26 lines
716 B
Python
26 lines
716 B
Python
import base64
|
|
import hashlib
|
|
import secrets
|
|
|
|
from .passphrase import is_well_formed
|
|
|
|
|
|
def create_token() -> str:
|
|
return secrets.token_urlsafe(12) # 16 characters Base64
|
|
|
|
|
|
def session_key(token: str) -> bytes:
|
|
if len(token) != 16:
|
|
raise ValueError("Session token must be exactly 16 characters long")
|
|
return b"sess" + base64.urlsafe_b64decode(token)
|
|
|
|
|
|
def reset_key(passphrase: str) -> bytes:
|
|
if not is_well_formed(passphrase):
|
|
raise ValueError(
|
|
"Trying to reset with a session token in place of a passphrase"
|
|
if len(passphrase) == 16
|
|
else "Invalid passphrase format"
|
|
)
|
|
return b"rset" + hashlib.sha512(passphrase.encode()).digest()[:12]
|