在 python 中仅从 JWT 获取解码的有效负载

问题描述

有没有一种好方法(可能使用一些库)从 JWT 中获取有效负载并保存为字符串变量?除了手动解析第一个和第二个点之间的内容然后解码.

Is there a nice way (using maybe some library) to get only payload from JWT saved as string variable? Other than manually parsing it for content between first and second dots and then decoding.

推荐答案

库 PyJWT 有一个选项 无需验证即可解码 JWT:

如果没有此选项，decode 函数不仅会解码令牌，还会验证签名，您必须提供匹配的密钥.这当然是推荐的方式.
但是，如果您出于某种原因只想解码有效负载，请将选项 verify_signature 设置为 false.

Without this option, the decode function does not only decode the token but also verifies the signature and you would have to provide the matching key. And that's of course the recommended way.
But if you, for whatever reason, just want to decode the payload, set the option verify_signatureto false.

import jwt
key='super-secret'
payload={"id":"1","email":"myemail@gmail.com" }
token = jwt.encode(payload, key)
print (token)
decoded = jwt.decode(token, options={"verify_signature": False}) # works in PyJWT >= v2.0
print (decoded)
print (decoded["email"])

对于 PyJWT

v2.0使用:

For PyJWT < v2.0 use:

decoded = jwt.decode(token, verify=False)  # works in PyJWT < v2.0

它返回一个字典，以便您可以单独访问每个值:

It returns a dictionary so that you can access every value individually:

b'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6IjEiLCJlbWFpbCI6Im15ZW1haWxAZ21haWwuY29tIn0.ljEqGNGyR36s21NkSf3nv_II-Ed6fNv_xZL6EdbqPvw'

b'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6IjEiLCJlbWFpbCI6Im15ZW1haWxAZ21haWwuY29tIn0.ljEqGNGyR36s21NkSf3nv_II-Ed6fNv_xZL6EdbqPvw'

{'id': '1', 'email': 'myemail@gmail.com'}

{'id': '1', 'email': 'myemail@gmail.com'}

myemail@gmail.com

myemail@gmail.com

注意:还有其他 JWT 库用于 python，这也可能与其他库.

Note: there are other JWT libs for python as well and this might also be possible with other libs.

这篇关于在 python 中仅从 JWT 获取解码的有效负载的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持跟版网！