难道我们在烧瓶api中将JWT与sqlalchemy一起使用?

时间:2019-02-18 16:23:40

标签: python flask jwt

以下是带有相关代码段的代码文件:

初始化 .py:

app = Flask(__name__)
cors = CORS(app, resources={r"/api/*": {"origins": "*"}})
app.config['SECRET_KEY'] = 'super-secret'

在auth.py中:

def authenticate_user(login, password):
    '''
    Return dict or None after checking against db for valid user
    '''
    s = select([users]).where(users.c.email==login)
    result_set = conn.execute(s)
    if result_set.rowcount == 1:
        for r in result_set:
            print r[users.c.password], 'result_set[users.c.password]'
            if pwd_context.verify(password, r[users.c.password]):
                # There is only one unique email/password pair
                print 'matched'
                return dict(r)
            else:
                return None
    return

如何在登录时获取用户的access_token值?我已经在virtualenv中安装了Flassk-JWT并遵循以下文档:https://pythonhosted.org/Flask-JWT/但请注意,我没有使用OOP。用户类等。我在Flask和python中使用sqlalchemy核心。为了进一步使用此令牌,我需要将其作为API的装饰器进行调用,这是我的理解:

@app.route('/rt/api/v1.0/list', methods=['GET'])
@jwt_required()

在views.py中:

from myapp.auth import authenticate_user

@app.route('/auth', methods=['POST','GET'])
def login():
    email = request.form["email"]
    password = request.form["password"]
    if request.method == 'POST':
            result_set = authenticate_user(email, password)
            if result_set:
                session['email'] = result_set['email']
            user_dict = result_set
            if user_dict:
                session['email'] = user_dict['email']
            jwt = JWT(app, user_dict['email'], user_dict["id"])

我一直坚持如何正确连接各种代码文件以获得访问令牌值。请指导。还希望从before_request callback()中排除登录API请求。所有其他API都可以执行before和after_request回调()。

1 个答案:

答案 0 :(得分:1)

最后找到了一种使用url的更好的实现方式:flask-jwt-extended.readthedocs.io/en/latest/basic_usage.html

相关问题
最新问题