我的书签
添加书签
移除书签API 文档
版本小于 v2.6 需要打开 debug 模式
...# 如果版本更低的话,配置文件是 config.py# Debug = trueDEBUG: true
API 认证
JumpServer API 支持的认证有以下几种方式
Session 登录后可以直接使用 session_id 作为认证方式Token 获取一次性 Token,该 Token 有有效期, 过期作废Private Token 永久 TokenAccess Key 对 Http Header 进行签名
用户通过页面后登录,cookie 中会存在 sessionid,请求时同样把 sessionid 放到 cookie 中
curl -X POST http://localhost/api/v1/authentication/auth/ \-H 'Content-Type: application/json' \-d '{"username": "admin", "password": "admin"}'
PythonGolang
// Golang 示例package mainimport ("encoding/json""fmt""io/ioutil""log""net/http""strings")const (JmsServerURL = "https://demo.jumpserver.org"UserName = "admin"Password = "password")func GetToken(jmsurl, username, password string) (string, error) {url := jmsurl + "/api/v1/authentication/auth/"query_args := strings.NewReader(`{"username": "`+username+`","password": "`+password+`"}`)client := &http.Client{}req, err := http.NewRequest("POST", url, query_args)req.Header.Add("Content-Type", "application/json")resp, err := client.Do(req)if err != nil {log.Fatal(err)}defer resp.Body.Close()body, err := ioutil.ReadAll(resp.Body)if err != nil {log.Fatal(err)}response := map[string]interface{}{}json.Unmarshal(body, &response)return response["token"].(string), nil}func GetUserInfo(jmsurl, token string) {client := &http.Client{}req, err := http.NewRequest("GET", url, nil)req.Header.Add("Authorization", "Bearer "+token)req.Header.Add("X-JMS-ORG", "00000000-0000-0000-0000-000000000002")resp, err := client.Do(req)if err != nil {log.Fatal(err)}defer resp.Body.Close()body, err := ioutil.ReadAll(resp.Body)if err != nil {log.Fatal(err)}fmt.Println(string(body))}func main() {token, err := GetToken(JmsServerURL, UserName, Password)if err != nil {log.Fatal(err)}GetUserInfo(JmsServerURL, token)}
docker exec -it jms_core /bin/bashcd /opt/jumpserver/appspython manage.py shellfrom users.models import Useru = User.objects.get(username='admin')u.create_private_token()
已经存在 private_token,可以直接获取即可
u.private_token
PythonGolang
# Python 示例# pip install requestsimport requests, jsondef get_user_info(jms_url, token):url = jms_url + '/api/v1/users/users/'headers = {"Authorization": 'Token ' + token,'X-JMS-ORG': '00000000-0000-0000-0000-000000000002'}response = requests.get(url, headers=headers)print(json.loads(response.text))if __name__ == '__main__':jms_url = 'https://demo.jumpserver.org'token = '937b38011acf499eb474e2fecb424ab3'get_user_info(jms_url, token)
// Golang 示例package mainimport ("encoding/json""fmt""io/ioutil""strings")const (JmsServerURL = "https://demo.jumpserver.org"JMSToken = "adminToken")func GetUserInfo(jmsurl, token string) {url := jmsurl + "/api/v1/users/users/"client := &http.Client{}req, err := http.NewRequest("GET", url, nil)req.Header.Add("Authorization", "Token "+token)req.Header.Add("X-JMS-ORG", "00000000-0000-0000-0000-000000000002")resp, err := client.Do(req)if err != nil {log.Fatal(err)}defer resp.Body.Close()body, err := ioutil.ReadAll(resp.Body)if err != nil {log.Fatal(err)}fmt.Println(string(body))}func main() {GetUserInfo(JmsServerURL, JMSToken)}
在 Web 页面 API Key 列表创建或获取 AccessKeyID AccessKeySecret
PythonGolang
# Python 示例# pip install requests drf-httpsigimport requests, datetime, jsonfrom httpsig.requests_auth import HTTPSignatureAuthdef get_auth(KeyID, SecretID):signature_headers = ['(request-target)', 'accept', 'date']auth = HTTPSignatureAuth(key_id=KeyID, secret=SecretID, algorithm='hmac-sha256', headers=signature_headers)return authdef get_user_info(jms_url, auth):url = jms_url + '/api/v1/users/users/'gmt_form = '%a, %d %b %Y %H:%M:%S GMT'headers = {'Accept': 'application/json','X-JMS-ORG': '00000000-0000-0000-0000-000000000002','Date': datetime.datetime.utcnow().strftime(gmt_form)}response = requests.get(url, auth=auth, headers=headers)print(json.loads(response.text))if __name__ == '__main__':jms_url = 'https://demo.jumpserver.org'KeyID = 'AccessKeyID'SecretID = 'AccessKeySecret'get_user_info(jms_url, auth)
