| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156 |
- #!/usr/bin/env python3
- """
- 生成长期有效的管理员Token脚本
- 功能:
- 1. 查找管理员用户
- 2. 生成99999天有效期的Token
- 3. 输出Token并验证有效性
- 使用方式:
- cd backend
- python scripts/generate_admin_token.py
- 注意:需要在backend目录下运行,以确保正确加载配置
- """
- import sys
- import os
- # 添加backend目录到路径
- sys.path.insert(0, os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
- from datetime import datetime, timedelta
- import jwt
- from config import settings
- from database import get_db_connection
- def find_admin_user():
- """查找管理员用户"""
- with get_db_connection() as conn:
- cursor = conn.cursor()
- cursor.execute("""
- SELECT id, username, email, role
- FROM users
- WHERE role = 'admin'
- LIMIT 1
- """)
- row = cursor.fetchone()
- if row:
- return {
- "id": row["id"],
- "username": row["username"],
- "email": row["email"],
- "role": row["role"]
- }
- return None
- def create_long_term_token(user_data: dict, days: int = 99999) -> str:
- """
- 创建长期有效的Token
-
- Args:
- user_data: 用户信息字典
- days: 有效天数,默认99999天
-
- Returns:
- str: JWT Token
- """
- expire = datetime.utcnow() + timedelta(days=days)
- payload = {
- "sub": user_data["id"],
- "username": user_data["username"],
- "email": user_data["email"],
- "role": user_data["role"],
- "exp": expire,
- "iat": datetime.utcnow(),
- "type": "access"
- }
- return jwt.encode(
- payload,
- settings.JWT_SECRET_KEY,
- algorithm=settings.JWT_ALGORITHM
- )
- def verify_token(token: str) -> dict:
- """
- 验证Token有效性
-
- Args:
- token: JWT Token
-
- Returns:
- dict: 解码后的payload
- """
- try:
- payload = jwt.decode(
- token,
- settings.JWT_SECRET_KEY,
- algorithms=[settings.JWT_ALGORITHM]
- )
- return payload
- except jwt.ExpiredSignatureError:
- raise Exception("Token已过期")
- except jwt.InvalidTokenError as e:
- raise Exception(f"Token无效: {str(e)}")
- def main():
- print("=" * 60)
- print("管理员长期Token生成工具")
- print("=" * 60)
- print()
-
- # 查找管理员用户
- print("正在查找管理员用户...")
- admin_user = find_admin_user()
-
- if not admin_user:
- print("\n❌ 错误: 未找到管理员用户!")
- print("\n请先创建管理员用户,可以使用以下方式:")
- print(" 1. 运行 python create_test_user.py 创建测试用户")
- print(" 2. 或通过API注册用户后在数据库中将role改为admin")
- sys.exit(1)
-
- print(f"✓ 找到管理员用户: {admin_user['username']} ({admin_user['email']})")
- print()
-
- # 生成Token
- print("正在生成99999天有效期的Token...")
- token = create_long_term_token(admin_user, days=99999)
- print("✓ Token生成成功!")
- print()
-
- # 验证Token
- print("正在验证Token有效性...")
- try:
- payload = verify_token(token)
- expire_time = datetime.fromtimestamp(payload["exp"])
- print(f"✓ Token验证通过!")
- print(f" - 用户ID: {payload['sub']}")
- print(f" - 用户名: {payload['username']}")
- print(f" - 角色: {payload['role']}")
- print(f" - 过期时间: {expire_time.strftime('%Y-%m-%d %H:%M:%S')}")
- except Exception as e:
- print(f"❌ Token验证失败: {str(e)}")
- sys.exit(1)
-
- print()
- print("=" * 60)
- print("生成的管理员Token (请妥善保管):")
- print("=" * 60)
- print()
- print(token)
- print()
- print("=" * 60)
- print()
- print("使用方式:")
- print(" 在HTTP请求头中添加:")
- print(f" Authorization: Bearer {token[:50]}...")
- print()
- if __name__ == "__main__":
- main()
|
