| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- from flask import current_app
- from app.libs.error_code import AuthFailed, Success
- from app.libs.redprint import Redprint
- from app.models.user import User
- from app.validators.forms import ClientForm, TokenForm
- from authlib.jose import jwt, JoseError, errors
- from datetime import datetime
- api = Redprint('token')
- @api.route('', methods=['POST'])
- def get_token():
- form = ClientForm().validate_for_api()
- userinfo = User.verify(form.account.data, form.secret.data)
- # Token
- token = generate_token({'uid':userinfo['uid']})
- t = {
- 'token': token.decode('utf8')
- }
- return Success(result=t)
- @api.route('/secret', methods=['POST'])
- def get_token_info():
- """获取令牌信息"""
- form = TokenForm().validate_for_api()
- key = current_app.config['SECRET_KEY']
- try:
- data = jwt.decode(s=form.token.data, key=key)
- data.validate_exp(now=datetime.now().timestamp(), leeway=current_app.config['TOKEN_EXPIRATION'])
- except errors.ExpiredTokenError:
- return AuthFailed(message='token过期')
- except JoseError:
- return AuthFailed()
- return Success(result=data)
- def generate_token(data):
- """生成用于邮箱验证的JWT(json web token)"""
- # 签名算法
- header = {'alg': 'HS256'}
- # 用于签名的**
- key = current_app.config['SECRET_KEY']
- # palyload
- expire = datetime.now().timestamp() + current_app.config['TOKEN_EXPIRATION']
- payload = {'exp': expire}
- payload.update(data)
- # 待签名的数据负载
- return jwt.encode(header, payload, key)
|
