-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathindex_2.py
93 lines (73 loc) · 2.57 KB
/
index_2.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# example for flask with flask_jwt_extended
from flask import Flask, request, jsonify, render_template
from werkzeug.security import safe_str_cmp
from flask_jwt_extended import (
JWTManager, jwt_required, create_access_token, jwt_optional, decode_token,
get_jwt_identity
)
app = Flask(__name__)
app.config['JWT_SECRET_KEY'] = 'super-secret'
jwt = JWTManager(app)
class User(object):
def __init__(self, id, username, password):
self.id = id
self.username = username
self.password = password
def __str__(self):
return "User(id='%s')" % self.id
users = [
User(1, 'user1', '123456'),
User(2, 'user2', '123456'),
]
username_table = {u.username: u for u in users}
userid_table = {u.id: u for u in users}
def authenticate(username, password):
user = username_table.get(username, None)
if user and safe_str_cmp(user.password.encode('utf-8'), password.encode('utf-8')):
return user
def identity(token):
access_token = request.args.get('access_token')
payload = decode_token(access_token)
print(payload)
user_id = payload['identity']
return userid_table.get(user_id, None)
@app.route('/auth', methods=['POST'])
def login():
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
username = request.json.get('username', None)
password = request.json.get('password', None)
if not username:
return jsonify({"msg": "Missing username parameter"}), 400
if not password:
return jsonify({"msg": "Missing password parameter"}), 400
user = authenticate(username, password)
if not user:
return jsonify({"msg": "Bad username or password"}), 401
# Identity can be any data that is json serializable
access_token = create_access_token(identity=user.id)
return jsonify(access_token=access_token), 200
# Protect a view with jwt_required, which requires a valid access token
# in the request to access.
@app.route('/protected', methods=['GET'])
@jwt_required
def protected():
# Access the identity of the current user with get_jwt_identity
current_user = get_jwt_identity()
return jsonify(logged_in_as=current_user), 200
# add by edgardeng
@app.route('/')
@jwt_optional
def index():
name = ''
access_token = request.args.get('access_token')
if access_token:
user = identity(access_token)
name = user.username
print(access_token)
if len(name) > 0:
return render_template('index.html', name=name)
else:
return render_template('login.html')
if __name__ == '__main__':
app.run()