7 django pyjwt
1 安装
pip install pyjwt
2 封装获取 token 函数
import time
import jwt
from django.conf import settings
# 生成 token,有效期一天
def make_token(username, expire=3600*24):
import jwt
now = time.time()
key = settings.LIZI_TOKEN_KEY
payload = {'username': username, 'exp':int(now+expire)}
return jwt.encode(payload, key, algorithm='HS256')
3 封装校验 token 函数
import jwt
from django.conf import settings
from django.http import JsonResponse
from user.models import User
# token 验证装饰器
def login_check(func):
def wrapper(request, *args, **kwargs):
# token 校验
token = request.META.get('HTTP_AUTHORIZATION')
# 没有 token
# if not a 用来判断变量 a 是否 None,等于 if a is not None
if token is None:
result = {'code':403, 'error':u'用户未登录 - 没有权限!'}
return JsonResponse(result)
try:
res =jwt.decode(token, settings.LIZI_TOKEN_KEY, algorithms='HS256')
except Exception as e:
print('jwt error {}'.format(e))
result = {'code':403, 'msg': u'用户未登录!'}
return JsonResponse(result)
username = res['username']
user = User.objects.get(username=username)
# user 挂载 request 上,以便后面方法可以直接取出用户
request.myuser = user
return func(request, *args, **kwargs)
return wrapper