On 26 September 2015 at 23:56, Serhiy Storchaka <storchaka@gmail.com> wrote:
On 26.09.15 16:07, Steven D'Aprano wrote:
Question one:
- token_bytes obviously should return bytes. What should the others return, bytes or str?
Why don't left conversion to the user? You can provide simple receipts in the documentation.
def token_hex(nbytes): return token_bytes(nbytes).hex()
def token_url(nbytes): return base64.urlsafe_b64encode(token_bytes(nbytes)).rstrip(b'=')
We don't know what functions are needed by users. After the secrets module is widely used, we could gather the statistics of most popular patterns and add some of them in the stdlib.
We already have those patterns based on what web frameworks use - the hex token generator pattern is taken from Pyramid's token generator, while the base64 one is inspired by Django's (the latter actually uses the "choosing from an alphabet" implementation style, but the proposed base64 approach makes the same general trade-off of encoding more bits of entropy per character to make the overall output shorter). Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia