There are many python frameworks, such as Flask, Django, FastAPI and so on. In this article, we will use Flask to write API interfaces.
Installing Flask
First, you need to install Flask:
pip install flask
Write the main program
Next, we can create a file named and write the Flask application code in it:
from flask import Flask, request
app = Flask(__name__)
@('/api', methods=['GET'])
def api():
name = ('name')
if name:
return "Hello, " + name
else:
return "Hello, World!"
if __name__ == '__main__':
(debug=True)running code
python
Going to http://localhost:5000/api in your browser should return "Hello, World!".
If you add a parameter to this URL, such as http://localhost:5000/api?name=YourName, "Hello, YourName" is returned.
We can also add a simple token validation to it
The following code adds a simple token authentication to the API interface:
from flask import Flask, request
app = Flask(__name__)
@('/api', methods=['GET'])
def api():
token = ('token')
if token != 'secret_token':
return "Invalid token", 401
name = ('name')
if name:
return "Hello, " + name
else:
return "Hello, World!"
if __name__ == '__main__':
(debug=True)In the code above, we add a token parameter and return an "Invalid token" error response (HTTP status code 401) if the parameter is not secret_token.
In real production environments, stronger authentication methods should be used rather than just simple tokens, but this can be used as a simple example in this case.
In production environments, you should use more sophisticated authentication methods such as OAuth2, JWT, etc.
In the case of Flask, you can use third-party libraries such as Flask-OAuthlib or Flask-JWT-Extended to implement authentication.
The following is sample code that implements authentication using Flask-JWT-Extended:
from flask import Flask, request
from flask_jwt_extended import (
JWTManager, jwt_required, create_access_token,
get_jwt_identity
)
app = Flask(__name__)
['JWT_SECRET_KEY'] = 'secret-key'
jwt = JWTManager(app)
@('/login', methods=['POST'])
def login():
username = ('username', None)
password = ('password', None)
if username != 'test' or password != 'test':
return {'message': 'Bad username or password'}, 401
# identity is a simple string, like a username
access_token = create_access_token(identity=username)
return {'access_token': access_token}, 200
@('/api', methods=['GET'])
@jwt_required
def api():
current_user = get_jwt_identity()
return "Hello, " + current_user
if __name__ == '__main__':
(debug=True)In the code above, we define two routes: /login and /api. In /login, we check the username and password, and if they are correct, we create a JWT access token and return it to the user. In /api, we use the jwt_required decorator to ensure that the API can only be accessed by users with a JWT token.
In real production environments, more sophisticated authentication methods should be used, e.g., OAuth2, JWT, etc. In addition, the security of the JWT secret key needs to be carefully considered to prevent any malicious user from recovering or tampering with the JWT token.
To secure the authentication process, you should also use HTTPS Secure Sockets Layer (SSL/TLS) on the client side to connect to the API interface to prevent data from being stolen across the network.
Please note that this is only a simple JWT authentication example, and more complex authentication methods may be required in a production environment. Therefore, make sure you fully understand the security of JWT or any other authentication method before using it to ensure that your API interfaces are not vulnerable to attacks.
to this article on Python to write a simple api interface to achieve the article is introduced to this, more related Python api interface content, please search my previous posts or continue to browse the following related articles I hope that you will support me in the future !