我正在尝试为iOS移动应用程序构建一组API。python - 使用curl发送请求时,Flask可以处理会话吗?
我使用Flask-RESTful' to build RESTful type of interfaces and
Flask-login`来帮助我处理用户登录问题。
然而,我发现,当我用curl
登录,服务器不会返回成功消息,而我则发送请求到得到“保护”页面,只有登录的用户可以看到和得到
“”message“:”服务器无法验证您是否有权访问请求的URL。您提供了错误的凭据(例如错误的密码),或者浏览器不知道如何提供所需的凭据。 “ }
如果curl
不发送一些“用户证书”,这是否意味着,当我的iOS应用程序发送请求,后端仍不能识别用户?
我不太了解Flask是如何处理'session'的,而我是web开发新手。有没有解决方法?
这里是我的代码:
api.py
# -*- coding: utf-8 -*-
import flask_login, json
from flask import request
from flask_restful import Resource, reqparse
from models import users, User
parser = reqparse.RequestParser()
def request_parser():
parser.add_argument('data', action='append')
return parser.parse_args()['data'][0]
class Login(Resource):
def get(self):
return
def post(self):
# data = request_parser()
data = request.json['data']
email = data['email']
test = users[email]
if data['pw'] == users[email]['pw']:
user = User()
user.id = email
flask_login.login_user(user)
return 'login success'
return 'Bad login'
class Protected(Resource):
@flask_login.login_required
def get(self):
return 'Logged in as: ' + flask_login.current_user.id
models.py
# -*- coding: utf-8 -*-
import flask_login
from app import login_manager
users = {'[email protected]': {'pw': 'secret'}}
class User(flask_login.UserMixin):
pass
@login_manager.user_loader
def user_loader(email):
if email not in users:
return
user = User()
user.id = email
return user
@login_manager.request_loader
def request_loader(request):
email = request.form.get('email')
if email not in users:
return
user = User()
user.id = email
user.is_authenticated = request.form['pw'] == users[email]['pw']
return user
__init__.py
# -*- coding: utf-8 -*-
from flask import Flask
from flask_restful import Resource, Api
from flask_sqlalchemy import SQLAlchemy
import flask_login
import config
app = Flask(__name__)
app.config.from_object("config")
app.secret_key = 'yangjinglei'
api = Api(app)
login_manager = flask_login.LoginManager()
login_manager.init_app(app)
db = SQLAlchemy(app, use_native_unicode="utf8")
run.py
# -*- coding: utf-8 -*-
from app import app, api
from app.api import *
api.add_resource(Login, '/login')
api.add_resource(Protected, '/protected')
if __name__ == '__main__':
app.run(debug=True)