1. 首頁
  2. 問答
  3. 嘗試使用stormpath

嘗試使用stormpath

2016-05-22 47 views
4

我的代碼來實現的OAuth /基於令牌登錄:嘗試使用stormpath

  from stormpath.api_auth import ApiRequestAuthenticator 
      import base64 

      application = app.stormpath_manager.application 
      account = application.accounts[0] # random account 
      new_api_key = account.api_keys.create() 
      authenticator = ApiRequestAuthenticator(application) 
      uri = 'dont_care' 
      http_method = 'GET' 
      headers = { 
       'Authorization': 'Basic ' + base64.b64encode(new_api_key.id + ":" + new_api_key.secret) 
      } 
      result = authenticator.authenticate(headers=headers, http_method=http_method, uri=uri, body={}, scopes=[]) 
      print result.api_key #<ApiKey href=https://api.stormpath.com/v1/apiKeys/bla_bla> 
      print result.account # [email protected] 
      print result.token # None

我缺少什麼? 我的代碼是基於this part of the documentation.

來源

2016-05-22 WebQube

回答

0

Heyo,我這個庫的作者,所以想我會跳在這裏=)

你會想要做的就是這樣的事情。我假設你正試圖做一個基於用戶名/密碼的登錄,而不是API密鑰登錄,對嗎? (EG:你有一個前端客戶端像角,或移動應用使這些要求?)

如果是這樣,你可以完成你想要使用我的例子在這裏什麼:

from os import environ 

from stormpath.api_auth import PasswordGrantAuthenticator 
from stormpath.client import Client 


STORMPATH_CLIENT_APIKEY_ID = environ['STORMPATH_CLIENT_APIKEY_ID'] 
STORMPATH_CLIENT_APIKEY_SECRET = environ['STORMPATH_CLIENT_APIKEY_SECRET'] 
STORMPATH_APPLICATION_NAME = environ['STORMPATH_APPLICATION_NAME'] 
STORMPATH_USER_EMAIL = environ['STORMPATH_USER_EMAIL'] 
STORMPATH_USER_PASSWORD = environ['STORMPATH_USER_PASSWORD'] 


client = Client(id=STORMPATH_CLIENT_APIKEY_ID, secret=STORMPATH_CLIENT_APIKEY_SECRET) 
application = client.applications.query(name=STORMPATH_APPLICATION_NAME)[0] 


authenticator = PasswordGrantAuthenticator(app=application) 
result = authenticator.authenticate(STORMPATH_USER_EMAIL, STORMPATH_USER_PASSWORD) 

if result: 
    print('Access Token: {}'.format(result.access_token)) 
    print('Refresh Token: {}'.format(result.refresh_token)) 
else: 
    print('Invalid credentials supplied.')

來源

2016-05-23 16:13:56 rdegges

+0

感謝您的快速反應!我實際上想要實現一個基於令牌的登錄vs用戶密碼。我真的成功了,但現在我正在努力與高響應時間(800毫秒)。將寫在不同的問題。 – WebQube

+1

請回顧並告訴我,如果您在我的回答中發現任何錯誤 – WebQube

+0

您的解決方案看起來不錯。你也可以使用特定的'OAuthClientCredentialsRequestAuthenticator'來提高效率= D @WebQube – rdegges

0

我實際使用ApiRequestAuthenticator來實現這一目標

def get_api_key(self, app, user_data): 

    self.init_authenticator() 

    email = user_data['email'] 
    if not hasattr(self, 'cloud_directory'): 
     self.cloud_directory = app.stormpath_helper.get_cloud_directory(APP_NAME + '-' + env) 

    if self.accounts.get(email) is None: 
     account = self.cloud_directory.accounts.search({'email': email}) 
     if account is None: 
      raise Exception('failed to find account') 

     self.accounts[email] = account[0] 

    if self.api_keys.get(email) is None: 
     api_key = self.accounts[email].api_keys.create() 
     self.api_keys[email] = api_key 

    return self.api_keys[email] 


# init authenticator to stormpath api to validate access tokens 
def init_authenticator(self): 
    if not hasattr(self, 'application'): 
     self.application = self.app.stormpath_manager.application 

    if not hasattr(self, 'authenticator'): 
     self.authenticator = ApiRequestAuthenticator(self.application) 


def get_client_access_token(self, app, user_data): 
    api_key = self.get_api_key(app, user_data) 

    uri = 'bla_dont_care.com?grant_type=client_credentials' 
    http_method = 'GET' 
    headers = { 
     'Authorization': 'Basic ' + base64.b64encode(api_key.id + ":" + api_key.secret) 
    } 
    result = self.authenticator.authenticate(headers=headers, http_method=http_method, uri=uri, body={}, scopes=[]) 
    if result: 
     client_token = result.token.token 
    else: 
     raise Exception('Invalid or not authenticated request.')

和登錄使用:

def is_token_valid(request, authenticator): 
    uri = 'bla_dont_care.com' 
    # headers = { 
    #  'Authorization': 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2FwaS5zdG9ybXBhdGguY29tL3YxL2FwcGxpY2F0aW9ucy9WSmlYRFdUV25ZZE5nckZlOUJvSTMiLCJpYXQiOjE0NjM5ODYxNTAsInN1YiI6IjVHWk03REpWNTFRSkhDWk41WENQMDEwRjQiLCJleHAiOjE0NjM5ODk3NTAsInNjb3BlIjpudWxsfQ.MTxQ2AzhlCkOtws4cnwLdrUhLEUGHpMOIATbSX9AeGw' 
    # } 
    result = authenticator.authenticate(headers=request.headers, http_method='GET', uri=uri, body={}, scopes=[]) 

    if result is None: 
     return False, None 

    is_valid = result.account is not None 
    return is_valid, result.account

來源

2016-05-24 06:23:09 WebQube

相關問題

 相關問題