Flask 学习-24.用户注册(sha256_crypt对密码加密)
Posted 上海-悠悠
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Flask 学习-24.用户注册(sha256_crypt对密码加密)相关的知识,希望对你有一定的参考价值。
前言
用户注册的时候,密码需要加密保存,这里使用 passlib 库对密码进行hash。
环境准备
需用到passlib 库,使用pip安装
pip install passlib
passlib 库里面会用到2个方法
- encrypt() - 生成新的值,返回密码哈希
- verify() - 根据现有哈希验证密码.
User表
先设计注册表
from . import db
from passlib.hash import sha256_crypt
class Users(db.Model):
__tablename__ = 'user' # 数据库表名
id = db.Column(db.Integer, primary_key=True, autoincrement=True)
username = db.Column(db.String(50), unique=True, nullable=False)
password = db.Column(db.String(128), nullable=False)
is_active = db.Column(db.Boolean, default=1)
email = db.Column(db.String(64), nullable=True)
def hash_password(self, password):
"""密码加密"""
self.password = sha256_crypt.encrypt(password)
def verify_password(self, password):
"""校验密码"""
return sha256_crypt.verify(password, self.password)
同步到数据库
flask db migrate # ⽣成迁移版本, 保存到迁移文件夹中
flask db upgrade # 执行迁移
get_json() 获取请求的json参数
如果请求头部是Content-Type: application/json
,那么可以用request.json()
获取到请求的参数,得到一个字典对象
get_json() 源码相关介绍
def get_json(
self, force: bool = False, silent: bool = False, cache: bool = True
) -> t.Optional[t.Any]:
"""Parse :attr:`data` as JSON.
If the mimetype does not indicate JSON
(:mimetype:`application/json`, see :attr:`is_json`), or parsing
fails, :meth:`on_json_loading_failed` is called and
its return value is used as the return value. By default this
raises a 400 Bad Request error.
:param force: Ignore the mimetype and always try to parse JSON.
:param silent: Silence mimetype and parsing errors, and
return ``None`` instead.
:param cache: Store the parsed JSON to return for subsequent
calls.
.. versionchanged:: 2.1
Raise a 400 error if the content type is incorrect.
"""
request 还有个 json 属性也可以获取到请求的json参数, json属性不需要加括号,如下
data = request.json
print(f'请求入参:data')
注册接口开发
开发 restful 风格接口
from apps import create_app, db
from flask import url_for, request, jsonify
from flask_restful import reqparse, abort, Api, Resource
from apps.models import Users
app = create_app()
api = Api(app)
class Register(Resource):
def post(self):
# 获取入参
data = request.get_json()
print(f'请求入参:data')
username = data.get("username")
password = data.get("password")
if not username or not password:
return jsonify("code": 111, "msg": "账号或密码不能为空")
# 查询,判断是否已存在
if Users.query.filter_by(username=username).first() is not None:
print('existing user')
return jsonify("code": 222, "msg": "账号已存在")
user = Users(username=username)
user.hash_password(password)
db.session.add(user)
db.session.commit()
return jsonify(
"code": 0,
"msg": "success",
"data": "username": username
)
# 注册
api.add_resource(Register, '/api/v1/register')
if __name__ == '__main__':
app.run()
测试接口
测试注册接口
POST http://127.0.0.1:5000/api/v1/register HTTP/1.1
User-Agent: Fiddler
Host: 127.0.0.1:5000
Content-Type: application/json
Content-Length: 54
"username": "test",
"password": "123456"
接口返回
HTTP/1.1 200 OK
Server: Werkzeug/2.2.2 Python/3.8.5
Date: Tue, 30 Aug 2022 06:50:58 GMT
Content-Type: application/json
Content-Length: 77
Connection: close
"code": 0,
"data":
"username": "test"
,
"msg": "success"
查看数据库
以上是关于Flask 学习-24.用户注册(sha256_crypt对密码加密)的主要内容,如果未能解决你的问题,请参考以下文章
将 sha256sum 的结果读入 bash 变量 [重复]
解决“from sha3 import keccak_256“包引用问题
OpenSSL 1.1.1 PSK TLS1.3 - TLS_256_GCM_SHA384 密码套件没有合适的签名算法错误