0
votes
0 answers
How can I keep token from turning to None?
I am trying to follow along with a couple online tutorials for creating a reset password feature in my app. Both these tutorials use itsdangerous TimedJSONWebSignatureSerializer, which has since been deprecated, so I'm working with an older version…
kit08
- 1
- 1