先后端分离项目中作用户认证,用户每次登陆成功后返回一个token,下次访问时header带上返回的token证实改用户是登陆过的,不须要再次登陆,不然返回错误信息python
重写装饰器作登陆认证后端
def authenticated(func):
"""
重写tornado authenticated
"""
@functools.wraps(func)
async def wrapper(self, *args, **kwargs):
res_data = {}
token = self.request.headers.get("token")
if token:
user = None
try:
jwt_data = jwt.decode(
token, self.settings["secret_key"],
leeway=self.settings["jwt_expires"], # 判断过时时间
options={"verify_exp": True} # 是否验证
)
user_id = jwt_data["id"]
user = await self.application.objects.get(User, user_id=user_id)
except Exception as e:
self.set_status(401)
res_data["content"] = "token error"
if user:
self._current_user = user
result = await func(self, *args, **kwargs)
return result
else:
self.set_status(401)
res_data["content"] = "token error"
else:
self.set_status(401)
res_data["content"] = "miss token"
self.write(res_data)
return wrapper 登陆成功后返回jwt_tokenapp
def get_jwt_token(self,user_id):
"""
fun : 使用jwt生成token
:param user_id:
:return:
"""
payload = {
"id": user_id,
"iat": int(time.time()),
"exp": int(time.mktime((datetime.datetime.now() + datetime.timedelta(minutes=60)).timetuple()))
}
jwt_token = jwt.encode(
payload,
self.settings["secret_key"], # 进行加密签名的密钥
algorithm="HS256",
headers={"alg": "HS256",
"typ": "JWT"}
).decode("utf-8")
return jwt_token