Home/ Questions/Q 9213013
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-18T01:39:09+00:00

i want to make a link that is valid only for 24 hours, this

  • 0

i want to make a link that is valid only for 24 hours, this is for a validation purpose, so my question is simple:

How do i make this link valid only for this time; i’ve a hint:

  1. Get the epoch time.
  2. Make a link using only this value: something.com/time/1359380374
  3. When the user clics on the link, extract this value and compare.

I hear about Hash values? why? we cant get the time from the hash value (invert the process) so how this is done?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your best bet is to have the users email send as an argument and then query the database to see if their link has expired:

    Requested link query: update users set locked_stamp = now();

    Request url: http://yourdomain.com/?email=useremail

    Query: select true from users where email = '$email' and locked_stamp > now()-interval 1 hour and now() limit 1

    Result: You have a person requesting within the hour with email: $email.

    I have a script that using base64 to encode the timestamp… but its not secure by any means. 

    import tornado.web
import base64, re, time
import sys

def get_time():
    """Method used to get the current time in b64"""
    return base64.b64encode(str(int(time.mktime(time.localtime()))))

class WebHandler(tornado.web.RequestHandler):
    def get(self, _time):
        timecheck = base64.b64decode(_time)
        try:
            #require it to be all digits
            assert re.match('^\d+$', timecheck) is not None
            # Must be within 1 hour: greater then 1 hour ago and less then now
            assert int(timecheck) > int(time.mktime(time.localtime()))-3600 and \
                int(timecheck) < int(time.mktime(time.localtime()))
        except AssertionError:
            raise tornado.web.HTTPError(401,'Woops! Unauthorized.')
        else:
            self.write('Pass')


# Route
application = tornado.web.Application([
    (r"/([^\/]+)/?", WebHandler),
])


if __name__ == "__main__":
    application.listen(8889)
    tornado.ioloop.IOLoop.instance().start()
    • 0