Flask-Restx 和 Swagger 授权在标题中发送不正确的令牌
[英]Flask-Restx & Swagger Authorizations Sending Incorrect Token in Header
问题描述
I have a Flask REST API that is using Flask-Restx, and JWT token authentication and is working making calls out of postman.
我有一个使用 Flask-Restx 和 JWT 令牌身份验证的 Flask REST API,并且正在通过邮递员进行呼叫。 However, when I am trying to use swagger, the token being sent is not the one I am inputting through the interface.但是,当我尝试使用 swagger 时,发送的令牌不是我通过界面输入的令牌。 My code looks like the following:我的代码如下所示:
blueprint = Blueprint('api_bp', __name__, url_prefix='/api/1')
authorizations = {
'api_key' : {
'type' : 'apiKey',
'in' : 'header',
'name' : 'x-access-token'
}
}
api = Api(blueprint,
authorizations=authorizations,
title='My Title',
version='1.0',
security='api_key'
)
from timesheets.views.api_bp import api as ns1
np = api.namespace('index', description='Index API')
def token_required(f):
@wraps(f)
def decorated(*args, **kwargs):
...
@np.route('/users')
class Users(Resource):
@api.doc(security='api_key')
@token_required
def get(self, current_user):
...
return jsonify({'user' : output})
Then on the swagger page, I can enter my auth token:然后在 swagger 页面上,我可以输入我的身份验证令牌:
and I can see that the correct x-access-token is placed in the curl call when I "Try it out."当我“试一试”时,我可以看到在 curl 调用中放置了正确的 x-access-token。
But if I look into my request headers, every time I get the same x-access-token that is sent to my server:但是,如果我查看我的请求标头,每次我收到发送到我的服务器的相同 x-access-token 时:
So, where is this token being generated from?那么,这个令牌是从哪里生成的? And how do I ensure I am only using the token I am passing through the interface?我如何确保我只使用我通过接口传递的令牌?
1 个解决方案
解决方案1
0 已采纳 2020-09-29 05:31:21
复查返回的是同一个key,在代码中发现输入的值被我之前介绍的测试数据覆盖了
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.