装AES API验证模块
python 3.5 pip3 install wheel 进入目录: pip3 install pycrypto-2.6.1-cp35-none-win32.whl
python 3.6 pip3 install pycryptodome
client
import time import requests import hashlib ctime = time.time() key = "asdfasdfasdfasdf098712sdfs" new_key = "%s|%s" %(key,ctime,) m = hashlib.md5() m.update(bytes(new_key,encoding='utf-8')) md5_key = m.hexdigest() md5_time_key = "%s|%s" %(md5_key,ctime) response = requests.get("http://127.0.0.1:8000/api/asset.html",headers={'OpenKey':md5_time_key}) print(response.text)
server
import time from django.shortcuts import render,HttpResponse from repository import models from django.conf import settings # redis/Memcache 缓存工具 api_key_record = { # "1b96b89695f52ec9de8292a5a7945e38|1501472467.4977243":1501472477.4977243 } def asset(request): client_md5_time_key = request.META.get('HTTP_OPENKEY') client_md5_key,client_ctime = client_md5_time_key.split('|') client_ctime = float(client_ctime) server_time = time.time() # 第一关 if server_time-client_ctime > 10: return HttpResponse('【第一关】小伙子,别唬我,太长了') # 第二关 temp = "%s|%s" %(settings.AUTH_KEY,client_ctime,) m = hashlib.md5() m.update(bytes(temp,encoding='utf-8')) server_md5_key = m.hexdigest() if server_md5_key != client_md5_key: return HttpResponse('【第二关】小子,你是不是修改时间了') for k in list(api_key_record.keys()): v = api_key_record[k] if server_time > v: del api_key_record[k] # 第三关: if client_md5_time_key in api_key_record: return HttpResponse('【第三关】有人已经来过了...') else: api_key_record[client_md5_time_key] = client_ctime + 10 return HttpResponse('认证成功')