Open xxleyi opened 5 years ago
Minimal Flask-Login Example - G B
依照上文思路,自己动手实践了 Flask 中 Header Auth 的整体流程,简单优化一点点,假如密码 hash 功能。
# -*- coding: utf-8 -*- from flask import Flask, jsonify from flask_login import LoginManager, UserMixin, login_required from http_basic_auth import parse_header from werkzeug.security import generate_password_hash, check_password_hash app = Flask(__name__) login_manager = LoginManager() login_manager.init_app(app) class User(UserMixin): # proxy for a database of users user_database = {"aaa": ("aaa", generate_password_hash("bbb"))} def __init__(self, username, password): self.id = username self.password = password @classmethod def get(cls, id): return cls.user_database.get(id) @login_manager.request_loader def load_header_user(request): auth_header = request.headers.get("Authorization") if auth_header is not None: username, password = parse_header(auth_header) user_entry = User.get(username) if user_entry is not None: user = User(user_entry[0], user_entry[1]) if check_password_hash(user.password, password): return user return None @app.route("/", methods=["GET", "POST"]) def index(): return jsonify({1: 2}) @app.route("/protected/", methods=["GET", "POST"]) @login_required def protected(): return jsonify({1: 2}) if __name__ == "__main__": app.config["SECRET_KEY"] = "ITSASECRET" app.run(port=5000, debug=True)
无需 http_basic_auth,flask werkzeug 底层已经做好了。
http_basic_auth
使用 request.authorization 可以直接拿到一个处理好的认证字典,如果是 basic auth,则字典内部会包含 password 和 username 这俩 key。
request.authorization
basic auth
password
username
key
Minimal Flask-Login Example - G B
依照上文思路,自己动手实践了 Flask 中 Header Auth 的整体流程,简单优化一点点,假如密码 hash 功能。