It is using the itsdangerous
module to serialize the token. If you read more about it below, you will have your answers on how expiration timestamp is used etc.
http://packages.python.org/itsdangerous/
The function serializer.dumps()
creates a unique serialized string and serializer.loads()
which is called by get_token_status
will return exceptions unless the exact serialized value is provided to it as parameter.
So you dumps()
and then using the return value from that, you calls loads()
. If does not match, you have exception which in this case means bad token.