1.JWT概念
2.python实现JWT
python2.7实现
py2环境下调用hmac模块,需要注意的是,3.4版本前,默认的digestmod都是hashlib.md5的摘要算法,所以此参数可以不填
# 如果你们的项目有祖传py2的代码参考如下
import time
import json
import hmac
import base64
header = {
"typ": "JWT",
"alg": "MD5"
}
payload = {
"user_id": 1001,
"user_role": "admin",
"iat": 1637569309,
"exp": 1637569309 + 3600 # expire after 60min
}
secret_key = 'todayissunday'
def b64_encode(s):
return base64.b64encode(s)
def b64_decode(s):
return base64.b64decode(s)
# 造轮子
def encode_(secret, header, payload):
header_json = json.dumps(header,separators=(',', ':'), sort_keys=True)
payload_json = json.dumps(payload, separators=(',', ':'), sort_keys=True)
segments = []
segments.append(b64_encode(header_json))
segments.append(b64_encode(payload_json))
msg = b'.'.join(segments)
hm = hmac.new(secret, msg) # digestmod=None 认用hashlib.md5
hm_base64 = b64_encode(hm.digest())
segments.append(hm_base64)
token = b'.'.join(segments)
print("JWT: ", token)
return token
def decode_(token, secret):
# valid signature
header_bs, payload_bs, signature_bs = token.split(b'.')
hm = hmac.new(secret, header_bs + b'.' + payload_bs) # 默认用hashlib.md5
input_hm = b64_encode(hm.digest())
if signature_bs != input_hm:
raise Exception
# valid expire time
payload_js = b64_decode(payload_bs)
payload = json.loads(payload_js)
now = time.time() # 当前时间
if int(now) > int(payload["exp"]):
raise Exception("time expires")
print(payload)
return payload
if __name__ == "__main__":
token = encode_(secret_key,header,payload)
decode_(token, secret_key)