Spaces:
Paused
Paused
| import hashlib | |
| import secrets | |
| import time | |
| from datetime import datetime | |
| from .encryption import EncryptedString, decrypt_value, encrypt_value | |
| __all__ = [ | |
| "EncryptedString", | |
| "decrypt_value", | |
| "encrypt_value", | |
| "generate_secure_session_token", | |
| "validate_session_integrity", | |
| ] | |
| # Enhanced session security | |
| def generate_secure_session_token() -> str: | |
| """Generate cryptographically secure session tokens""" | |
| # Use cryptographically secure random generation | |
| random_bytes = secrets.token_bytes(32) | |
| timestamp = str(int(time.time())).encode() | |
| combined = random_bytes + timestamp | |
| # Hash with SHA-256 for additional security | |
| token = hashlib.sha256(combined).hexdigest() | |
| return token | |
| def validate_session_integrity(session_data: dict) -> bool: | |
| """Validate session data integrity""" | |
| required_fields = ["user_id", "token", "created_at", "expires_at"] | |
| # Check all required fields present | |
| if not all(field in session_data for field in required_fields): | |
| return False | |
| # Check expiration | |
| current_time = datetime.utcnow().timestamp() | |
| if session_data["expires_at"] < current_time: | |
| return False | |
| # Additional security checks | |
| return True | |