标签:text repos json utf-8 hex == status def models
完成任务:
1、API验证。
1 import json 2 from django.shortcuts import render, HttpResponse 3 from django.views.decorators.csrf import csrf_exempt 4 from .plugins import PluginManger 5 from datetime import date 6 from repository import models 7 from django.db.models import Q 8 import hashlib 9 import time 10 11 12 def md5(arg): 13 hs = hashlib.md5() 14 hs.update(arg.encode(‘utf-8‘)) 15 return hs.hexdigest() 16 17 18 key = "asdasodoquqwejqweo" 19 visited_keys = { 20 } 21 22 23 def api_auth(func): 24 def inner(request, *args, **kwargs): 25 server_float_ctime = time.time() 26 auth_header_val = request.META.get(‘HTTP_AUTH_API‘) 27 # 841770f74ef3b7867d90be37c5b4adfc|1506571253.9937866 28 client_md5_str, client_ctime = auth_header_val.split(‘|‘, maxsplit=1) 29 client_float_ctime = float(client_ctime) 30 31 # 第一关 32 if (client_float_ctime + 20) < server_float_ctime: 33 return HttpResponse(‘时间验证超时,你的手速还不够快‘) 34 35 # 第二关: 36 server_md5_str = md5("%s|%s" % (key, client_ctime,)) 37 if server_md5_str != client_md5_str: 38 return HttpResponse(‘验证不成功‘) 39 40 # 第三关: 41 if visited_keys.get(client_md5_str): 42 return HttpResponse(‘有人已经来过了‘) 43 44 visited_keys[client_md5_str] = client_float_ctime 45 return func(request, *args, **kwargs) 46 47 return inner 48 49 50 @csrf_exempt # 不再验证csrf 51 def server(request): 52 if request.method == "GET": 53 current_date = date.today() 54 # 获取今日未采集的主机列表 55 host_list = models.Server.objects.filter( 56 Q(Q(latest_date=None) | Q(latest_date__date__lt=current_date)) & Q(server_status_id=2) 57 ).values(‘hostname‘) 58 host_list = list(host_list) 59 print(host_list) 60 return HttpResponse(json.dumps(host_list)) 61 if request.method == "POST": 62 # 客服端提交的最新资产数据 63 server_dict = json.loads(request.body.decode(‘utf-8‘)) 64 65 if not server_dict[‘basic‘][‘status‘]: 66 return HttpResponse("臣妾做不到啊") 67 68 manager = PluginManger() 69 response = manager.exec(server_dict) 70 71 return HttpResponse(json.dumps(response)) 72 73 74 @api_auth 75 def test(request): 76 return HttpResponse(‘正常用户‘)
1 # -*- coding: utf-8 -*- 2 # __author__ = "maple" 3 import requests 4 import time 5 import hashlib 6 7 8 def md5(arg): 9 hs = hashlib.md5() 10 hs.update(arg.encode(‘utf-8‘)) 11 return hs.hexdigest() 12 13 14 key = "asdasodoquqwejqweo" 15 ctime = str(time.time()) 16 new_key = "%s|%s" % (key, ctime,) # 随机字符串|时间戳 17 md5_str = md5(new_key) # md5加密 18 19 auth_header_val = "%s|%s" % (md5_str, ctime,) 20 21 response = requests.get(‘http://127.0.0.1:8000/api/test.html‘, headers={‘auth-api‘: auth_header_val}) 22 print(response.text)
标签:text repos json utf-8 hex == status def models
原文地址:http://www.cnblogs.com/maple-shaw/p/7617576.html
