导入的包
from flask import Flask, jsonify, current_app, request
from flask_pymongo import PyMongo
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer
from flask_sqlalchemy import SQLAlchemy
token的生成函数
def generate_token(api_users):
expiration = 3600
s = Serializer(current_app.config['SECRET_KEY'], expires_in=expiration) #expiration是过期时间
token = s.dumps({'id': api_users.id}).decode('ascii')
return token, expiration
输入用户名和密码返回数据和token
@app.route('/find', methods=['GET'])
def find():
user = request.args.get('user') #利用这个request.args.get方法可以模拟postman输入参数
password = request.args.get('password')
box_id = request.args.get('box_id')
user = User.query.filter_by(user=user, password=password).first()
result = mongo.db[box_id].find().sort([("t", -1)]).limit(1)
list = []
for res in result:
list.append(str(res))
token = generate_token(user)
str_token = str(token)
list.append(str_token)
json_data = jsonify(list)
return json_data
token的验证函数
def verify_auth_token(token):
s = Serializer(app.config['SECRET_KEY'])
try:
data = s.loads(token)
except SignatureExpired:
return None # valid token,but expired
except BadSignature:
return None # invalid token
user = User.query.get(data['id'])
return user
使用token验证函数进行验证
@app.route('/token', methods=['GET', 'POST'])
def token():
token = request.args.get('token')
_token = verify_auth_token(token)
# print(_token)
user = User.query.filter_by(id=_token.id).first()
result = mongo.db[user.box_id].find().sort([("t", -1)]).limit(1)
list = []
for res in result:
list.append(str(res))
json_data = jsonify(list)
return json_data
其中_token验证完成后是一个对象,里面是你数据库所对应的对象
第一遍你要输入用户名密码 然后调用token生成函数 得到返回的token值,
这样你第二步可以直接输入token,不需要输入用户名密码也可以得到
相应的值了!