Secure cookies

This module provides a serializer and deserializer for signed cookies.

class webapp2_extras.securecookie.SecureCookieSerializer(secret_key)

Serializes and deserializes secure cookie values.

Extracted from Tornado and modified.

__init__(secret_key)

Initiliazes the serializer/deserializer.

Parameters:secret_key – A random string to be used as the HMAC secret for the cookie signature.

deserialize(name, value, max_age=None)

Deserializes a signed cookie value.

Parameters:

• name – Cookie name.
• value – A cookie value to be deserialized.
• max_age – Maximum age in seconds for a valid cookie. If the cookie is older than this, returns None.

Returns:

The deserialized secure cookie, or None if it is not valid.

serialize(name, value)

Serializes a signed cookie value.

Parameters:

• name – Cookie name.
• value – Cookie value to be serialized.

Returns:

A serialized value ready to be stored in a cookie.