Django Token的简单学习
程序员文章站
2022-07-14 09:17:17
...
Django Token的学习
import time
from django.core import signing
import hashlib
from django.core.cache import cache
# alg使用的算法
HEADER = {'typ': 'JWP', 'alg': 'default'}
TOKEN_KEY = 'solomon_world_token'
TOKEN_SALT = '[email protected]'
TIME_OUT = 30 * 60
# 加密
def encrypt(obj):
value = signing.dumps(obj, key=TOKEN_KEY, salt=TOKEN_SALT)
value = signing.b64_encode(value.encode()).decode()
return value
# 解密
def decrypt(src):
src = signing.b64_decode(src.encode()).decode()
raw = signing.loads(src, key=TOKEN_KEY, salt=TOKEN_SALT)
print(type(raw))
return raw
# 生成token信息
def create_token(username, password):
# 1. 加密头信息
header = encrypt(HEADER)
# 2. 构造Payload
payload = {
"username": username,
"password": password,
"iat": time.time()
}
payload = encrypt(payload)
# 3. 生成签名
md5 = hashlib.md5()
md5.update(("%s.%s" % (header, payload)).encode())
signature = md5.hexdigest()
token = "%s.%s.%s" % (header, payload, signature)
# 4.存储到缓存中
cache.set(username, token, TIME_OUT)
return token
def get_payload(token):
payload = str(token).split('.')[1]
payload = decrypt(payload)
return payload
# 通过token获取用户名
def get_username(token):
payload = get_payload(token)
return payload['username']
pass
def check_token(token):
username = get_username(token)
print('username', username)
last_token = cache.get(username)
if last_token:
return last_token == token
return False
图片验证 captcha
class RegisterForm(forms.Form):
# 为生成的验证码图片,以及输入框.
# captcha = CaptchaField(error_messages={'invalid': '验证码输入有误'})
captcha = CaptchaField()
def get_captcha(request):
# 生成验证码表单
register_form = RegisterForm()
return render(request, 'index.html', {'register_form': register_form})
<div>
<form action='.' method='POST'>
{% csrf_token %}
{{ register_form.captcha }}
<input type="submit" />
<button class='js-captcha-refresh'>刷新图片</button>
</form>
</div>
urlpatterns += [
path('captcha/', include('captcha.urls')),
]
上一篇: 遇到简单的token加密