自己在做自动化时,需要先登录获取token值,登录接口是对密码进行了AES加密,网上百度了AES加密过程:
AES是服务端和客户端共用一个秘钥K,client端进行加密,服务端用秘钥进行解密。下面是python代码进行加密的过程
import base64
import requests
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.primitives.ciphers import algorithms
from Crypto.Cipher import AES
from binascii import b2a_hex
# 此处传入后台的秘钥
str_key = "
encodestr = base64.b64decode(str_key.encode('utf-8'))
class AccessToken:
def __init__(self, key=encodestr):
# 对传入的秘钥等进行初始化
self.key = key.encode('utf-8')
# 加密模式
self.mode = AES.MODE_CBC
self.iv = encodestr
@staticmethod
def pkcs7_padding(data):
if not isinstance(data, bytes):
data = data.encode()
padder = padding.PKCS7(algorithms.AES.block_size).padder()
padded_data = padder.update(data) + padder.finalize()
return padded_data
# python的AES加密算法
def encrypt_AES(self, password):
cryptor = AES.new(self.key, self.mode, self.iv)
text = password.encode('utf-8')
text = self.pkcs7_padding(text)
ciphertext = cryptor.encrypt(text)
return (b2a_hex(ciphertext).decode().lower())
# 用户登录
def custome_login(self, username, password):
# 对密码加密
password = self.encrypt_AES(password)
# host_url 登录地址
url = "%s&username=%s&password=%s" % (
host_url, username,password)
# 传入headers,也是后台需要传入的,不同的接口,传入的值不一样
headers = {
"Authorization": "APPCODE " + APPCODE,
"X-Ca-Nonce": self.set_uuid()
}
# 向后台发送请求
resp = requests.post(url, headers=headers, verify=False)
data = json.loads(resp.text)["data"]
# 判断接口请求是否成功,此处可以做一个try...except...操作
if data:
# 将后台的接口返回值获取token值,根据自己项目来
token = json.loads(resp.text)["data"]["centerTokenDto"]["token"]
access_token = {
"token": token
}
return access_token
# 如果没有成功,将错误信息返回
return json.loads(resp.text)["message"]