在MYSQL数据库day20中创建user表,表结构如下所示:
将用户的token和name写入到数据库表user中:
将原本代码迭代为从数据库中读取授权码,验证API的访问权限:
import hashlib
import pymysql
from flask import Flask, request, jsonify
app = Flask(__name__)# 连接MySQL,执行SQL查询语句,返回结果
def fetch_one(sql,params):conn = pymysql.connect(host='127.0.0.1', port=3306, user='root', passwd='rootpassword', charset="utf8", db='day20')cursor = conn.cursor()#cursor.execute("select * from user where token=%s", [token, ])cursor.execute(sql, params)result = cursor.fetchone()cursor.close()conn.close()print("result", result)return result@app.route("/bili", methods=["POST"])
def bili():"""请求URL中携带/bili?token=...请求的数据格式要求:{ "ordered_string":"......" }:return:"""# 1.token是否为空token = request.args.get("token")print("token", token)if not token:return jsonify({"status":False , 'error':"认证失败"})# 从数据库表中读取授权码的情况# 连接MYSQL执行命令,验证token是否合法result = fetch_one("select * from user where token=%s", [token, ])if not result:return jsonify({"status": False, "error": "认证失败"})ordered_string = request.json.get("ordered_string")if not ordered_string:return jsonify({"status": False, "error": "参数错误"})# 调用核心算法,生成sign签名encrypt_string = ordered_string + "560c52ccd288fed045859ed18bffd973"obj = hashlib.md5(encrypt_string.encode('utf-8'))sign = obj.hexdigest()# 返回签名return jsonify({"status": True, "data": sign})if __name__ == '__main__':app.run(host="127.0.0.1",port=5000)通过postman对编码进行测试:
