時間:2022-08-06 19:24:01 | 來源:網(wǎng)站運(yùn)營
時間:2022-08-06 19:24:01 來源:網(wǎng)站運(yùn)營
Author: 廖長江
在線咨詢
/etc/ssh/sshd_config 加入 GatewayPorts yesssh -R 0.0.0.0:80:localhost:8080 user@server_hostcodedef get_wx_authorize_url(appid : str, state: str = None): if state is None: state = "".join([random.choice(string.ascii_letters + string.digits) for _ in range(20)]) redirect_url = 'your callback url' # 回調(diào)鏈接,在這里面進(jìn)行用戶信息入庫的操作 response_type = 'code' scope = 'snsapi_userinfo' wx_url = f"https://open.weixin.qq.com/connect/oauth2/authorize?appid={appid}&redirect_uri={redirect_url}&response_type={response_type}&scope={scope}&state={state}#wechat_redirect" return wx_urlcode 換取 access_token 和 openiddef request_access_token(appid : str, secret : str, code: str): secret = settings.WX_SECRET api = f"https://api.weixin.qq.com/sns/oauth2/access_token?appid={appid}&secret={secret}&code={code}&grant_type=authorization_code" r = requests.get(api) return r.json()access_token 換取 用戶信息def request_userinfo(access_token: str, openid: str): api = f"https://api.weixin.qq.com/sns/userinfo?access_token={access_token}&openid={openid}&lang=zh_CN" r = requests.get(api) return r.json()ISO-8859-1,需要轉(zhuǎn)換成 utf-8。def convert_string_encoding(s: str, from_encoding: str, to_encoding: str) -> str: """先根據(jù) from_encoding 轉(zhuǎn)換成bytes,然后在 decode 為 to_encoding 的字符串 """ return bytes(s, encoding=from_encoding).decode(to_encoding)nickname = convert_string_encoding(resp['nickname'], 'ISO-8859-1', 'utf-8')state 為 key。from app.models import WXUser, RedirectUrlfrom utils import get_wx_authorize_url, get_random_stringfrom django.shortcuts import redirectdef login_required(func): def wrapper(request, *args, **kwargs): openid = request.openid try: user = WXUser.objects.get(openid=openid) request.wxuser = user except WXUser.DoesNotExist: state = get_random_string() redirect_url = get_wx_authorize_url(state=state) # 存儲跳轉(zhuǎn)鏈接 try: r = RedirectUrl.objects.get(state=state) except RedirectUrl.DoesNotExist: r = RedirectUrl() r.state = state origin_url = request.get_raw_uri() r.url = origin_url r.save() return redirect(redirect_url) return func(request, *args, **kwargs) return wrapper然后在我們設(shè)置的回調(diào)接口(會帶上 code 和 state)里面,就可以通過 state 從數(shù)據(jù)庫里獲取原鏈接。class RedirectUrl(BaseModel): state = models.TextField(unique=True) url = models.TextField()session,那可以講另一個故事了,這里不贅述了。HTTP_AUTHORIZATION (請求頭中的 Authorization 字段)或者 key 為jwttoken 的 cookie 中抽取出 jwt token,從中解析出 openid,添加到 request 變量中,之后就可以在后續(xù)的 views里面通過 request.openid 直接獲取 openid 了。def jwt_decode(token: Union[str, bytes]) -> tuple: """ :param token : 可以是 bytes 也可以是 str,如果是 str,會先 encode 轉(zhuǎn)成 bytes :return: 第一個參數(shù)為 payload,第二個參數(shù)為異常類型 """ if isinstance(token, str): token = token.encode() secret = settings.JWT_SECRET try: return jwt.decode(token, secret, algorithms=["HS256"]), None except Exception as e: # 統(tǒng)一捕捉異常: # jwt.exceptions.DecodeError # jwt.exceptions.InvalidSignatureError # jwt.exceptions.ExpiredSignatureError return None, eclass JWTAuthMiddleware(object): """ 小程序認(rèn)證中間件 """ def __init__(self, get_response=None): self.get_response = get_response def __call__(self, request, *args, **kws): token = self.get_authorization_header(request) payload, error = jwt_decode(token) if not error: openid = payload['openid'] request.openid = openid else: request.openid = None response = self.get_response(request, *args, **kws) return response def get_authorization_header(self, request): """ 從 AUTHORIZATION 請求頭或者cookie 中獲取 jwt code cookie 的 jwt code 的 key 為 jwtcode :param request: :return: rawtoken """ auth_header = request.META.get('HTTP_AUTHORIZATION', '') cookie = request.COOKIES rawtoken = None if auth_header != "": try: rawtoken = auth_header.split(" ")[1] except IndexError as e: pass if 'jwttoken' in cookie: rawtoken = cookie['jwttoken'] return rawtoken
