API 文档

    API 文档默认已经集成在代码里面,部署完成后可以通过下面的方式进行访问

    版本小于 v2.6 需要打开 DEBUG 模式

    1. ...
    2. # 如果版本更低的话,配置文件是 config.py
    3. # Debug = true
    4. DEBUG: true

    2 API 认证

    1. Session 登录后可以直接使用 session_id 作为认证方式
    2. Token 获取一次性 Token,该 Token 有有效期, 过期作废
    3. Private Token 永久 Token
    4. Access Key Http Header 进行签名

    SessionTokenPrivate TokenAccess Key

    用户通过页面后登录,cookie 中会存在 sessionid,请求时同样把 sessionid 放到 cookie 中

    1. curl -X POST http://localhost/api/v1/authentication/auth/ \
    2. -H 'Content-Type: application/json' \
    3. -d '{"username": "admin", "password": "admin"}'

    PythonGolang

    1. // Golang 示例
    2. package main
    3. import (
    4. "encoding/json"
    5. "fmt"
    6. "io/ioutil"
    7. "log"
    8. "net/http"
    9. "strings"
    10. )
    11. const (
    12. JmsServerURL = "https://demo.jumpserver.org"
    13. UserName = "admin"
    14. Password = "password"
    15. )
    16. func GetToken(jmsurl, username, password string) (string, error) {
    17. url := jmsurl + "/api/v1/authentication/auth/"
    18. query_args := strings.NewReader(`{
    19. "username": "`+username+`",
    20. "password": "`+password+`"
    21. }`)
    22. client := &http.Client{}
    23. req, err := http.NewRequest("POST", url, query_args)
    24. req.Header.Add("Content-Type", "application/json")
    25. resp, err := client.Do(req)
    26. if err != nil {
    27. log.Fatal(err)
    28. }
    29. defer resp.Body.Close()
    30. body, err := ioutil.ReadAll(resp.Body)
    31. if err != nil {
    32. log.Fatal(err)
    33. }
    34. response := map[string]interface{}{}
    35. json.Unmarshal(body, &response)
    36. return response["token"].(string), nil
    37. }
    38. func GetUserInfo(jmsurl, token string) {
    39. client := &http.Client{}
    40. req, err := http.NewRequest("GET", url, nil)
    41. req.Header.Add("Authorization", "Bearer "+token)
    42. req.Header.Add("X-JMS-ORG", "00000000-0000-0000-0000-000000000002")
    43. resp, err := client.Do(req)
    44. if err != nil {
    45. log.Fatal(err)
    46. }
    47. defer resp.Body.Close()
    48. body, err := ioutil.ReadAll(resp.Body)
    49. if err != nil {
    50. log.Fatal(err)
    51. }
    52. fmt.Println(string(body))
    53. }
    54. func main() {
    55. token, err := GetToken(JmsServerURL, UserName, Password)
    56. if err != nil {
    57. log.Fatal(err)
    58. }
    59. GetUserInfo(JmsServerURL, token)
    60. }
    1. docker exec -it jms_core /bin/bash
    2. cd /opt/jumpserver/apps
    3. python manage.py shell
    4. from users.models import User
    5. u = User.objects.get(username='admin')
    6. u.create_private_token()
    1. u.private_token

    以 PrivateToken: 937b38011acf499eb474e2fecb424ab3 为例:

    PythonGolang

    1. # Python 示例
    2. # pip install requests
    3. import requests, json
    4. def get_user_info(jms_url, token):
    5. url = jms_url + '/api/v1/users/users/'
    6. headers = {
    7. "Authorization": 'Token ' + token,
    8. 'X-JMS-ORG': '00000000-0000-0000-0000-000000000002'
    9. }
    10. response = requests.get(url, headers=headers)
    11. print(json.loads(response.text))
    12. if __name__ == '__main__':
    13. jms_url = 'https://demo.jumpserver.org'
    14. token = '937b38011acf499eb474e2fecb424ab3'
    15. get_user_info(jms_url, token)
    1. // Golang 示例
    2. package main
    3. import (
    4. "encoding/json"
    5. "fmt"
    6. "io/ioutil"
    7. "net/http"
    8. )
    9. const (
    10. JmsServerURL = "https://demo.jumpserver.org"
    11. JMSToken = "adminToken"
    12. )
    13. func GetUserInfo(jmsurl, token string) {
    14. url := jmsurl + "/api/v1/users/users/"
    15. client := &http.Client{}
    16. req, err := http.NewRequest("GET", url, nil)
    17. req.Header.Add("Authorization", "Token "+token)
    18. req.Header.Add("X-JMS-ORG", "00000000-0000-0000-0000-000000000002")
    19. resp, err := client.Do(req)
    20. if err != nil {
    21. log.Fatal(err)
    22. }
    23. defer resp.Body.Close()
    24. body, err := ioutil.ReadAll(resp.Body)
    25. if err != nil {
    26. log.Fatal(err)
    27. }
    28. fmt.Println(string(body))
    29. }
    30. func main() {
    31. GetUserInfo(JmsServerURL, JMSToken)
    32. }

    在 Web 页面 API Key 列表创建或获取 AccessKeyID AccessKeySecret

    1. # Python 示例
    2. # pip install requests drf-httpsig
    3. import requests, datetime, json
    4. from httpsig.requests_auth import HTTPSignatureAuth
    5. def get_auth(KeyID, SecretID):
    6. signature_headers = ['(request-target)', 'accept', 'date']
    7. auth = HTTPSignatureAuth(key_id=KeyID, secret=SecretID, algorithm='hmac-sha256', headers=signature_headers)
    8. return auth
    9. def get_user_info(jms_url, auth):
    10. url = jms_url + '/api/v1/users/users/'
    11. gmt_form = '%a, %d %b %Y %H:%M:%S GMT'
    12. headers = {
    13. 'Accept': 'application/json',
    14. 'X-JMS-ORG': '00000000-0000-0000-0000-000000000002',
    15. 'Date': datetime.datetime.utcnow().strftime(gmt_form)
    16. }
    17. response = requests.get(url, auth=auth, headers=headers)
    18. print(json.loads(response.text))
    19. if __name__ == '__main__':
    20. jms_url = 'https://demo.jumpserver.org'
    21. KeyID = 'AccessKeyID'
    22. SecretID = 'AccessKeySecret'
    23. get_user_info(jms_url, auth)