JWT的生成和解析.
需要安装的jwt 是PyJWT
.否则可能会有别的问题出现.
pip uninstall jwt
pip uninstall PyJWT
pip install PyJWT==1.7.1
代码
import datetime
import jwt
salt = 'iv%x1fo9l7_u9bf_u!9#g#m*)*=ej@bek5)(@u3kh*72+unjv='
def generate_token(play_load: dict, minutes: int):
"""
生成token
:param minutes: 多久过期,单位:分钟
:param play_load: 一般为用户id、用户名的字典
:return:
"""
headers = {
'type': 'jwt',
'alg': 'HS256'
}
play_load['exp'] = datetime.datetime.utcnow() + datetime.timedelta(minutes=minutes)
token = jwt.encode(payload=play_load, key=salt, algorithm="HS256", headers=headers).decode()
return token
def validate_token(token):
"""
校验token有效性
:param token:加密token
:return: 状态
"""
result = {'status': False, 'data': None, 'error': None}
try:
verified_payload = jwt.decode(token, salt, algorithm='HS256', options={"verify_signature": False})
result['status'] = True
result['data'] = verified_payload
except jwt.ExpiredSignatureError:
result['error'] = 'token已失效'
except jwt.DecodeError as err:
result['error'] = 'token认证失败'
except jwt.InvalidTokenError:
result['error'] = '非法的token'
return result
if __name__ == '__main__':
print(generate_token({"code": 1},1))
print(validate_token('eyJ0eXAiOiJqd3QiLCJhbGciOiJIUzI1NiJ9.eyJjb2RlIjoxLCJleHAiOjE2Mzk2NDIxODl9.U7AuG6GKVC1j_eInrsNmC-z1Xi_RyMOkuWWTS-01VeI'))