以下是带有相关代码段的代码文件:
初始化 .py:
app = Flask(__name__)
cors = CORS(app, resources={r"/api/*": {"origins": "*"}})
app.config['SECRET_KEY'] = 'super-secret'
在auth.py中:
def authenticate_user(login, password):
'''
Return dict or None after checking against db for valid user
'''
s = select([users]).where(users.c.email==login)
result_set = conn.execute(s)
if result_set.rowcount == 1:
for r in result_set:
print r[users.c.password], 'result_set[users.c.password]'
if pwd_context.verify(password, r[users.c.password]):
# There is only one unique email/password pair
print 'matched'
return dict(r)
else:
return None
return
如何在登录时获取用户的access_token值?我已经在virtualenv中安装了Flassk-JWT并遵循以下文档:https://pythonhosted.org/Flask-JWT/但请注意,我没有使用OOP。用户类等。我在Flask和python中使用sqlalchemy核心。为了进一步使用此令牌,我需要将其作为API的装饰器进行调用,这是我的理解:
@app.route('/rt/api/v1.0/list', methods=['GET'])
@jwt_required()
在views.py中:
from myapp.auth import authenticate_user
@app.route('/auth', methods=['POST','GET'])
def login():
email = request.form["email"]
password = request.form["password"]
if request.method == 'POST':
result_set = authenticate_user(email, password)
if result_set:
session['email'] = result_set['email']
user_dict = result_set
if user_dict:
session['email'] = user_dict['email']
jwt = JWT(app, user_dict['email'], user_dict["id"])
我一直坚持如何正确连接各种代码文件以获得访问令牌值。请指导。还希望从before_request callback()中排除登录API请求。所有其他API都可以执行before和after_request回调()。
答案 0 :(得分:1)
最后找到了一种使用url的更好的实现方式:flask-jwt-extended.readthedocs.io/en/latest/basic_usage.html