API验证

API验证

客户端

import requests
import time
import hashlib

def getSha1(s):
    sha1 = hashlib.sha1()
    sha1.update(s)
    return sha1.hexdigest()

if __name__ == "__main__":
    url = "http://127.0.0.1:8000/getInfo"
    key = "something is right"
    ctime = time.time()

    pass_str = "%s|%s"%(key, ctime)
    b_pass_str = pass_str.encode("utf-8")
    sha1_str = getSha1(b_pass_str)


    ret = requests.get(url=url, params={"date": "%s|%s"%(sha1_str, ctime)})
    print(ret.text)

　　

服务端

KEY = "something is right"

from django.shortcuts import render, HttpResponse
import hashlib
import time
from django.conf import settings

def getSha1(s):
    sha1 = hashlib.sha1()
    sha1.update(s)
    return sha1.hexdigest()



def getInfo(request):
    user_li = []
    if request.method == "GET":
        key = settings.KEY
        date = request.GET.get("date")

        if date in user_li:
            return HttpResponse("使用过了")
        if date:
            password, ctime = date.rsplit('|', maxsplit=1)

            if float(ctime) + 5 < time.time():
                return HttpResponse("时间过期楽")
            new_info = "%s|%s" % (key, ctime)
            new_info = new_info.encode("utf-8")
            new_password = getSha1(new_info)

            if new_password == password:
                return HttpResponse("It is right")