| 1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- from rest_framework_jwt.serializers import jwt_encode_handler, jwt_decode_handler
- from rest_framework.authentication import BaseAuthentication
- from rest_framework.exceptions import AuthenticationFailed
- import jwt
- from .AESencipher import aescrypt
- PrAes = aescrypt('yf7232275', 'ECB', '', 'gbk')
- def get_token(user):
- data = str(user.id) + "," + user.username + "," + str(user.user_modules)
- data = PrAes.aesencrypt(data)
- payload = {"token": data}
- token = jwt_encode_handler(payload)
- return token
- class MyJWTAuthentication(BaseAuthentication):
- def authenticate(self, request):
- token = request.META.get('HTTP_AUTHORIZATION')
- if token:
- try:
- payload = jwt_decode_handler(token)
- data = payload["token"]
- if '%2B' in data or " " in data:
- data = str(data).replace("%2B", "+").replace(" ", "+")
- data = PrAes.aesdecrypt(data)
- data_list = data.split(",")
- user = {"uid": data_list[0], "username": data_list[1], "user_modules": data_list[2]}
- return (user, token)
- except jwt.ExpiredSignature:
- msg = 'token过期'
- raise AuthenticationFailed(msg)
- except jwt.DecodeError:
- msg = 'toke非法'
- raise AuthenticationFailed(msg)
- except jwt.InvalidTokenError:
- msg = '用户非法'
- raise AuthenticationFailed(msg)
- except Exception as e:
- msg = str(e)
- raise AuthenticationFailed(msg)
- raise AuthenticationFailed('token为空')
|
