Python 发送curl请求时,使用bcrypt driver.db进行Eve身份验证时出错
我使用bcrypt对我的资源进行身份验证,并在mydatabase中使用用户名和密码存储帐户。我已将密码以哈希形式手动存储在数据库中,如下所示:Python 发送curl请求时,使用bcrypt driver.db进行Eve身份验证时出错,python,rest,curl,flask,eve,Python,Rest,Curl,Flask,Eve,我使用bcrypt对我的资源进行身份验证,并在mydatabase中使用用户名和密码存储帐户。我已将密码以哈希形式手动存储在数据库中,如下所示: curl -u username 127.0.0.1:5000/people 我启动了python bash并输入了以下代码: import bcrypt password = u'passwordtobehashed' password_hashed = bcrypt.hashpw(password, bcrypt.gensalt()) print
curl -u username 127.0.0.1:5000/people
我启动了python bash并输入了以下代码:
import bcrypt
password = u'passwordtobehashed'
password_hashed = bcrypt.hashpw(password, bcrypt.gensalt())
print (password_hashed)
然后,我复制了打印输出,并通过POST请求将其存储在account表中(没有身份验证):
我使用SQLAlchemy,eve也是最新的(版本:0.7.1)。
例如,我请求使用Bcrypted身份验证的人员资源,如下所示:
curl -u username 127.0.0.1:5000/people
然后我输入密码,出现以下错误:
File "/home/vagrant/erpghost/restapi/oldtrivial.py", line 57, in check_auth
accounts = app.data.driver.db['account']
AttributeError: 'SQLAlchemy' object has no attribute 'db'
由于某些原因,db属性不可用。我还尝试使用Eve.app.data.driver.db,并尝试从flask导入当前的_应用程序,但都没有成功
这是我的代码:
OldTriple.py
tables.py
设置.py
希望有人能帮我。以下几点应该行得通:
from flask import current_app
from tables import Account
# ...
def check_auth(...):
session = current_app.data.driver.session
return session.query(Account) \
.filter(Account.username == username,
Account.password == hashed_password) \
.count() > 0
我猜你试着模仿我的代码?这是为了使用MongoDB而不是SQLAlchemy
from sqlalchemy.orm import column_property
from sqlalchemy import Column, Integer, String, DateTime, func, ForeignKey
from connection import connect
from eve.auth import BasicAuth
from connection import Base
from sqlalchemy.orm import relationship
con, meta = connect()
class CommonColumns(Base):
__abstract__ = True
_created = Column(DateTime, default=func.now())
_updated = Column(DateTime, default=func.now(), onupdate=func.now())
_etag = Column(String(40))
class People(CommonColumns):
__tablename__ = 'people'
_id = Column(Integer, primary_key=True, autoincrement=True)
firstname = Column(String(80))
lastname = Column(String(120))
fullname = column_property(firstname + " " + lastname)
class Roles(CommonColumns):
__tablename__ = 'roles'
_id = Column(Integer, primary_key=True, autoincrement=True)
role = Column(String(80))
class Account(CommonColumns):
__tablename__ = 'account'
_id = Column(Integer, primary_key=True, autoincrement=True)
username = Column(String(50), nullable=False, unique=True)
password = Column(String(200), nullable=False)
roles = relationship("Roles", backref="account")
roles_id = Column(Integer, ForeignKey('roles._id'))
from eve_sqlalchemy.decorators import registerSchema
from eve.utils import config
from tables import People
from tables import Account
from tables import Roles
registerSchema('people')(People)
registerSchema('roles')(Roles)
registerSchema('account')(Account)
DOMAIN = {
'people': People._eve_schema['people'],
'roles': Roles._eve_schema['roles'],
'account': Account._eve_schema['account'],
}
DOMAIN['account'].update({
'additional_lookup': {
'url': 'regex("[\w]+")',
'field': 'username'
},
'cache_control': '',
'cache_expires': 0,
'allowed_roles': ['superuser', 'admin'],
'authentication': None,
})
SQLALCHEMY_DATABASE_URI = 'postgresql://databaseuser:password@localhost:5432/database'
RESOURCE_METHODS = ['GET', 'POST']
ITEM_METHODS = ['GET', 'DELETE', 'PATCH', 'PUT']
DEBUG = True
config.ID_FIELD = config.ITEM_LOOKUP_FIELD = '_id'
DOMAIN['people']['id_field'] = config.ID_FIELD
DOMAIN['roles']['id_field'] = config.ID_FIELD
DOMAIN['account']['id_field'] = config.ID_FIELD
from flask import current_app
from tables import Account
# ...
def check_auth(...):
session = current_app.data.driver.session
return session.query(Account) \
.filter(Account.username == username,
Account.password == hashed_password) \
.count() > 0