flask-restful

from flask import Flask,jsonify,g
#导入restful类库
from flask_restful import Api,Resource
from flask_httpauth import HTTPBasicAuth
from itsdangerous import TimedJSONWebSignatureSerializer as Serializer



app = Flask(__name__)



#创建认证对象
auth = HTTPBasicAuth()

#设置认证的回调函数,需要认证时自动回调,成功返回true,失败返回flase
@auth.verify_password
def verify_password(username_or_token,password):
    if username_or_token == 'bill' and password == '123456':
        return True
    else:
        if check_token(username_or_token):
            return True
        return False

#认证的错误显示
@auth.error_handler
def unauthorized():
    return jsonify({'error':'认证失败'}),403

#生成token
app.config['SECRET_KEY'] = '123456'
def generate_token(expires_in=3600):
    s = Serializer(app.config['SECRET_KEY'],expires_in=expires_in)
    return s.dumps({'username':'jerry','password':'123456'})

#校验token
def check_token(token):
    s = Serializer(app.config['SECRET_KEY'])
    try:
        data = s.loads(token)
    except:
        return False
    g.username = data.get('username')
    return True

#创建api对象
api = Api(app)


@app.route('/token')
@auth.login_required
def get_token():
    #return jsonify({'token':generate_token()})
    return generate_token()

#创建资源,继承自Resource
class UserAPI(Resource):
    def get(self,id):
        return {'User':'GET'}
    def put(self,id):
        return {'User':'PUT'}
    def delete(self,id):
        return {'User':'DELETE'}

class UserListAPI(Resource):
    #添加认证(资源保护),最简单的认证,传输的时候不够安全
    decorators = [auth.login_required]
    def get(self):
        #return {'UserList':'GET'}
        return {'User': g.username}
    def post(self):
        return {'UserList':'POST'}


#添加资源
#参数:1、资源类名,2、路由地址,可以是多个路由,访问相同地址,3、端点
api.add_resource(UserAPI,'/user/<int:id>',endpoint='user')
api.add_resource(UserListAPI,'/user/',endpoint='users')




if __name__ == '__main__':
    app.run(debug=True)

 

posted @ 2020-02-12 11:49  JvvYou  阅读(137)  评论(0编辑  收藏  举报