我想将token_required装饰器中的令牌传递给不同受保护路由的标头。
这是所使用的代码(登录端点、受保护端点和requires_token装饰器)
@app.route("/login")
def login():
auth = request.authorization
if auth and auth.password == "password":
token = jwt.encode(
{
"user": auth.username,
"exp": datetime.datetime.utcnow() + datetime.timedelta(minutes=30),
},
app.config["SECRET_KEY"],
)
return jsonify({"token": token})
return make_response(
"Could'nt verify!", 401, {"WWW-Authenticate": 'Basic realm="Login Required"'}
)
@app.route("/protected")
@token_required
def protected():
return "Only certain people can access"
def token_required(f):
@wraps(f)
def decorated(*args, **kwargs):
token = request.args.get("token")
if not token:
return jsonify({"message": "Token is missing"}), 403
try:
data = jwt.decode(
token, app.config["SECRET_KEY"], options={"verify_signature": False}
)
except:
return jsonify({"message": "Token is invalid"}), 403
return f(*args, **kwargs)
return decorated
如果你想传递一些东西给装饰函数,您可以在调用包装函数之前将其添加到装饰器中的关键字参数字典(kwargs)中。
例如,要将data值传递给受保护视图,可以使用如下代码
@app.route("/protected")
@token_required
def protected(data=None):
# do something with the data
return "Only certain people can access"
def token_required(f):
@wraps(f)
def decorated(*args, **kwargs):
token = request.args.get("token")
if not token:
return jsonify({"message": "Token is missing"}), 403
try:
data = jwt.decode(
token, app.config["SECRET_KEY"], options={"verify_signature": False}
)
except:
return jsonify({"message": "Token is invalid"}), 403
kwargs['data'] = data # add the data to the keyword arguments
return f(*args, **kwargs)
return decorated