标签:setting reg obj test tin values 加密 eth today
一、作业目标
完成API加密功能
二、作业完成度(100%)
1、客户端代码(主要是在django中添加请求头,然后在请求头内动态添加md5和时间)
class BaseClient(object):
def __init__(self):
self.api = settings.API
def post_server_info(self,server_dict):
obj=Md5()
api_header_val=obj.api_header_val()
print(api_header_val)
requests.post(self.api,json=server_dict,headers={‘auth-api‘:api_header_val})
import time
import hashlib
class Md5(object):
def __init__(self):
self.key=‘wefrefgregffref‘
self.ctime=str(time.time())
self.new_key="%s|%s"%(self.key,self.ctime)
def md5(self):
hs = hashlib.md5()
hs.update(self.new_key.encode(‘utf-8‘))
return hs.hexdigest()
def api_header_val(self):
return ‘%s|%s‘%(self.md5(),self.ctime)
2、服务器端代码(主要是验证客户端传输过来的MD5值和时间,通过时间上的限制和MD5值得校验来判断该用户传递过来的数据是否合法)
import json
from django.shortcuts import render, HttpResponse,redirect
from django.views.decorators.csrf import csrf_exempt
from api.plugins import PluginsManage
from django.db.models import Q
from datetime import date
from repository import models
import hashlib
import time
import requests
@csrf_exempt
def server(request):
if request.method == ‘GET‘:
current_date=date.today()
host_list = models.Server.objects.filter(
Q(Q(latest_date=None) | Q(latest_date__date__lt=current_date)) & Q(server_status_id=2)
).values(‘hostname‘)[0:200]
hostname_list=list(host_list)
return HttpResponse(json.dumps(hostname_list))
elif request.method == ‘POST‘:
client_info = request.META[‘HTTP_AUTH_API‘]
print(client_info)
client_md5_str, client_ctime = client_info.split(‘|‘)
new_server_str = ‘%s|%s‘ % (key, client_ctime)
server_md5_str = md5(new_server_str)
server_ctime = time.time()
client_ctime = float(client_ctime)
if (client_ctime + 5) < server_ctime:
return HttpResponse(‘您迟到了‘)
elif client_md5_str != server_md5_str:
return HttpResponse(‘滚‘)
elif client_api_header_val.get(client_md5_str):
return HttpResponse(‘请重新访问‘)
else:
client_api_header_val[client_md5_str] = client_ctime
print(3)
server_dict = json.loads(request.body.decode(‘utf-8‘))
if not server_dict[‘basic‘][‘status‘]:
return HttpResponse(‘臣妾做不到‘)
obj = PluginsManage()
obj.exec(server_dict)
return HttpResponse(‘ok‘)
def md5(arg):
hs=hashlib.md5()
hs.update(arg.encode(‘utf-8‘))
return hs.hexdigest()
key=‘wefrefgregffref‘
client_api_header_val={}
三、作业总结
1、今天主要是在原有代码的基础上添加了API验证功能,没什么好总结的。
标签:setting reg obj test tin values 加密 eth today
原文地址:http://www.cnblogs.com/xuanan/p/7617085.html
