职校中的统一身份认证系统架构设计与实现

CREATE TABLE users (

id INT AUTO_INCREMENT PRIMARY KEY,

username VARCHAR(50) NOT NULL UNIQUE,

password_hash VARCHAR(255) NOT NULL,

role_id INT,

FOREIGN KEY (role_id) REFERENCES roles(id)

);

CREATE TABLE roles (

单点登录技术

id INT AUTO_INCREMENT PRIMARY KEY,

name VARCHAR(50) NOT NULL UNIQUE

);

CREATE TABLE permissions (

id INT AUTO_INCREMENT PRIMARY KEY,

action VARCHAR(50) NOT NULL,

resource VARCHAR(50) NOT NULL

);

]]>

from flask import Flask, request, jsonify

import hashlib

app = Flask(__name__)

@app.route('/login', methods=['POST'])

def login():

data = request.json

username = data.get('username')

password = data.get('password')

# 查询数据库检查用户名和密码是否匹配

user_record = get_user_by_username(username)

if not user_record:

return jsonify({"error": "Invalid credentials"}), 401

hashed_password = hashlib.sha256(password.encode()).hexdigest()

if hashed_password != user_record['password_hash']:

return jsonify({"error": "Invalid credentials"}), 401

# 返回JWT令牌

token = generate_jwt(user_record['id'], user_record['role_id'])

return jsonify({"token": token}), 200

def get_user_by_username(username):

# 模拟从数据库获取用户信息

pass

def generate_jwt(user_id, role_id):

# 使用JWT库生成令牌

pass

]]>