开源 企业版 高校版 私有云 模力方舟 AI 队友
代码拉取完成,页面将自动刷新
捐赠
捐赠前请先登录
扫描微信二维码支付
取消
支付完成
支付提示
将跳转至支付宝完成支付
确定
取消
1 Star 0 Fork 0

source-code-analysis/python3.8.1

加入 Gitee
与超过 1400万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
已有帐号? 立即登录
文件
master
分支 (1)
master
master
分支 (1)
master
克隆/下载
克隆/下载
提示
下载代码请复制以下命令到终端执行
为确保你提交的代码身份被 Gitee 正确识别,请执行以下命令完成配置
初次使用 SSH 协议进行代码克隆、推送等操作时,需按下述提示完成 SSH 配置
1 生成 RSA 密钥
2 获取 RSA 公钥内容,并配置到 SSH公钥
在 Gitee 上使用 SVN,请访问 使用指南
使用 HTTPS 协议时,命令行会出现如下账号密码验证步骤。基于安全考虑,Gitee 建议 配置并使用私人令牌 替代登录密码进行克隆、推送等操作
Username for 'https://gitee.com': userName
Password for 'https://userName@gitee.com': # 私人令牌
master
分支 (1)
master
python3.8.1
/
Doc
/
library
/
secrets.rst
python3.8.1
/
Doc
/
library
/
secrets.rst
secrets.rst 5.89 KB
一键复制 编辑 原始数据 按行查看 历史
zhangweibo 提交于 2021年11月16日 09:46 +08:00 . git init

:mod:`secrets` --- Generate secure random numbers for managing secrets

.. module:: secrets
 :synopsis: Generate secure random numbers for managing secrets.

.. moduleauthor:: Steven D'Aprano <steve+python@pearwood.info>
.. sectionauthor:: Steven D'Aprano <steve+python@pearwood.info>
.. versionadded:: 3.6

.. testsetup::

 from secrets import *
 __name__ = '<doctest>'

Source code: :source:`Lib/secrets.py`


The :mod:`secrets` module is used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.

In particularly, :mod:`secrets` should be used in preference to the default pseudo-random number generator in the :mod:`random` module, which is designed for modelling and simulation, not security or cryptography.

.. seealso::

 :pep:`506`


Random numbers

The :mod:`secrets` module provides access to the most secure source of randomness that your operating system provides.

A class for generating random numbers using the highest-quality sources provided by the operating system. See :class:`random.SystemRandom` for additional details.

.. function:: choice(sequence)

 Return a randomly-chosen element from a non-empty sequence.

.. function:: randbelow(n)

 Return a random int in the range [0, *n*).

.. function:: randbits(k)

 Return an int with *k* random bits.


Generating tokens

The :mod:`secrets` module provides functions for generating secure tokens, suitable for applications such as password resets, hard-to-guess URLs, and similar.

.. function:: token_bytes([nbytes=None])

 Return a random byte string containing *nbytes* number of bytes.
 If *nbytes* is ``None`` or not supplied, a reasonable default is
 used.

 .. doctest::

 >>> token_bytes(16) #doctest:+SKIP
 b'\xebr\x17D*t\xae\xd4\xe3S\xb6\xe2\xebP1\x8b'


.. function:: token_hex([nbytes=None])

 Return a random text string, in hexadecimal. The string has *nbytes*
 random bytes, each byte converted to two hex digits. If *nbytes* is
 ``None`` or not supplied, a reasonable default is used.

 .. doctest::

 >>> token_hex(16) #doctest:+SKIP
 'f9bf78b9a18ce6d46a0cd2b0b86df9da'

.. function:: token_urlsafe([nbytes=None])

 Return a random URL-safe text string, containing *nbytes* random
 bytes. The text is Base64 encoded, so on average each byte results
 in approximately 1.3 characters. If *nbytes* is ``None`` or not
 supplied, a reasonable default is used.

 .. doctest::

 >>> token_urlsafe(16) #doctest:+SKIP
 'Drmhze6EPcv0fN_81Bj-nA'


How many bytes should tokens use?

To be secure against :mod:`secrets` module.

For those who want to manage their own token length, you can explicitly specify how much randomness is used for tokens by giving an :class:`int` argument to the various token_* functions. That argument is taken as the number of bytes of randomness to use.

Otherwise, if no argument is provided, or if the argument is None, the token_* functions will use a reasonable default instead.

Note

That default is subject to change at any time, including during maintenance releases.

Other functions

.. function:: compare_digest(a, b)

 Return ``True`` if strings *a* and *b* are equal, otherwise ``False``,
 in such a way as to reduce the risk of
 `timing attacks <https://codahale.com/a-lesson-in-timing-attacks/>`_.
 See :func:`hmac.compare_digest` for additional details.


Recipes and best practices

This section shows recipes and best practices for using :mod:`secrets` to manage a basic level of security.

Generate an eight-character alphanumeric password:

.. testcode::

 import string
 import secrets
 alphabet = string.ascii_letters + string.digits
 password = ''.join(secrets.choice(alphabet) for i in range(8))


Note

Applications should not XKCD-style passphrase:

.. testcode::

 import secrets
 # On standard Linux systems, use a convenient dictionary file.
 # Other platforms may need to provide their own word-list.
 with open('/usr/share/dict/words') as f:
 words = [word.strip() for word in f]
 password = ' '.join(secrets.choice(words) for i in range(4))


Generate a hard-to-guess temporary URL containing a security token suitable for password recovery applications:

.. testcode::

 import secrets
 url = 'https://mydomain.com/reset=' + secrets.token_urlsafe()



Loading...
举报
举报成功
我们将于2个工作日内通过站内信反馈结果给你!
请认真填写举报原因,尽可能描述详细。
请选择举报类型
取消
发送
误判申诉

此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。

如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。

取消
提交

简介

取消

发行版

暂无发行版

贡献者

全部

近期动态

不能加载更多了
编辑仓库简介
简介内容
主页
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/python_sourcecode/python3.8.1.git
git@gitee.com:python_sourcecode/python3.8.1.git
python_sourcecode
python3.8.1
python3.8.1
master
点此查找更多帮助

搜索帮助

评论
仓库举报
回到顶部
登录提示
该操作需登录 Gitee 帐号,请先登录后再操作。
立即登录
没有帐号,去注册

AltStyle によって変換されたページ (->オリジナル) /