7 django pyjwt

1 安装

pip install pyjwt

 

2 封装获取 token 函数

import time
import jwt
from django.conf import settings


# 生成 token,有效期一天
def make_token(username, expire=3600*24):
    import jwt
    now = time.time()
    key = settings.LIZI_TOKEN_KEY
    payload = {'username': username, 'exp':int(now+expire)}
    return jwt.encode(payload, key, algorithm='HS256')

 

3 封装校验 token 函数

import jwt
from django.conf import settings
from django.http import JsonResponse
from user.models import User

# token 验证装饰器
def login_check(func):
    def wrapper(request, *args, **kwargs):

        # token 校验
        token = request.META.get('HTTP_AUTHORIZATION')
        # 没有 token
        # if not a 用来判断变量 a 是否 None,等于 if a is not None
        if token is None:
            result = {'code':403, 'error':u'用户未登录 - 没有权限!'}
            return JsonResponse(result)
        try:
            res =jwt.decode(token, settings.LIZI_TOKEN_KEY, algorithms='HS256')
        except Exception as e:
            print('jwt error {}'.format(e))
            result = {'code':403, 'msg': u'用户未登录!'}
            return JsonResponse(result)

        username = res['username']
        user = User.objects.get(username=username)
        # user 挂载 request 上,以便后面方法可以直接取出用户
        request.myuser = user

        return func(request, *args, **kwargs)
    return wrapper

 

posted @ 2021-05-16 21:47  栗子测试开发  阅读(234)  评论(0)    收藏  举报