PyCrypto PyCrypto是一个免费的加密算法库, 支持常见的DES、AES加密以及MD5、SHA等各种HASH运算
被测代码
"""AES加密算法"""BS = 16
unpad = lambda s : s[0: - ord(s[-1])]def decryptBase64(src):
return base64.urlsafe_b64decode(src)def decryptAES(src):
"""
解析AES密文
"""
src = https://www.it610.com/article/decryptBase64(src)
key = b'W7v4D60fds2Cmk2U'
iv = b"1172311105789011"
cryptor = AES.new(key, AES.MODE_CBC, iv)
text = cryptor.decrypt(src).decode()
return unpad(text)def aes_encryption(request):
if request.method == 'POST':
data = https://www.it610.com/article/request.POST.get("data", "")
else:
return "error"if data =https://www.it610.com/article/="":
return "data null"# 解密
decode = decryptAES(data)
# 转化为字典
dict_data = json.loads(decode)
return dict_data# 嘉宾查询接口----AES算法
def get_guest_list(request):
dict_data = aes_encryption(request)if dict_data =https://www.it610.com/article/="data null":
return JsonResponse({'status':10010,'message':'data null'})if dict_data =https://www.it610.com/article/="error":
return JsonResponse({'status':10011,'message':'request error'})# 取出对应的发布会id和手机号
try:
eid = dict_data['eid']
phone = dict_data['phone']
except KeyError:
return JsonResponse({'status':10012,'message':'parameter error'})if eid == '':
return JsonResponse({'status':10021,'message':'eid cannot be empty'})if eid != '' and phone == '':
datas = []
results = Guest.objects.filter(event_id=eid)
if results:
for r in results:
guest = {}
guest['realname'] = r.realname
guest['phone'] = r.phone
guest['email'] = r.email
guest['sign'] = r.sign
datas.append(guest)
return JsonResponse({'status':200, 'message':'success', 'data':datas})
else:
return JsonResponse({'status':10022, 'message':'query result is empty'})if eid != '' and phone != '':
guest = {}
try:
result = Guest.objects.get(phone=phone,event_id=eid)
except ObjectDoesNotExist:
return JsonResponse({'status':10022, 'message':'query result is empty'})
else:
guest['realname'] = result.realname
guest['phone'] = result.phone
guest['email'] = result.email
guest['sign'] = result.sign
return JsonResponse({'status':200, 'message':'success', 'data':guest})
接口文档 【Django|Python接口自动化测试系列[V1.0.0][加密接口]】
文章图片
测试用例
from Crypto.Cipher import AES
import base64
import requests
import unittest
import jsonclass AESTest(unittest.TestCase):def setUp(self):
BS = 16
self.pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS)self.base_url = "http://127.0.0.1:8000/api/sec_get_guest_list/"
self.app_key = 'W7v4D60fds2Cmk2U'def encryptBase64(self,src):
return base64.urlsafe_b64encode(src)def encryptAES(self,src, key):
"""
生成AES密文
"""
iv = b"1172311105789011"
cryptor = AES.new(key, AES.MODE_CBC, iv)
ciphertext = cryptor.encrypt(self.pad(src))
return self.encryptBase64(ciphertext)def test_aes_interface(self):
'''test aes interface'''
payload = {'eid': '1', 'phone': '13800138000'}
# 加密
encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded})
result = r.json()
self.assertEqual(result['status'], 200)
self.assertEqual(result['message'], "success")def test_get_guest_list_eid_null(self):
''' eid 参数为空 '''
payload = {'eid': '','phone': ''}
encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded})
result = r.json()
self.assertEqual(result['status'], 10021)
self.assertEqual(result['message'], 'eid cannot be empty')def test_get_event_list_eid_error(self):
''' 根据 eid 查询结果为空 '''
payload = {'eid': '901','phone': ''}
encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded})
result = r.json()
self.assertEqual(result['status'], 10022)
self.assertEqual(result['message'], 'query result is empty')def test_get_event_list_eid_success(self):
''' 根据 eid 查询结果成功 '''
payload = {'eid': '1','phone': ''}
encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded})
result = r.json()
self.assertEqual(result['status'], 200)
self.assertEqual(result['message'], 'success')
self.assertEqual(result['data'][0]['realname'],'张三')
self.assertEqual(result['data'][0]['phone'],'13800138000')def test_get_event_list_eid_phone_null(self):
''' 根据 eid 和phone 查询结果为空 '''
payload = {'eid':2,'phone':'10000000000'}
encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded})
result = r.json()
self.assertEqual(result['status'], 10022)
self.assertEqual(result['message'], 'query result is empty')def test_get_event_list_eid_phone_success(self):
''' 根据 eid 和phone 查询结果成功 '''
payload = {'eid':1,'phone':'18633003301'}
encoded = self.encryptAES(json.dumps(payload), self.app_key).decode()r = requests.post(self.base_url, data=https://www.it610.com/article/{"data": encoded})
result = r.json()
self.assertEqual(result['status'], 200)
self.assertEqual(result['message'], 'success')
self.assertEqual(result['data']['realname'],'alen')
self.assertEqual(result['data']['phone'],'18633003301')if __name__ == '__main__':
unittest.main()
推荐阅读
- Django (一)-DRF(DjangoRESTframework)工程搭建
- Django中新版本变动和版本不同的各种坑 (持续更新)
- xadmin|ImportError: No module named 'reversion'
- 解决django1.11与Python3.7不兼容问题
- Django中的auto_now、auto_now_add
- python|web开发之Django(七)(注册、登录、会话以及跳转个人中心)
- django版本和python版本的对应
- django中如何修改网页title和站点header?
- 关于django2中views和url已经前端模板页面的关系