后面所讲的jwt也是属于HTTPTokenAuth
1)Flask
from flask import Flask, g
from flask_httpauth import HTTPTokenAuth
app = Flask(__name__)
auth = HTTPTokenAuth(scheme='Token')
tokens = {
"secret-token-1": "john",
"secret-token-2": "susan"
}
@auth.verify_token
def verify_token(token):
if token in tokens:
g.current_user = tokens[token]
return True
return False
@app.route('/')
@auth.login_required
def index():
return "Hello, %s!" % g.current_user
if __name__ == '__main__':
app.run()
```
2)requests
```python
`HTTPTokenAuth`发的是get请求token信息放在request.headers['Authorization']里,使用base64加密
requests
```python
import requests
res = requests.post('http://127.0.0.1:5000/login',json={'username':'test','password':'test'})
print(res.json())
access_token = res.json()['access_token']
header={
"Authorization": f"Bearer {access_token}"
}
res = requests.get('http://127.0.0.1:5000/protected',headers=header) # 如果重新获得token则无效
print(res.text)
```
3)前端
??
参考:
https://www.cnblogs.com/fiona-zhong/p/10254961.html
https://www.cnblogs.com/Erick-L/p/7060806.html
https://blog.csdn.net/ousuixin/article/details/94053454
https://blog.csdn.net/qq_42597385/article/details/85248483
https://blog.csdn.net/ousuixin/article/details/94053454#flask%E4%B8%AD%E5%B0%81%E8%A3%85token%E7%9A%84package%E4%BD%BF%E7%94%A8
前后端分析 刷新token
https://www.jianshu.com/p/537b356d34c9
https://github.com/vimalloc/flask-jwt-extended