def get_token(): user_agent = request.headers.get('User-Agent', "") device_sn = request.headers.get('device_sn', "") os_platform = request.headers.get('os_platform', "") app_version = request.headers.get('app_version', "") data = request.get_json() sign = data.get('sign', "") expected_sign = utils.get_sign(user_agent, device_sn, os_platform, app_version) if expected_sign != sign: result = { 'success': False, 'msg': "Authorization failed!" } response = make_response(json.dumps(result), 403) else: token = utils.gen_random_string(16) token_dict[device_sn] = token result = { 'success': True, 'token': token } response = make_response(json.dumps(result)) response.headers["Content-Type"] = "application/json" return response
def get_token(self, user_agent, device_sn, os_platform, app_version): ''' @summary:向服务器发送请求,验证此客户端是否可信。 根据请求headers里边的数据计算出来的sign,和传过去的参数sign做比较, 如果一致,说明此客户端是被认可的(因为知道加密算法和秘钥),因此返回一个token(以后此客户端所有的请求都需要带上此token)。 @return token(16 length str) ''' url = '%s/api/get-token' % self.host headers = { "Content-Type": "application/json", "User-Agent": user_agent, "device_sn": device_sn, "os_platform": os_platform, "app_version": app_version } data = { "sign": utils.get_sign(user_agent, device_sn, os_platform, app_version) } resp = self.api_client.post(url, json=data, headers=headers) self.assertEqual(resp.status_code, 200) resp_json = resp.json() self.assertTrue(resp_json.get('success')) self.assertIn('token', resp_json) token = resp_json.get('token') self.assertEqual(len(token), 16) return token
def get_token(self, user_agent, device_sn, os_platform, app_version): url = "%s/api/get-token" % self.host headers = { 'Content-Type': 'application/json', 'User-Agent': user_agent, 'device_sn': device_sn, 'os_platform': os_platform, 'app_version': app_version } data = { 'sign': utils.get_sign(user_agent, device_sn, os_platform, app_version) } resp = self.api_client.post(url, json=data, headers=headers) resp_json = resp.json() self.assertTrue(resp_json["success"]) self.assertIn("token", resp_json) self.assertEqual(len(resp_json["token"]), 16) return resp_json["token"]
def get_token(): ''' @summary:获取token @param :headers{User-Agent, device_sn, os_platform, app_version}、json{sign:@sign} @return response({success, msg/token}, status_code) ''' # post请求的headers:User-Agent,device_sn,os_platform,app_version user_agent = request.headers.get('User-Agent', '') device_sn = request.headers.get('device_sn', '') os_platform = request.headers.get('os_platform', '') app_version = request.headers.get('app_version', '') # post请求的内容 {sign : @sign} data = request.get_json() sign = data.get('sign', '') # 通过post请求的headers计算出签名sign expected_sign = utils.get_sign(user_agent, device_sn, os_platform, app_version) # 构建response response = None if expected_sign != sign: # 如果计算出的签名 和 传过来的签名不一致 result = {'success': False, 'msg': 'Authorization failed!'} response = make_response(json.dumps(result), 403) else: # 如果签名一致 token = utils.gen_random_string(16) # 创建一个随机字符串,当做token token_dict[device_sn] = token result = {'success': True, 'token': token} response = make_response(json.dumps(result), 200) # 构建response的headers response.headers['Content-Type'] = 'application/json' # 返回response return response