0

我今天来找您的问题似乎很烦人并困扰了我 1 周(也许更多)。

我实现了 Flask 和 Flask-JWT 来创建一个令牌并在我的网络应用程序的不同部分使用它。过程是:用户将凭据放在表单上,​​当他登录时,通过向 Flask-JWT /auth 端点发出 POST 请求来创建令牌。

问题是 :

  • 当用户登录时,代码的令牌创建部分(对 /auth 端点的 POST 请求)似乎处于无限循环中。

代码停在:“ r = requests.post(url, headers=headers, data=payload)

有趣的是,如果用户登录并转到 /auth 端点之后,它就会创建令牌。

有人已经有这个问题了吗?

谢谢

项目/config.py

JWT_EXPIRATION_DELTA = timedelta(seconds=900)
JWT_AUTH_URL_RULE = "/api/v1/auth"

SECURITY_PASSWORD_HASH = 'pbkdf2_sha512'
SECURITY_TRACKABLE = True
SECURITY_PASSWORD_SALT = "xxxx"

WTF_CSRF_ENABLED = True
WTF_CSRF_SECRET_KEY = "xxxx"

项目/应用程序/初始化.py

from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_login import LoginManager, login_required
from flask_bcrypt import Bcrypt
from flask_security import Security, SQLAlchemyUserDatastore, \
    UserMixin, RoleMixin, login_required
from flask_jwt import JWT, jwt_required
import os

app = Flask(__name__)
app.config.from_object('config')
bcrypt = Bcrypt(app)
db = SQLAlchemy(app)

# To have random secret key
secret_key = os.urandom(24)
app.secret_key = secret_key

from textr import views, models
from search_number import views
from buy_number import views
from users import views, models
from sms_receiver import views, models
from sms_sender import views, models
from phone_number import models, views

from users.models import User, Role

# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)

login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "login"

@login_manager.user_loader
def load_user(user_id):
    return User.query.filter(User.id == int(user_id)).first()

from textr.tools import retreive_user, verify_password

def authenticate(username, password):
    user = retreive_user(username)
    if verify_password(username, password):
        return user

def identity(payload):
    return User.query.filter(User.id == payload['identity']).scalar()

jwt = JWT(app, authenticate, identity)

项目/应用程序/用户/views.py

from flask_jwt import jwt_required, JWT
from models import User
from error_handling import error_400
from flask import Flask, request, render_template, jsonify, session, redirect, url_for, flash
import json
import requests

@app.route("/api/v1/login", methods=["GET", "POST"])
def login():
    error = None

    if request.method == 'POST':
        json_data = request.json
        if not json_data:
            username = request.form['username']
            password = request.form['password']
        else:
            username = json_data['username']
            password = json_data['password']

        if not check_user_present(username):
            return error_400('Error', 'User not found', 404)

        if verify_password(username, password):
            flash('Logged in successfully.')
            user = retreive_user(username)
            login_user(user)

            # Infos to create POST request for Token
            payload = ({'username':username, 'password':password})
            url = "http://127.0.0.1:8080/api/v1/auth"
            headers = {'Content-Type': 'application/json', 'charset': 'utf-8'}

            # Token creation
            r = requests.post(url, headers=headers, data=payload)
            response = r.json()

            if (r.status_code is 200):
                token = response['user']['authentication_token']
                session['api_session_token'] = token)
        else:
            flash('Wrong credentials!')
            return error_400('Error', 'Wrong credentials', 401)

    return render_template('users/login.html')
4

0 回答 0