对Flask-Jwt / auth端点的内部Flask POST请求没有成功

时间:2016-10-26 23:16:47

标签: python authentication flask token flask-jwt

我今天来找你,这个问题似乎令人讨厌并且困扰我一周(可能更多)。

我实施了Flask和Flask-JWT来创建令牌并在我的web-app的不同部分使用它。 该过程是:用户put是表单上的凭据,当他记录时,通过向Flask-JWT / auth端点发出POST请求来创建令牌。

问题是:

  • 当用户进入时,代码的令牌创建部分(对/ auth端点的POST请求)似乎处于无限循环中。

代码停在:" r = requests.post(url,headers = headers,data = payload)"

有趣的是,如果用户登录并且之后转到/ auth端点,则会创建令牌。

有人已经遇到过这个问题吗?

谢谢

项目/ config.py

JWT_EXPIRATION_DELTA = timedelta(seconds=900)
JWT_AUTH_URL_RULE = "/api/v1/auth"

SECURITY_PASSWORD_HASH = 'pbkdf2_sha512'
SECURITY_TRACKABLE = True
SECURITY_PASSWORD_SALT = "xxxx"

WTF_CSRF_ENABLED = True
WTF_CSRF_SECRET_KEY = "xxxx"

项目/应用/的初始化的.py

from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_login import LoginManager, login_required
from flask_bcrypt import Bcrypt
from flask_security import Security, SQLAlchemyUserDatastore, \
    UserMixin, RoleMixin, login_required
from flask_jwt import JWT, jwt_required
import os

app = Flask(__name__)
app.config.from_object('config')
bcrypt = Bcrypt(app)
db = SQLAlchemy(app)

# To have random secret key
secret_key = os.urandom(24)
app.secret_key = secret_key

from textr import views, models
from search_number import views
from buy_number import views
from users import views, models
from sms_receiver import views, models
from sms_sender import views, models
from phone_number import models, views

from users.models import User, Role

# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)

login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "login"

@login_manager.user_loader
def load_user(user_id):
    return User.query.filter(User.id == int(user_id)).first()

from textr.tools import retreive_user, verify_password

def authenticate(username, password):
    user = retreive_user(username)
    if verify_password(username, password):
        return user

def identity(payload):
    return User.query.filter(User.id == payload['identity']).scalar()

jwt = JWT(app, authenticate, identity)

项目/应用程序/用户/ views.py

from flask_jwt import jwt_required, JWT
from models import User
from error_handling import error_400
from flask import Flask, request, render_template, jsonify, session, redirect, url_for, flash
import json
import requests

@app.route("/api/v1/login", methods=["GET", "POST"])
def login():
    error = None

    if request.method == 'POST':
        json_data = request.json
        if not json_data:
            username = request.form['username']
            password = request.form['password']
        else:
            username = json_data['username']
            password = json_data['password']

        if not check_user_present(username):
            return error_400('Error', 'User not found', 404)

        if verify_password(username, password):
            flash('Logged in successfully.')
            user = retreive_user(username)
            login_user(user)

            # Infos to create POST request for Token
            payload = ({'username':username, 'password':password})
            url = "http://127.0.0.1:8080/api/v1/auth"
            headers = {'Content-Type': 'application/json', 'charset': 'utf-8'}

            # Token creation
            r = requests.post(url, headers=headers, data=payload)
            response = r.json()

            if (r.status_code is 200):
                token = response['user']['authentication_token']
                session['api_session_token'] = token)
        else:
            flash('Wrong credentials!')
            return error_400('Error', 'Wrong credentials', 401)

    return render_template('users/login.html')

0 个答案:

没有答案