代码如下:
# -*- coding: utf-8 -*- from passlib.apps import custom_app_context as pwd_context import config import MySQLdb,datetime from itsdangerous import TimedJSONWebSignatureSerializer as Serializer, BadSignature, SignatureExpired class QXPasswd(object): def __init__(self, password): self.password = password def generate_password(self): password_hash = pwd_context.encrypt(self.password) return password_hash def verify_password(self, password_hash): return pwd_context.verify(self.password, password_hash) class QXToken(object): def __init__(self, name): self.name = name def generate_auth_token(self, expiration = 3600): s = Serializer(config.SECRET_KEY, expires_in = expiration) return s.dumps({'name': self.name }) def verify_auth_token(self, token): s = Serializer(config.SECRET_KEY) try: data = s.loads(token) except SignatureExpired: return None # valid token, but expired except BadSignature: return None # invalid token return data['name'] == self.name #插入一条用户密码加密的数据 ''' conn = MySQLdb.connect(host="localhost", user="root", passwd="", db='qixin', port=3306, charset="utf8") cursor = conn.cursor() now = datetime.datetime.now() currentTime = now.strftime("%Y-%m-%d %H:%M:%S") sql = "insert into qx_user(username,password,addTime) values(%s, %s, %s)" u = QXPasswd('123456') value = ['zl', u.generate_password(), currentTime] cursor.execute(sql, value) conn.commit() ''' #验证用户密码正确性 ''' conn = MySQLdb.connect(host="localhost", user="root", passwd="", db='qixin', port=3306, charset="utf8") cursor = conn.cursor() sql="select username, password from qx_user where username = 'zl'" cursor.execute(sql) row = cursor.fetchone() u = QXPasswd('123456') print u.verify_password(row[1]) ''' #生成用户token ''' token = QXToken('zl') print token.generate_auth_token() ''' #验证token token = QXToken('zl') print token.verify_auth_token('eyJhbGciOiJIUzI1NiIsImV4cCI6MTQ2NDI1NzI4OCwiaWF0IjoxNDY0MjUzNjg4fQ.eyJuYW1lIjoiemwifQ.iVlCfzIk5YMXhlzO3lOqHBBtYTiJV3_ze8wUR80GWAc')
完毕。