我正在运行两个烧瓶app实例。为安全起见,我使用flask-security和flask-mongoengine。两个api实例都必须作为负载均衡器的节点。现在当我使用第一个api登录时,我获得了一个访问令牌,现在我尝试使用提供unauthorized状态的访问令牌来尝试第二个api。
现在,我想知道是否可以为两个apis使用相同的访问令牌。两个api共享相同的数据库,mongo配置和安全配置。代码如下:
from flask import Flask,request, render_template,abort,jsonify
from flask_mongoengine import MongoEngine
from flask_security import Security, MongoEngineUserDatastore, \
UserMixin, RoleMixin, login_required,auth_token_required,roles_required, current_user
from flask_security.utils import logout_user
from flask_cors import CORS, cross_origin
import csv
import time
import hashlib
import datetime
import requests
import json
# Create app
app = Flask(__name__)
CORS(app)
app.config['DEBUG'] = True
app.config['SECRET_KEY'] = 'super-secret'
app.config['SECURITY_PASSWORD_HASH'] = 'plaintext'
app.config['SECURITY_TRACKABLE'] = True
app.config['SECURITY_PASSWORD_SALT'] = 'somepaswwordsalt'
app.config['WTF_CSRF_ENABLED'] = False
# MongoDB Config
app.config['MONGODB_DB'] = 'db'
app.config['MONGODB_HOST'] = 'localhost'
app.config['MONGODB_PORT'] = 27017
app.config['MONGODB_USERNAME'] = 'username'
app.config['MONGODB_PASSWORD'] = 'password'
# Create database connection object
db = MongoEngine(app)
@app.route('/api/v1/',methods=['GET'])
@auth_token_required
@roles_required('admin')
def create():
......
......