| 123456789101112131415161718192021222324252627282930313233 |
- """
- 安全相关:密码哈希、JWT访问令牌签发与解析。
- """
- from datetime import datetime, timedelta, timezone
- from typing import Any
- from jose import jwt
- from passlib.context import CryptContext
- from app.core.config import settings
- #密码加密
- pwd_context = CryptContext(
- schemes=["pbkdf2_sha256", "bcrypt"], deprecated="auto")
- #注册时加密密码
- def hash_password(password: str) -> str:
- return pwd_context.hash(password)
- #登录时验证密码
- def verify_password(password: str, password_hash: str) -> bool:
- return pwd_context.verify(password, password_hash)
- #登录成功时签发JWT令牌
- def create_access_token(subject: str, expires_delta: timedelta | None = None, extra: dict[str, Any] | None = None) -> str:
- now = datetime.now(timezone.utc)
- expire = now + (expires_delta or timedelta(minutes=settings.access_token_exp_minutes))
- payload: dict[str, Any] = {"sub": subject, "iat": int(now.timestamp()), "exp": int(expire.timestamp())}
- if extra:
- payload.update(extra)
- return jwt.encode(payload, settings.jwt_secret_key, algorithm=settings.jwt_algorithm)
- #解析JWT令牌并验证
- def decode_token(token: str) -> dict[str, Any]:
- return jwt.decode(token, settings.jwt_secret_key, algorithms=[settings.jwt_algorithm])
|