Signing Interface — It's Dangerous documentation
From Get docs
Itsdangerous/docs/1.0.x/signer
Signing Interface
The most basic interface is the signing interface. The Signer
class can be used to attach a signature to a specific string:
from itsdangerous import Signer
s = Signer("secret-key")
s.sign("my string")
b'my string.wh6tMHxLgJqB6oY1uT73iMlyrOA'
The signature is appended to the string, separated by a dot. To validate the string, use the unsign()
method:
s.unsign(b"my string.wh6tMHxLgJqB6oY1uT73iMlyrOA")
b'my string'
If unicode strings are provided, an implicit encoding to UTF-8 happens. However after unsigning you won’t be able to tell if it was unicode or a bytestring.
If the value is changed, the signature will no longer match, and unsigning will raise a BadSignature
exception:
s.unsign(b"different string.wh6tMHxLgJqB6oY1uT73iMlyrOA")
Traceback (most recent call last):
...
itsdangerous.exc.BadSignature: Signature "wh6tMHxLgJqB6oY1uT73iMlyrOA" does not match
To record and validate the age of a signature, see Signing With Timestamps.
Signing Algorithms