目的:JWT如何使用?
過程: ps:這個文件找個文件夾存放,在需要引入的文件導包即可
1、jwt的加密和解密
import datetime
import jwt
from jwt import exceptions
def deal_encode_jwt(secret_key):
"""加密jwt"""
data = {
'exp': datetime.datetime.utcnow() + datetime.timedelta(minutes=30) # 超時時間
}
# 生成json web token
token = jwt.encode(data, secret_key, algorithm='HS256')
token = token.decode('utf8')
return token
def deal_decode_jwt(access_token, secret_key):
"""解密 jwt"""
try:
# 驗證
verified_payload = jwt.decode(access_token, secret_key, True)
return verified_payload
except exceptions.ExpiredSignatureError:
return 'token已失效'
except jwt.DecodeError:
return 'token認證失敗'
except jwt.InvalidTokenError:
return '非法的token'
if __name__ == '__main__':
secret_key = "6de683f6e8f038f62863fe27a17573e5"
access_token = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6MSwibmlja19uYW1lIjoiaGgiLCJleHAiOjV9.0skYOmER3SRB1UR-0crJgz3pYRBCvYz2KoQDJQszaUU'
res = deal_decode_jwt(access_token, secret_key)
print(res)
2、secret_key的位置在settings中
SETTINGS = dict(
# template_path=get_path("views"),
# static_path=get_path("static"),
# cookie_secret="6de683f6e8f038f62863fe27a17573e5",
secret_key="6de683f6e8f038f62863fe27a17573e5",
login_url="/login",
debug=True,
)