from django.shortcuts import resolve_url from django.core.signing import Signer from django.core.exceptions import SuspiciousOperation signer = Signer() def signed_url(name, **kwargs): """ >>> signed_url('foo/bar') """ url = resolve_url(name, **kwargs) sig = signer.sign(url) return sig.replace(":", "?auth=") def check_signed_url(url, auth): sig = signer.sign(url) if sig[len(url)+1:] != auth: sig = "_HIDDEN_" raise SuspiciousOperation("Bad auth code") if __name__ == '__main__': import doctest print(doctest.testmod())