27 lines
801 B
Python
27 lines
801 B
Python
from __future__ import unicode_literals
|
|
|
|
import json
|
|
|
|
from django.utils.crypto import salted_hmac
|
|
from django.utils import six
|
|
|
|
|
|
def form_hmac(form):
|
|
"""
|
|
Calculates a security hash for the given Form instance.
|
|
"""
|
|
data = []
|
|
for bf in form:
|
|
# Get the value from the form data. If the form allows empty or hasn't
|
|
# changed then don't call clean() to avoid trigger validation errors.
|
|
if form.empty_permitted and not form.has_changed():
|
|
value = bf.data or ''
|
|
else:
|
|
value = bf.field.clean(bf.data) or ''
|
|
if isinstance(value, six.string_types):
|
|
value = value.strip()
|
|
data.append((bf.name, value))
|
|
|
|
key_salt = 'django.contrib.formtools'
|
|
return salted_hmac(key_salt, json.dumps(data)).hexdigest()
|