• python3 Flask jwt 简易token认证实例

     直接上代码

    1. from flask import Flask, jsonify, request, make_response
    2. import jwt
    3. import datetime
    4. from functools import wraps
    5.  
    6. app = Flask(__name__)
    7.  
    8. # 这是一个示例密钥,实际应用中应该使用一个复杂且随机的密钥
    9. app.config['SECRET_KEY'] = 'your_secret_key'
    10.  
    11. def token_required(f):
    12.     @wraps(f)
    13.     def decorated(*args, **kwargs):
    14.         token = None
    15.         if 'Authorization' in request.headers:
    16.             auth_header = request.headers['Authorization']
    17.             if auth_header.startswith('Bearer '):
    18.                 token = auth_header.split(" ")[1]  # 分割"Bearer "和token
    19.  
    20.         if not token:
    21.             return jsonify({'message': 'Token is missing!'}), 403
    22.  
    23.         try:
    24.             data = jwt.decode(token, app.config['SECRET_KEY'], algorithms=["HS256"])
    25.         except:
    26.             return jsonify({'message': 'Token is invalid!'}), 403
    27.  
    28.         return f(*args, **kwargs)
    29.     return decorated
    30.  
    31. @app.route('/unprotected')
    32. def unprotected():
    33.     return jsonify({'message': 'Anyone can view this!'})
    34.  
    35. @app.route('/protected')
    36. @token_required
    37. def protected():
    38.     return jsonify({'message': 'This is only available for people with valid tokens.'})
    39.  
    40. @app.route('/login')
    41. def login():
    42.     auth = request.authorization
    43.     if auth and auth.password == 'password':
    44.         token = jwt.encode({
    45.             'user': auth.username,
    46.             'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=30)
    47.         }, app.config['SECRET_KEY'])
    48.  
    49.         return jsonify({'token': token})
    50.  
    51.     return make_response('Could not verify!', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'})
    52.  
    53. if __name__ == '__main__':
    54.     app.run(debug=True)

    测试,登录,获取token

    1. curl -u username:password http://127.0.0.1:5000/login
    2.  
    3. 返回
    4.  
    5. {
    6.   "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoidXNlcm5hbWUwIiwiZXhwIjoxNzA4MzkyNjg5fQ.0Xq-GFufOTnLSkdqT42wVcF0QPe70z6tlxepwWzHf7Y"
    7. }

     

    用token 测试/protected

    1. curl -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoidXNlcm5hbWUwIiwiZXhwIjoxNzA4MzkyNjg5fQ.0Xq-GFufOTnLSkdqT42wVcF0QPe70z6tlxepwWzHf7Y" http://127.0.0.1:5000/protected
    2.  
    3. 返回信息
    4.  
    5. {
    6.   "message": "This is only available for people with valid tokens."
    7. }

     

    chatgpt写的代码

  • 相关阅读:
    算法学习笔记(20): AC自动机
    vscode连接服务器
    防火墙Ipsec vpn的配置
    深度学习项目实战:垃圾分类系统
    DynamicProgramming 动态规划
    京东数据平台:2023年服饰行业销售数据分析
    2023年9月青少年软件编程(C 语言) 等级考试试卷(七级)
    互联网摸鱼日报(2022-11-01)
    数据分析是大数据最热门的投资赛道
    还在为学不会JVM&G1烦恼吗?看阿里P8源码分析笔记,你想要的都有
  • 原文地址:https://blog.csdn.net/jxyk2007/article/details/136182194