我正在使用以下代码来测试 Flask JWT。
from flask import Flask, jsonify, request
from flask_jwt_extended import (
JWTManager, jwt_required, create_access_token,
get_jwt_identity
)
app = Flask(__name__)
# Setup the Flask-JWT-Extended extension
app.config['JWT_SECRET_KEY'] = 'super-secret' # Change this!
jwt = JWTManager(app)
# Provide a method to create access tokens. The create_access_token()
# function is used to actually generate the token, and you can return
# it to the caller however you choose.
@app.route('/login', methods=['POST'])
def login():
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
username = request.json.get('username', None)
password = request.json.get('password', None)
if not username:
return jsonify({"msg": "Missing username parameter"}), 400
if not password:
return jsonify({"msg": "Missing password parameter"}), 400
if username != 'test' or password != 'test':
return jsonify({"msg": "Bad username or password"}), 401
# Identity can be any data that is json serializable
access_token = create_access_token(identity=username)
return jsonify(access_token=access_token), 200
# Protect a view with jwt_required, which requires a valid access token
# in the request to access.
@app.route('/protected', methods=['GET'])
@jwt_required
def protected():
# Access the identity of the current user with get_jwt_identity
current_user = get_jwt_identity()
return jsonify(logged_in_as=current_user), 200
if __name__ == '__main__':
app.run()
通过使用 POSTMAN,我可以获得以下 access_token
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1ODkxMTg0MTcsIm5iZiI6MTU4OTExODQxNywianRpIjoiNDEwNzFlZjItZTE3OC00YzhkLThjN2ItNWIwN2MxNGNkYzI2IiwiZXhwIjoxNTg5MTE5MzE3LCJpZGVudGl0eSI6InRlc3QiLCJmcmVzaCI6ZmFsc2UsInR5cGUiOiJhY2Nlc3MifQ.A1C1vMXnXt4IWO8j4H4LH6caxCqBg19lOEoVHhYnIyU"
}
但是当我想使用带有标头的 GET 访问 /protected 页面时
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1ODkxMTg0MTcsIm5iZiI6MTU4OTExODQxNywianRpIjoiNDEwNzFlZjItZTE3OC00YzhkLThjN2ItNWIwN2MxNGNkYzI2IiwiZXhwIjoxNTg5MTE5MzE3LCJpZGVudGl0eSI6InRlc3QiLCJmcmVzaCI6ZmFsc2UsInR5cGUiOiJhY2Nlc3MifQ.A1C1vMXnXt4IWO8j4H4LH6caxCqBg19lOEoVHhYnIyU
我在 POSTMAN 中收到此错误。任何有关如何解决该问题的建议将不胜感激。
{
"msg": "Bad Authorization header. Expected value 'Bearer <JWT>'"
}
找到了答案。几天来一直遇到这个问题。解决方案是在 POSTMAN 中,不要添加
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1ODkxMTg0MTcsIm5iZiI6MTU4OTExODQxNywianRpIjoiNDEwNzFlZjItZTE3OC00YzhkLThjN2ItNWIwN2MxNGNkYzI2IiwiZXhwIjoxNTg5MTE5MzE3LCJpZGVudGl0eSI6InRlc3QiLCJmcmVzaCI6ZmFsc2UsInR5cGUiOiJhY2Nlc3MifQ.A1C1vMXnXt4IWO8j4H4LH6caxCqBg19lOEoVHhYnIyU
到标题中。您需要进入 POSTMAN 中的“授权”选项卡,选择“承载”并在字段中输入令牌。这是将令牌添加为不记名令牌的方法。这将解决问题。谢谢。
| 归档时间: |
|
| 查看次数: |
4770 次 |
| 最近记录: |