def get_token():
user_agent = request.headers.get('User-Agent', "")
device_sn = request.headers.get('device_sn', "")
os_platform = request.headers.get('os_platform', "")
app_version = request.headers.get('app_version', "")
data = request.get_json()
sign = data.get('sign', "")
expected_sign = utils.get_sign(user_agent, device_sn, os_platform, app_version)
if expected_sign != sign:
result = {
'success': False,
'msg': "Authorization failed!"
}
response = make_response(json.dumps(result), 403)
else:
token = utils.gen_random_string(16)
token_dict[device_sn] = token
result = {
'success': True,
'token': token
}
response = make_response(json.dumps(result))
response.headers["Content-Type"] = "application/json"
return response
def get_token(self, user_agent, device_sn, os_platform, app_version):
'''
@summary:向服务器发送请求,验证此客户端是否可信。
根据请求headers里边的数据计算出来的sign,和传过去的参数sign做比较,
如果一致,说明此客户端是被认可的(因为知道加密算法和秘钥),因此返回一个token(以后此客户端所有的请求都需要带上此token)。
@return token(16 length str)
'''
url = '%s/api/get-token' % self.host
headers = {
"Content-Type": "application/json",
"User-Agent": user_agent,
"device_sn": device_sn,
"os_platform": os_platform,
"app_version": app_version
}
data = {
"sign": utils.get_sign(user_agent, device_sn, os_platform,
app_version)
}
resp = self.api_client.post(url, json=data, headers=headers)
self.assertEqual(resp.status_code, 200)
resp_json = resp.json()
self.assertTrue(resp_json.get('success'))
self.assertIn('token', resp_json)
token = resp_json.get('token')
self.assertEqual(len(token), 16)
return token
def get_token(self, user_agent, device_sn, os_platform, app_version):
url = "%s/api/get-token" % self.host
headers = {
'Content-Type': 'application/json',
'User-Agent': user_agent,
'device_sn': device_sn,
'os_platform': os_platform,
'app_version': app_version
}
data = {
'sign': utils.get_sign(user_agent, device_sn, os_platform, app_version)
}
resp = self.api_client.post(url, json=data, headers=headers)
resp_json = resp.json()
self.assertTrue(resp_json["success"])
self.assertIn("token", resp_json)
self.assertEqual(len(resp_json["token"]), 16)
return resp_json["token"]
def get_token(self, user_agent, device_sn, os_platform, app_version):
url = "%s/api/get-token" % self.host
headers = {
'Content-Type': 'application/json',
'User-Agent': user_agent,
'device_sn': device_sn,
'os_platform': os_platform,
'app_version': app_version
}
data = {
'sign': utils.get_sign(user_agent, device_sn, os_platform,
app_version)
}
resp = self.api_client.post(url, json=data, headers=headers)
resp_json = resp.json()
self.assertTrue(resp_json["success"])
self.assertIn("token", resp_json)
self.assertEqual(len(resp_json["token"]), 16)
return resp_json["token"]
def get_token():
'''
@summary:获取token
@param :headers{User-Agent, device_sn, os_platform, app_version}、json{sign:@sign}
@return response({success, msg/token}, status_code)
'''
# post请求的headers:User-Agent,device_sn,os_platform,app_version
user_agent = request.headers.get('User-Agent', '')
device_sn = request.headers.get('device_sn', '')
os_platform = request.headers.get('os_platform', '')
app_version = request.headers.get('app_version', '')
# post请求的内容 {sign : @sign}
data = request.get_json()
sign = data.get('sign', '')
# 通过post请求的headers计算出签名sign
expected_sign = utils.get_sign(user_agent, device_sn, os_platform,
app_version)
# 构建response
response = None
if expected_sign != sign: # 如果计算出的签名 和 传过来的签名不一致
result = {'success': False, 'msg': 'Authorization failed!'}
response = make_response(json.dumps(result), 403)
else: # 如果签名一致
token = utils.gen_random_string(16) # 创建一个随机字符串,当做token
token_dict[device_sn] = token
result = {'success': True, 'token': token}
response = make_response(json.dumps(result), 200)
# 构建response的headers
response.headers['Content-Type'] = 'application/json'
# 返回response
return response