在gae上形成验证的最佳方式

时间:2010-06-04 02:15:00

标签: python validation google-app-engine forms

(1)就是这样:http://code.google.com/intl/en/appengine/articles/djangoforms.html

(2)是自己写的:

#/usr/bin/env python2.5
#----------------------------
# Datastore models for user & signup
#----------------------------

from base64 import b64encode as b64
from hashlib import md5, sha256
from random import randint
from time import time

from google.appengine.ext import db


N_SALT = 8             # length of the password salt


def salt_n_hash(password, salt=None):
    """
    Generate a salt and return in base64 encoding the hash of the
    password with the salt and the character '$' prepended to it.
    """
    salt = salt or b64( ''.join(chr(randint(0, 0xff)) for _ in range(N_SALT)) )
    return salt + '$' + b64( sha256(salt+password.encode("ascii")).digest() )


class User(db.Model):
    nickname = db.StringProperty(required=True)
    email = db.EmailProperty(required=True)
    pwd = db.StringProperty(required=True)
    suspended = db.BooleanProperty(default=True)

    @classmethod
    def authenticate(klass, nickname, password):
        """Return an User() entity instance if password is correct"""
        user = klass.get_by_key_name(nickname)
        if user:
            n_salt = user.pwd.index('$')
            if user.pwd == salt_n_hash(password, salt=user.pwd[:n_salt]):
                return user

    def __eq__(self, other):
        return self.nickname == other.nickname


def signup_id(nickname):
    return md5( nickname + repr(time()) ).hexdigest()


class UserSignup(db.Model):
    user = db.ReferenceProperty(User, required=True)
    date = db.DateProperty(auto_now_add=True)

哪种方式更好,

或者你有更好的方法来做到这一点,例如:简单的形式验证框架,

感谢

1 个答案:

答案 0 :(得分:1)

如果您正在使用Django,djangoforms绝对是您要走的路。如果是tipfy或其他轻量级框架,请尝试wtforms(它也在tipfy source tree中)。

相关问题
最新问题