一、使用TimedJSONWebSignatureSerializer的方式
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
from flask import current_app
from flask_shop.user.models import User
# 生成token
def generate_auth_token(uid, expiration):
# 创建加密对象
s = Serializer(current_app.config['SECRET_KEY'], expires_in=expiration)
# 生成token
return s.dumps({'id': uid}).decode()
# 解析token
def verify_auth_token(token_str):
# 创建解密对象
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token_str)
except Exception:
return None
usr = User.query.filter_by(id=data['id']).first()
return usr
# 装饰器
def login_required(view_func):
functools.wraps(view_func)
def verify_token(*arg, **kwargs):
try:
token = request.headers['token']
except Exception:
return to_dict_msg(10016)
# 创建解密对象
s = Serializer(current_app.config['SECRET_KEY'])
try:
data = s.loads(token)
except Exception:
return to_dict_msg(10017)
return view_func(*arg, **kwargs)
return verify_token
二、使用jwt方式
import jwt
from datetime import datetime, timedelta
from jwt import PyJWTError
from flask import current_app
from flask_shop.user.models import User
JWT_EXPIRY_SECOND = 1
# 生成token
def generate_tokens(uid):
# params:是生成token的参数
params = {
'id': uid,
# exp:代表token的有效时间,datetime.utcnow():代表当前时间
# timedelta:表示转化为毫秒
'exp': datetime.utcnow() + timedelta(seconds=JWT_EXPIRY_SECOND)
}
# key:密钥,
# algorithm:算法,算法是SHA-256
# SHA-256:密码散列函数算法.256字节长的哈希值(32个长度的数组)---》16进制字符串表示,长度为64。信息摘要,不可以逆
return jwt.encode(payload=params, key=current_app.config['SECRET_KEY'], algorithm='HS256')
# 校验token
def verify_tokens(token_str):
'''
验证token
:param token_str:如果验证成功返回用户id
:return:
'''
try:
# 返回之前生成token的时候的字典,字典种包含id和exp
data = jwt.decode(token_str, key=current_app.config['SECRET_KEY'], algorithms='HS256')
current_app.logger.info(data)
user = User.query.filter(User.id == data['id']).first()
if user: # 如果用户存在,并且没有锁定
return {'id': user.id}
else:
return {"message": "数据库中不存在当前用户,或者用户已经过期"}
except PyJWTError as e:
current_app.logger.error(e)
return {"message": "token验证失败"}
# 装饰器
def login_required(view_func):
functools.wraps(view_func)
def verify_token(*arg, **kwargs):
try:
token = request.headers['token']
except Exception:
return to_dict_msg(10016)
# 创建解密对象
data = jwt.decode(token, key=current_app.config['SECRET_KEY'], algorithms='HS256')
# current_app.logger.info(data)
user = User.query.filter(User.id == data['id']).first()
if not user:
return to_dict_msg(10016)
return view_func(*arg, **kwargs)
return verify_token