[英]Use JWT with TurboGears2
I'm currently stopped in my work because of some authentication work on a project. 我目前由于某个项目的身份验证工作而停止工作。 I set up a REST API, which needs to have a JWT authentication system. 我设置了一个REST API,该API需要具有JWT身份验证系统。 Some work was already done and I overrode it. 已经完成了一些工作,我否决了。 So the library used was Python's TurboGears2, and I used PyJWT to manage tokens. 因此使用的库是Python的TurboGears2,而我使用PyJWT来管理令牌。
My WS and the token's creation works well. 我的WS和令牌的创建效果很好。 The post method with auth info JSON request's body can create a token, that's sent in the response. 具有auth info JSON请求主体的post方法可以创建令牌,该令牌在响应中发送。 But after that, when I do a ' GET ' request on the restricted resource, I can't retrieve the token. 但是之后,当我在受限资源上执行“ GET ”请求时,我无法检索令牌。
What I do: send a GET request to the restricted resource, with " Authorization : Bearer < TOKEN >" in request headers. 我的工作:将GET请求发送到受限资源,并在请求标头中添加“ Authorization :Bearer < TOKEN >”。
But when I do a 'request.authorization' in my web service function, I always get 'None'. 但是,当我在Web服务功能中执行“ request.authorization”时,总是得到“ None”。 Do I need to set up a full auth system using TurboGears to access this header? 我需要使用TurboGears设置完整的身份验证系统来访问此标头吗? thanks for help 感谢帮助
Where are you trying to access the request.authorization
from? 您在哪里尝试访问request.authorization
?
I tried with a newly quickstarted application and modified the index to print the authorization header: 我尝试了新启动的应用程序,并修改了索引以打印授权标头:
@expose('testauth.templates.index')
def index(self):
"""Handle the front-page."""
print(request.authorization)
return dict(page='index')
And I sent the authorization header from Postman
. 然后,我从Postman
发送了授权标头。
It worked fine and printed my test header 它工作正常并打印了我的测试头
Authorization(authtype='Bearer', params='HELLO')
I also tried to disable any auth_backend
so that authentication is disabled and it still works as expected. 我还尝试禁用任何auth_backend
以便禁用身份验证,并且仍可以按预期工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.