堆栈内存溢出
  简体   繁体   English

为我的 python 程序创建令牌系统的最简单方法是什么? [等候接听]

[英]What is the easiest way to create a token system for my python program? [on hold]

 原文  2019-11-09 03:28:16       python/ token

问题描述

What is the easiest way to create a verification system for my python program that allows me to generate a token (or something similar) that is valid for a set period of time and only allows the program to run a defined number of times?为我的 python 程序创建验证系统的最简单方法是什么,该系统允许我生成在设定的时间段内有效且仅允许程序运行定义次数的令牌(或类似的东西)?

Any ideas/examples?有什么想法/例子吗?

EDIT 11/11/2019:编辑 2019 年 11 月 11 日:

This code is from "kenivia":此代码来自“kenivia”:

import cryptography
import time as ti

import base64
from cryptography.fernet import Fernet
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC


YOUR_PASSWORD_HERE = 'password'

def gen_key(p):
    '''feel like this is an overkill but imma just copy and paste this from my other thing'''
    password = p.encode()
    salt = b'rH2eMA2SYI&gUzH&QIgouxKIB*1GF908F!yC35z$2fLIFvGjxjkllh8Zztfo7n4Z'
    '''change the salt for every user and store them separately for extra security if you want
        this way even if they guessed the password they still have to brute force through 
        ^^^ this thing every time'''
    kdf = PBKDF2HMAC(
        algorithm=hashes.SHA256(),
        length=32,
        salt=salt,
        iterations=100000,
        backend=default_backend()
    )
    key = base64.urlsafe_b64encode(kdf.derive(password))
    return key



def access():
    key_from_user = input('your key: ')
    k = gen_key(YOUR_PASSWORD_HERE)
    key = Fernet(k)
    decrypted = float(str(key.decrypt(key_from_user.encode()))[2:-1])
    if ti.time()-decrypted > 60*60:
        '''if the time is over 1 hours'''
        raise AssertionError('your free trial of life has ended')
    print('you got access! and there is {} seconds of access left'.format(60*60-(ti.time()-decrypted)))


print('type 0 if you are a new user, 1 for login')
comm = input('')
if comm == '1':
    access()
elif comm == '0':
    un_encrypted_key = str(ti.time())
    k = gen_key(YOUR_PASSWORD_HERE)
    key = Fernet(k)
    saving = key.encrypt(un_encrypted_key.encode())
    print('your key:',str(saving)[2:-1])
else:
    raise Exception('no')

Many thanks for the code, but I would like to make it work only for one (or n times) within the specified time period.非常感谢代码,但我想让它在指定的时间段内只工作一次(或 n 次)。

How could I implement such a thing?我怎么能实现这样的事情?

1 个解决方案

解决方案1
 0  2019-11-09 09:33:56

You could use a password to hash/encrypt the current timestamp and decrypt it using the same password to compare the time.您可以使用密码对当前时间戳进行哈希/加密,并使用相同的密码对其进行解密以比较时间。 You can do that with a access counter too.您也可以使用访问计数器来做到这一点。

This will not be secure if they have access to your password and can generate their own encrypted code如果他们可以访问您的密码并且可以生成自己的加密代码,这将是不安全的

dependency: cryptography which you can install with pip依赖项:您可以使用 pip 安装的密码学

import cryptography
import time as ti

import base64
from cryptography.fernet import Fernet
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC




YOUR_PASSWORD_HERE = 'password'


def gen_key(p):
    '''feel like this is an overkill but imma just copy and paste this from my other thing'''
    password = p.encode()
    salt = b'rH2eMA2SYI&gUzH&QIgouxKIB*1GF908F!yC35z$2fLIFvGjxjkllh8Zztfo7n4Z'
    '''change the salt for every user and store them separately for extra security if you want
        this way even if they guessed the password they still have to brute force through 
        ^^^ this thing every time'''
    kdf = PBKDF2HMAC(
        algorithm=hashes.SHA256(),
        length=32,
        salt=salt,
        iterations=100000,
        backend=default_backend()
    )
    key = base64.urlsafe_b64encode(kdf.derive(password))
    return key



def access():
    key_from_user = input('your key: ')
    k = gen_key(YOUR_PASSWORD_HERE)
    key = Fernet(k)
    decrypted = float(str(key.decrypt(key_from_user.encode()))[2:-1])
    if ti.time()-decrypted > 60*60:
        '''if the time is over 1 hours'''
        raise AssertionError('your free trial of life has ended')
    print('you got access! and there is {} seconds of access left'.format(60*60-(ti.time()-decrypted)))





print('type 0 if you are a new user, 1 for login')
comm = input('')
if comm == '1':
    access()
elif comm == '0':
    un_encrypted_key = str(ti.time())
    k = gen_key(YOUR_PASSWORD_HERE)
    key = Fernet(k)
    saving = key.encrypt(un_encrypted_key.encode())
    print('your key:',str(saving)[2:-1])
else:
    raise Exception('no')

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用Python在Windows中编写虚拟文件系统的最简单方法 - easiest way to program a virtual file system in windows with Python 在Python中创建访问令牌的更好的方法是什么? - What better way to create an access token in Python? 使用Python编辑系统特定配置文件的最简单,最佳方法是什么? - What is the easiest and best way to edit the system specific config file using Python? 向我的子图添加图例的最简单方法是什么? - What is the easiest way to add a legend to my subplots? 在 Python 中转义 HTML 的最简单方法是什么? - What's the easiest way to escape HTML in Python? 用Python制作表格的最简单方法是什么? - What's the easiest way to make a table in Python? 在 Python 中创建 rtf 文件的最简单方法? - Easiest way to create an rtf file in Python? 用Python安装OpenVAS omblib的最简单方法是什么? - What is the easiest way to install OpenVAS omblib with Python? 在Python中打印10个字符的最简单方法是什么? - What is the easiest way to print 10 characters in Python? 在Python中访问计算机麦克风的最简单方法是什么? - What is the easiest way to access a a computers microphone in Python?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM