duandaijian1583 2014-11-21 22:01
浏览 272
已采纳

Laravel API cURL请求Python

I followed this Laravel token API tutorial: http://rjv.im/post/95988160186/api-token-authentication-with-laravel-and-sentry-part. I have written the following cURL request to communicate with my API:

curl -H "X-Auth-Token:tokenhere" http://localhost:8000/account

The request works properly, and accurately returns the expected data. When I translate this to Python I receive urllib2.HTTPError: HTTP Error 401: Unauthorized

import urllib2
req = urllib2.Request('http://localhost:8000/account')
req.add_header("X-Auth-Token", "tokenhere")
resp = urllib2.urlopen(req)
content = resp.read()
print content

If I pass user credentials using basic auth instead of an X-Auth-Token, the request works as expected:

import urllib2

def basic_authorization(user, password):
    s = user + ":" + password
    return "Basic " + s.encode("base64").rstrip()

req = urllib2.Request("http://localhost:8000/account", headers = { "Authorization": basic_authorization("usernameHere", "passwordHere"), })

f = urllib2.urlopen(req)

print f.read()

Any assistance would be much appreciated.

  • 写回答

1条回答 默认 最新

  • duanqiang2977 2014-11-22 05:05
    关注

    There is something you missed in the tutorial. In the tokens table there is a column:

    $table->string('client');

    It is important from which client you are sending your request. I am using https://github.com/hisorange/browser-detect to detect from which client I got the request.

    But for now I will just try to see User Agent. In my laravel code I just logged every request to see what's happening with the following code:

    Route::filter('auth.token', function($route, $request)
    {
    ....
    
      Log::info($request);
    
    ....
    }
    

    Now, Let's see:

    When I use curl from command line:

    curl -u user@example.com:password -X GET http://localhost:8000/account
    

    My User Agent is

    User-Agent:   curl/7.32.0
    

    I sent the same from python using your code above, User Agent is:

    User-Agent:      Python-urllib/2.7
    

    Ah! That must be it. You have to authenticate your user at least once using Basic Auth, it will give you a token and that token is valid for only that client. In the first part http://rjv.im/post/78940780589/api-token-authentication-with-laravel-and-sentry-part of tutorial there was no such condition. In the comments I received someone posted a query on how to support multiple clients, so this example was made to solve that problem.

    Apart from that, may I suggest this library: https://github.com/chrisbjr/api-guard It supports Rate Limiting, easy to integrate with Sentry. It's a bit different from my tutorial. Using my solution you can hit any endpoint using Basic Auth or Token. Using above library, only token is permitted, so there is dedicated route to generate token. Let me know how it goes.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题
  • ¥15 Visual Studio问题