一、加密
import hashlib # 对称/不对称加密 s = '123456' m = hashlib.md5(s.encode()) # md5加密是不可逆的,简单的加密是因为他们库里有存 # m = hashlib.sha256(s.encode()) #sha256 result = m.hexdigest() print(result)
二、mock接口开发
mock是模拟一个接口的意思,需要安装第三方模块flask(flask是web轻量级开发框架)
import flask import json import pymysql import hashlib import redis import time # flask轻量级的web开发框架 server = flask.Flask(__name__) def op_mysql(sql, one_tag=False): connect = pymysql.connect(host='***.**.*.**', user='jxz', password='123456', db='jxz', port=3306, charset='utf8', autocommit=True) cursor = connect.cursor(pymysql.cursors.DictCursor) cursor.execute(sql) if one_tag: result = cursor.fetchone() else: result = cursor.fetchall() cursor.close() connect.close() return result def md5(s, salt='ccx_iodsgs233_12'): #md5加密 s = str(s)+ salt m = hashlib.md5(s.encode()) return m.hexdigest() # md5加密之后,是固定的,这样的安全性不够高 # 可以加盐,salt='ccx_iodsgs233_12',设置一串复杂的字符串,加强安全性 def op_redis(key, value=None, expire=60 * 60 * 2): r = redis.Redis(host='118.24.3.40', password='HK139bc&*', decode_responses=True) if value: #如果传入值不为空,则保存值 r.set(key, value, expire) else: #value值为空,则获取值 return r.get(key) # 支付接口 @server.route('/api/payment') # methods=['postget'],默认get请求 def payment(): status = flask.request.values.get('status') if status == 'success': data = {"code": 0, "msg": "支付成功", "amount": 30000} elif status == 'process': data = {'code': 305, 'msg': '支付处理中', 'amount': 30000} elif status == 'fail': data = {'code': -1, 'msg': '支付失败', 'amount': 30000} else: data = {'code': 400, 'msg': '支付状态错误', 'amount': 30000} return json.dumps(data, ensure_ascii=False) # 登录接口 @server.route('/api/login_old') def login_old(): data = {'code': 0, 'msg': '登陆成功'} return json.dumps(data, ensure_ascii=False) @server.route('/account_data', methods=['post']) def account_data(): account_name = flask.request.values.get('account_name') #获取请求参数 # flask.request.json.get() #获取json格式的参数 result = op_mysql('select * from gtm_account where acount="%s";' % account_name) data = {"code": 0, "msg": "success", "data": result} return json.dumps(data, ensure_ascii=False) # 注册接口 @server.route('/register', methods=['post']) def register(): username = flask.request.values.get('username') password = flask.request.values.get('password') cpwd = flask.request.values.get('cpwd') sql='select * from app_myuser where username="%s";'%username if username and password and cpwd: #输入参数均不为空 if password!=cpwd: data = {"code": 400, "msg": "两次输入密码不一致"} elif op_mysql(sql): #如果查询结果不为空,则不能注册 data = {'code': 401, 'msg': '用户已经存在'} else: password = md5(password) insert_sql='insert into app_myuser(username,passwd) values ("%s","%s");'%(username,password) op_mysql(insert_sql) data = {'code': 0, 'msg': '注册成功'} else: data = {'code': 400, 'msg': '必填参数不能为空'} return json.dumps(data, ensure_ascii=False) # 1.登录接口--生成token # 登录成功后要返回token,token=username+timestamp md5加密 @server.route('/login',methods=['post']) def login(): #app_myuser username = flask.request.values.get('username') password = flask.request.values.get('password') if username and password: sql = 'select * from app_myuser where username="%s";' % username result = op_mysql(sql,True) if result: if md5(password) == result.get('passwd'): token = md5(username + str(time.time())) #token:uname+timestamp md5加密,保存到redis中,设置有效时间 info = {'username': username, 'id': result.get('id')} op_redis(token, json.dumps(info)) data = {"code": 0, "msg": "登录成功",'token':token} else: data = {'code': 403, 'msg': '帐号/密码错误'} else: data = {'code': 401, 'msg': '用户不存在'} else: data = {'code': 400, 'msg': '必填参数不能为空'} return json.dumps(data, ensure_ascii=False) # 2.支付接口--校验token @server.route('/api/v2/payment') # methods=['postget'],默认get请求 def payment_v2(): token = flask.request.values.get('token') amount = flask.request.values.get('amount') if token: #如果token不为空,则去redis中查询用户信息 result = op_redis(token) if result: amount = float(amount) result = json.loads(result) userid = result.get('id') sql = 'update app_myuser set balance=balance-%s where id=%s;' % (amount, userid) op_mysql(sql) data = {'code': 0, 'msg': '支付成功'} else: data = {'code': 401, 'msg': '未登录'} else: data = {'code': 401, 'msg': '未登录'} return json.dumps(data, ensure_ascii=False) server.run(port=9999, debug=True) #此服务运行一次就可 # 注: # server.run(host='0.0.0.0', port=9999, debug=True) # host='0.0.0.0' 别人也可访问,手机也可访问,必须在同一个局域网中 # http:\ip:8000apipayment
运行结果:
1、登录成功后要返回token
2、支付接口--校验token
