LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

@ekzemplaro(内田 雅智)

JWT トークンの作成と検証

Posted at

5人のユーザーとパスワードが登録してある例です。

作成

入力

ユーザー名
パスワード

gen_jwt.py
#! /usr/bin/python
#
#	gen_jwt.py
#
#					Mar/06/2025
#
# ------------------------------------------------------------------
import sys
import jwt
import datetime

# ユーザー情報(データベースや他の方法で確認する必要があります)
USER_DATABASE = {
	"mary": "tiger",
	"betty": "tiger",
	"kate": "tiger",
	"john": "tiger",
	"scott": "tiger"
}

# JWT を署名するための秘密鍵(本番環境ではもっと強力な秘密鍵を使用)
SECRET_KEY = "your-secret-key"

# ------------------------------------------------------------------
# ユーザー名とパスワードを入力として受け取る
def create_jwt_token(username, password):
	# ユーザー名とパスワードの確認
	if username in USER_DATABASE and USER_DATABASE[username] == password:
		# 認証成功 → JWT トークンを生成
		payload = {
			"sub": username,  # ユーザー名
			"exp": datetime.datetime.now(datetime.timezone.utc) + datetime.timedelta(hours=1),  # 有効期限(ここでは1時間)
			"iat": datetime.datetime.now(datetime.timezone.utc)  # 発行日時
		}

		# JWT を生成
		token = jwt.encode(payload, SECRET_KEY, algorithm="HS256")
		return token
	else:
		return None  # 認証失敗

# ------------------------------------------------------------------
# ユーザー名とパスワードを指定して JWT トークンを生成
username = sys.argv[1]
password = sys.argv[2]

token = create_jwt_token(username, password)

if token:
	print(f"Generated JWT Token: {token}")
else:
	print("Invalid username or password.")

# ------------------------------------------------------------------

実行結果

ユーザー、パスワードが間違っている場合

$ ./gen_jwt.py scott pass
Invalid username or password.

ユーザー、パスワードが正しい場合

$ ./gen_jwt.py scott tiger
Generated JWT Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzY290dCIsImV4cCI6MTc0MTI2MjAzOCwiaWF0IjoxNzQxMjU4NDM4fQ.dMJpAcqmsjcOswHYIPk5ALi1N_AH-4F07UMbHIP8PYo

検証

token を与えて、True False を判定します。

validate.py
#! /usr/bin/python
#
#	json_read.py
#
#					Jan/14/2025
#
# ------------------------------------------------------------------
import sys
import jwt

def validate_jwt(token):
    try:
        # JWT の秘密鍵または公開鍵で署名を検証
        decoded_token = jwt.decode(token, 'your-secret-key', algorithms=['HS256'])
        return True
    except jwt.ExpiredSignatureError:
        return False
    except jwt.InvalidTokenError:
        return False

# ------------------------------------------------------------------
token = '1eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzY290dCIsImV4cCI6MTc0MTI2MTUwMiwiaWF0IjoxNzQxMjU3OTAyfQ.1OnQWV1pp3BnCGwQgOQ6Y_0Gwod6Ra0K2pZT0343vss'
token = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzY290dCIsImV4cCI6MTc0MTI2MTUwMiwiaWF0IjoxNzQxMjU3OTAyfQ.1OnQWV1pp3BnCGwQgOQ6Y_0Gwod6Ra0K2pZT0343vss'
#
result = validate_jwt(token)
print(result)
# ------------------------------------------------------------------

実行結果

$ ./validate.py 
True
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?