<pre>
# 导入必要的库
from flask import Flask, request, jsonify
import jwt
from datetime import datetime, timedelta
# 初始化Flask应用
app = Flask(__name__)
# 设置密钥用于签名JWT
SECRET_KEY = 'your_secret_key'
# 用户数据库模拟
users_db = {
"user1": {"username": "user1", "password": "pass1"},
"user2": {"username": "user2", "password": "pass2"}
}
# 创建JWT令牌
def create_token(username):
payload = {
'exp': datetime.utcnow() + timedelta(hours=1),
'iat': datetime.utcnow(),
'sub': username
}
return jwt.encode(payload, SECRET_KEY, algorithm='HS256')
# 验证JWT令牌
def validate_token(token):
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=['HS256'])
return payload['sub']
except jwt.ExpiredSignatureError:
return None
except jwt.InvalidTokenError:
return None
@app.route('/login', methods=['POST'])
def login():
data = request.get_json()
user = users_db.get(data.get('username'))
if user and user['password'] == data.get('password'):
token = create_token(user['username'])
return jsonify({'token': token}), 200
else:
return jsonify({'error': 'Invalid credentials'}), 401
@app.route('/protected', methods=['GET'])
def protected():
token = request.headers.get('Authorization')
if not token:
return jsonify({'error': 'Authentication token is missing'}), 401
username = validate_token(token)
if not username:
return jsonify({'error': 'Invalid token'}), 401
return jsonify({'message': f'Welcome {username}!'})
if __name__ == '__main__':
app.run(debug=True)
</pre>