| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- import jwt
- from fastapi import FastAPI, HTTPException, Depends, Request
- from pydantic import BaseModel
- from fastapi.responses import JSONResponse
- from test.config import JWT_SECRET_KEY, HOST, PORT
- import uvicorn
- app = FastAPI()
- class ScanCode(BaseModel):
- code: str
- scopes: str
- # 解码并验证JWT
- def decode_jwt(token: str):
- try:
- payload = jwt.decode(token, JWT_SECRET_KEY, algorithms=["HS256"])
- return ScanCode(username=payload.get("sub"))
- except jwt.PyJWTError as e:
- raise HTTPException(status_code=403, detail="Invalid or expired token")
- # 登录端点
- @app.post("/login")
- async def login(user: ScanCode):
- # 在这里验证user_credentials(例如,检查username和密码)
- # 如果凭证有效,生成并返回token
- access_token = jwt.encode({"sub": user.username}, JWT_SECRET_KEY, algorithm="HS256")
- return {"token": access_token}
- from fastapi.security import OAuth2PasswordBearer
- oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
- # 创建一个依赖项来获取当前活动用户
- def get_current_user(token: str = Depends(oauth2_scheme)):
- current_user = decode_jwt(token)
- return current_user
- # 受保护资源示例
- @app.get("/account")
- async def read_account(current_user: User = Depends(oauth2_scheme)):
- # 在这里返回当前用户的信息
- return {"nickname": current_user.username, "avatar": "https://p26.douyinpic.com/aweme/100x100/aweme-avatar/tos-cn-i-0813_66c4e34ae8834399bbf967c3d3c919db.jpeg?from=4010531038"}
- # 其他受保护的资源...
- # 启动应用
- def main():
- uvicorn.run(app, host=None, port=PORT, log_level="info")
- if __name__ == "__main__":
- main()
|
