{"id":2691,"date":"2025-03-25T18:22:02","date_gmt":"2025-03-25T10:22:02","guid":{"rendered":"https:\/\/www.ruianding.com\/blog\/?p=2691"},"modified":"2026-02-07T15:10:30","modified_gmt":"2026-02-07T07:10:30","slug":"%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api","status":"publish","type":"post","link":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/","title":{"rendered":"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 &#8211; Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\"><strong>\u5f15\u8a00<\/strong><\/h2>\n\n\n\n<p>\u5728\u6570\u5b57\u5316\u65f6\u4ee3\uff0c\u968f\u7740\u4f01\u4e1a\u548c\u5e94\u7528\u7a0b\u5e8f\u7684\u589e\u591a\uff0c\u5982\u4f55\u7ba1\u7406\u7528\u6237\u8eab\u4efd\u548c\u6388\u6743\u8bbf\u95ee\u5df2\u7ecf\u6210\u4e3a\u4e00\u4e2a\u4e9f\u5f85\u89e3\u51b3\u7684\u91cd\u8981\u95ee\u9898\u3002\u4f20\u7edf\u7684\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u5b58\u5728\u4e00\u5b9a\u7684\u5c40\u9650\u6027\uff0c\u65e0\u6cd5\u6ee1\u8db3\u73b0\u4ee3\u5e94\u7528\u7a0b\u5e8f\u5bf9\u5b89\u5168\u3001\u7075\u6d3b\u6027\u548c\u53ef\u6269\u5c55\u6027\u7684\u9700\u6c42\u3002\u56e0\u6b64\uff0c <strong><a href=\"https:\/\/en.wikipedia.org\/wiki\/Identity_and_access_management\">\u8eab\u4efd\u4e0e\u8bbf\u95ee\u7ba1\u7406\uff08IAM\uff09<\/a><\/strong> \u6210\u4e3a\u73b0\u4ee3\u7cfb\u7edf\u67b6\u6784\u7684\u6838\u5fc3\u90e8\u5206\uff0c\u5b83\u4e0d\u4ec5\u6d89\u53ca\u7528\u6237\u8eab\u4efd\u7684\u7ba1\u7406\uff0c\u8fd8\u5305\u62ec\u5bf9\u5e94\u7528\u548c\u8d44\u6e90\u7684\u8bbf\u95ee\u63a7\u5236\u3002<\/p>\n\n\n\n<p>\u5728\u8fd9\u4e00\u7cfb\u5217\u535a\u5ba2\u4e2d\uff0c\u6211\u5c06\u5e26\u4f60\u4e00\u8d77\u7814\u7a76\u5982\u4f55\u6784\u5efa\u4e00\u4e2a <strong><a href=\"https:\/\/en.wikipedia.org\/wiki\/Single_sign-on\">SSO\uff08Single Sign-On\uff09<\/a><\/strong> \u7cfb\u7edf\uff0c\u8fd9\u4e0d\u4ec5\u4ec5\u662f\u4e00\u4e2a\u7b80\u5355\u7684\u8eab\u4efd\u9a8c\u8bc1\u529f\u80fd\uff0c\u66f4\u662f\u4e00\u4e2a\u5f3a\u5927\u7684 <strong>\u8eab\u4efd\u7ba1\u7406\uff08IAM\uff09<\/strong> \u7cfb\u7edf\u7684\u57fa\u7840\u3002\u901a\u8fc7\u6784\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668\uff0c\u6211\u4eec\u53ef\u4ee5\u6df1\u5165\u7406\u89e3\u4ee5\u4e0b\u51e0\u4e2a\u5173\u952e\u6982\u5ff5\uff1a<\/p>\n\n\n\n<div class=\"wp-block-group is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<p>\u2611\ufe0f <strong>SSO<\/strong>\uff1a\u8ba9\u7528\u6237\u901a\u8fc7\u4e00\u6b21\u767b\u5f55\u5b9e\u73b0\u5bf9\u591a\u4e2a\u5e94\u7528\u7cfb\u7edf\u7684\u8bbf\u95ee\u3002<\/p>\n\n\n\n<p>\u2611\ufe0f <strong>IAM<\/strong>\uff1a\u63d0\u4f9b\u4e00\u79cd\u96c6\u4e2d\u7ba1\u7406\u548c\u63a7\u5236\u8eab\u4efd\u8ba4\u8bc1\u3001\u6388\u6743\u548c\u5ba1\u8ba1\u7684\u673a\u5236\u3002<\/p>\n\n\n\n<p>\u2611\ufe0f <strong>RBAC\uff08\u57fa\u4e8e\u89d2\u8272\u7684\u8bbf\u95ee\u63a7\u5236\uff09<\/strong>\uff1a\u6839\u636e\u7528\u6237\u7684\u89d2\u8272\u548c\u6743\u9650\u7ba1\u7406\u4ed6\u4eec\u5bf9\u8d44\u6e90\u7684\u8bbf\u95ee\u63a7\u5236\uff0c\u786e\u4fdd\u7cfb\u7edf\u4e2d\u7684\u6bcf\u4e2a\u7528\u6237\u90fd\u80fd\u6309\u7167\u6388\u6743\u7684\u6743\u9650\u8bbf\u95ee\u76f8\u5e94\u7684\u8d44\u6e90\u3002<\/p>\n<\/div>\n\n\n\n<hr class=\"wp-block-separator has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide\"\/>\n\n\n\n<div class=\"wp-block-group is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p>\u5728\u672c\u7cfb\u5217\u7684\u7b2c\u4e00\u90e8\u5206\u4e2d\uff0c\u6211\u4eec\u5c06\u5b9e\u73b0\u4e00\u4e2a\u57fa\u7840\u7684 <strong>SSO \u767b\u5f55 + \u8ba4\u8bc1 API<\/strong>\uff0c\u4e3a\u6784\u5efa\u4e00\u4e2a\u9ad8\u6548\u3001\u5b89\u5168\u7684\u8eab\u4efd\u7ba1\u7406\u7cfb\u7edf\u5960\u5b9a\u57fa\u7840\u3002\u968f\u7740\u7cfb\u5217\u7684\u6df1\u5165\uff0c\u6211\u4eec\u4f1a\u9010\u6b65\u6269\u5c55\u529f\u80fd\uff0c\u63a2\u8ba8\u5982\u4f55\u5b9e\u73b0\u590d\u6742\u7684\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u3001\u89d2\u8272\u7ba1\u7406\u3001\u6743\u9650\u63a7\u5236\u7b49 IAM \u548c RBAC \u76f8\u5173\u7684\u529f\u80fd\uff0c\u5e2e\u52a9\u4f60\u5168\u9762\u4e86\u89e3\u4e00\u4e2a\u73b0\u4ee3\u4f01\u4e1a\u7ea7\u5e94\u7528\u7cfb\u7edf\u7684\u8eab\u4efd\u7ba1\u7406\u67b6\u6784\u3002<\/p>\n<\/div>\n\n\n\n<p>\u5728\u672c\u7bc7\u4e2d\uff0c\u6211\u4eec\u5c06\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u4f7f\u7528 <strong>Flask<\/strong> \u642d\u5efa\u540e\u7aef\u670d\u52a1\u5668\u3002<\/li>\n\n\n\n<li>\u5b9e\u73b0 <strong>\u7528\u6237\u6ce8\u518c<\/strong> \u548c <strong>\u767b\u5f55<\/strong> API\u3002<\/li>\n\n\n\n<li>\u4f7f\u7528 <strong>JWT\uff08JSON Web Token\uff09<\/strong> \u8fdb\u884c\u8eab\u4efd\u8ba4\u8bc1\u3002<\/li>\n\n\n\n<li>\u5b9e\u73b0 <strong>\u57fa\u4e8e Token \u7684\u8ba4\u8bc1<\/strong> \u6765\u9a8c\u8bc1\u7528\u6237\u8eab\u4efd\u3002<\/li>\n<\/ul>\n\n\n\n<p>\u8ba9\u6211\u4eec\u4e00\u6b65\u6b65\u6765\u770b\u5982\u4f55\u5b9e\u73b0\u8fd9\u4e00\u8fc7\u7a0b\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>\u4f7f\u7528\u7684\u6280\u672f<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Flask<\/strong>\uff1a\u8f7b\u91cf\u7ea7\u7684 Python Web \u6846\u67b6\uff0c\u9002\u5408\u7528\u4e8e\u5feb\u901f\u6784\u5efa RESTful API\u3002<\/li>\n\n\n\n<li><strong>MySQL<\/strong>\uff1a\u6d41\u884c\u7684\u5173\u7cfb\u578b\u6570\u636e\u5e93\u7ba1\u7406\u7cfb\u7edf\uff0c\u7528\u4e8e\u5b58\u50a8\u7528\u6237\u6570\u636e\u3002<\/li>\n\n\n\n<li><strong>bcrypt<\/strong>\uff1a\u4e00\u79cd\u5b89\u5168\u7684\u5bc6\u7801\u54c8\u5e0c\u7b97\u6cd5\uff0c\u7528\u4e8e\u4fdd\u62a4\u7528\u6237\u7684\u5bc6\u7801\u3002<\/li>\n\n\n\n<li><strong>JWT<\/strong>\uff1a\u4e00\u79cd\u7d27\u51d1\u7684 URL \u5b89\u5168\u65b9\u5f0f\u6765\u8868\u793a\u4e24\u65b9\u4e4b\u95f4\u4f20\u8f93\u7684\u58f0\u660e\u3002<\/li>\n\n\n\n<li><strong>Logging<\/strong>\uff1a\u65e5\u5fd7\u8ffd\u8e2a\uff0c\u7528\u4e8e\u8c03\u8bd5\u548c\u9519\u8bef\u8ffd\u8e2a\u3002<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Python \u4f9d\u8d56\u5b89\u88c5<\/strong><\/h3>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"python\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">pip install flask mysql-connector-python bcrypt pyjwt<\/pre>\n\n\n\n<hr class=\"wp-block-separator has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u6b65\u9aa41 &#8211; \u521b\u5efa\u6570\u636e\u5e93\u4e0e\u8868<\/h2>\n\n\n\n<p>\u5728\u5b9e\u73b0 SSO \u7cfb\u7edf\u4e4b\u524d\uff0c\u6211\u4eec\u9996\u5148\u9700\u8981\u521b\u5efa\u4e00\u4e2a MySQL \u6570\u636e\u5e93\u6765\u5b58\u50a8\u7528\u6237\u4fe1\u606f\u3002\u4ee5\u4e0b\u662f\u521b\u5efa\u6570\u636e\u5e93\u548c\u8868\u7684\u6b65\u9aa4\uff1a<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>1. \u521b\u5efa\u6570\u636e\u5e93<\/strong><\/h4>\n\n\n\n<p>\u9996\u5148\uff0c\u5728 MySQL \u4e2d\u521b\u5efa\u4e00\u4e2a\u6570\u636e\u5e93\u6765\u5b58\u50a8\u7528\u6237\u6570\u636e\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"sql\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">CREATE DATABASE oauth2_db;<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>2. \u521b\u5efa\u7528\u6237\u8868<\/strong><\/h4>\n\n\n\n<p>\u63a5\u7740\uff0c\u521b\u5efa\u4e00\u4e2a <code>users<\/code> \u8868\u6765\u5b58\u50a8\u7528\u6237\u7684\u57fa\u672c\u4fe1\u606f\u548c\u54c8\u5e0c\u5bc6\u7801\u3002\u8fd9\u4e2a\u8868\u5c06\u5305\u542b\u4e24\u4e2a\u5b57\u6bb5\uff1a<code>id<\/code> \u548c <code>password_hash<\/code>\u3002<code>id<\/code> \u662f\u4e3b\u952e\uff0c<code>password_hash<\/code> \u7528\u4e8e\u5b58\u50a8\u7528\u6237\u7684\u5bc6\u7801\u54c8\u5e0c\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"sql\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">CREATE DATABASE oauth2_db;\n\nUSE oauth2_db;\n\nCREATE TABLE users (\n    id INT PRIMARY KEY AUTO_INCREMENT,\n    username VARCHAR(255) UNIQUE NOT NULL,\n    password_hash VARCHAR(255) NOT NULL,\n    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP\n);\n<\/pre>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"211\" height=\"382\" src=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png\" alt=\"\" class=\"wp-image-2701\" srcset=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png 211w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9-166x300.png 166w\" sizes=\"auto, (max-width: 211px) 100vw, 211px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">\u6b65\u9aa42 &#8211; <strong>\u642d\u5efa Flask \u5e94\u7528<\/strong><\/h2>\n\n\n\n<p>\u6211\u4eec\u9996\u5148\u642d\u5efa\u4e00\u4e2a <strong>Flask<\/strong> \u5e94\u7528\uff0c\u8fd9\u4e2a\u5e94\u7528\u5c06\u4f5c\u4e3a\u6211\u4eec\u7684 SSO \u670d\u52a1\u5668\u540e\u7aef\u3002\u6211\u4eec\u5c06\u521b\u5efa\u4e09\u4e2a\u4e3b\u8981\u7684\u63a5\u53e3\uff1a<\/p>\n\n\n\n<div class=\"wp-block-group is-vertical is-layout-flex wp-container-core-group-is-layout-8cf370e7 wp-block-group-is-layout-flex\">\n<p>\u2611\ufe0f <mark style=\"background-color:#fcb900\" class=\"has-inline-color\"><strong>\/register<\/strong><\/mark> &#8211; \u7528\u4e8e\u7528\u6237\u6ce8\u518c\uff0c\u7528\u6237\u63d0\u4f9b\u7528\u6237\u540d\u548c\u5bc6\u7801\u3002<\/p>\n\n\n\n<p>\u2611\ufe0f <mark style=\"background-color:#7bdcb5\" class=\"has-inline-color\"><strong>\/login<\/strong><\/mark> &#8211; \u7528\u4e8e\u7528\u6237\u767b\u5f55\u5e76\u751f\u6210 JWT Token\u3002<\/p>\n\n\n\n<p>\u2611\ufe0f <mark style=\"background-color:#8ed1fc\" class=\"has-inline-color\"><strong>\/userinfo<\/strong><\/mark> &#8211; \u57fa\u4e8e\u63d0\u4f9b\u7684 JWT Token \u8ba4\u8bc1\u7528\u6237\u5e76\u8fd4\u56de\u7528\u6237\u4fe1\u606f\u3002<\/p>\n<\/div>\n\n\n\n<p>\u63a5\u4e0b\u6765\uff0c\u6211\u4eec\u6765\u9010\u6b65\u5206\u6790\u6bcf\u4e00\u90e8\u5206\u7684\u4ee3\u7801\u3002<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong><mark style=\"background-color:#fcb900\" class=\"has-inline-color\">1. \u7528\u6237\u6ce8\u518c<\/mark><\/strong><\/h3>\n\n\n\n<p><mark style=\"background-color:#fcb900\" class=\"has-inline-color\"><strong>\/register<\/strong><\/mark> \u63a5\u53e3\u8d1f\u8d23\u7528\u6237\u6ce8\u518c\u3002\u5b83\u63a5\u6536\u4e00\u4e2a\u5305\u542b\u7528\u6237\u540d\u548c\u5bc6\u7801\u7684 <strong>POST<\/strong> \u8bf7\u6c42\u3002\u5bc6\u7801\u5c06\u4f7f\u7528 <strong>bcrypt<\/strong> \u7b97\u6cd5\u8fdb\u884c\u54c8\u5e0c\u5904\u7406\uff0c\u7136\u540e\u5c06\u7528\u6237\u4fe1\u606f\u5b58\u50a8\u5230\u6570\u636e\u5e93\u4e2d\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># 1\ufe0f\u20e3 User registration\n@app.route('\/register', methods=['POST'])\ndef register():\n    logger.debug(\"Request received at \/register endpoint\")\n    \n    # Get request data\n    data = request.json\n    logger.debug(f\"Request Data: {data}\")\n\n    username = data.get(\"username\")\n    password = data.get(\"password\")\n\n    if not username or not password:\n        logger.debug('Username or password is missing')\n        return jsonify({\"error\": \"Username and password cannot be empty\"}), 400\n\n    # Hash the password\n    hashed_password = bcrypt.hashpw(password.encode(), bcrypt.gensalt())\n    logger.debug(f\"Hashed password: {hashed_password}\")\n\n    try:\n        # Insert data into the database\n        cursor.execute(\"INSERT INTO users (username, password_hash) VALUES (%s, %s)\", (username, hashed_password))\n        db.commit()\n        logger.debug('User registered successfully')\n        return jsonify({\"message\": \"Registration successful\"}), 201\n    except mysql.connector.errors.IntegrityError as e:\n        logger.error(f\"Error: {e}\")\n        return jsonify({\"error\": \"Username already exists\"}), 400\n    except mysql.connector.Error as err:\n        logger.error(f\"Database error: {err}\")\n        return jsonify({\"error\": \"Database error\"}), 500<\/pre>\n\n\n\n<p><strong>\u5173\u952e\u6b65\u9aa4<\/strong>\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u68c0\u67e5\u7528\u6237\u540d\u548c\u5bc6\u7801\u662f\u5426\u4e3a\u7a7a\u3002<\/li>\n\n\n\n<li>\u4f7f\u7528 <strong>bcrypt<\/strong> \u5bf9\u5bc6\u7801\u8fdb\u884c\u54c8\u5e0c\u3002<\/li>\n\n\n\n<li>\u5c06\u7528\u6237\u4fe1\u606f\u63d2\u5165\u5230\u6570\u636e\u5e93\u4e2d\u3002<\/li>\n<\/ul>\n\n\n\n<p class=\"has-electric-grass-gradient-background has-background has-small-font-size\">\u2753<strong> FAQ-1. \u4e3a\u4ec0\u4e48\u5bc6\u7801\u9700\u8981\u4ee5\u54c8\u5e0c\u7684\u5f62\u5f0f\u5b58\u50a8\uff1f<\/strong><br>1. <strong>\u4e0d\u53ef\u9006\u6027<\/strong>\uff1a\u5982\u679c\u6570\u636e\u5e93\u53ea\u5b58\u660e\u6587\u5bc6\u7801\uff0c\u4e00\u65e6\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u76f4\u63a5\u4f7f\u7528\u3002\u4f7f\u7528\u54c8\u5e0c\u5b58\u50a8\uff0c\u653b\u51fb\u8005\u5373\u4f7f\u62ff\u5230\u6570\u636e\u5e93\uff0c\u4e5f\u65e0\u6cd5\u76f4\u63a5\u83b7\u53d6\u5bc6\u7801\uff0c\u5fc5\u987b\u8fdb\u884c\u8ba1\u7b97\u7834\u89e3\uff08\u5982\u66b4\u529b\u7834\u89e3\u6216\u5b57\u5178\u653b\u51fb\uff09\u3002<br> 2. <strong><strong>\u6700\u5c0f\u5316\u6cc4\u9732\u5f71\u54cd<\/strong>\uff1a<\/strong>\u5982\u679c\u67d0\u4e2a\u7528\u6237\u7684\u5bc6\u7801\u6cc4\u9732\uff0c\u653b\u51fb\u8005\u65e0\u6cd5\u7b80\u5355\u5730\u7528\u5b83\u53bb\u5c1d\u8bd5\u767b\u5f55\u5176\u4ed6\u7cfb\u7edf\uff08\u9632\u6b62\u5bc6\u7801\u91cd\u7528\u98ce\u9669\uff09\u3002\u5982\u679c\u6570\u636e\u5e93\u5b58\u7684\u662f\u54c8\u5e0c\u503c\uff0c\u5373\u4f7f\u67d0\u4e2a\u7528\u6237\u7684\u54c8\u5e0c\u88ab\u7834\u89e3\uff0c\u5176\u4ed6\u7528\u6237\u7684\u54c8\u5e0c\u503c\u4ecd\u7136\u5b89\u5168\u3002<\/p>\n\n\n\n<p class=\"has-electric-grass-gradient-background has-background has-small-font-size\">\u2753<strong> FAQ-2. \u4f7f\u7528\u54c8\u5e0c\u7684\u5f62\u5f0f\u5b58\u50a8\u5bc6\u7801\u5c31\u5b89\u5168\u4e86\u5417\uff1f<\/strong><br>\u7b54\u6848\u662fNO\u3002\u54c8\u5e0c\u5b58\u50a8\u4ecd\u7136\u9762\u4e34 <strong>\u5f69\u8679\u8868\u653b\u51fb<\/strong>\uff08<strong>\u9884\u8ba1\u7b97<\/strong>\u54c8\u5e0c\u503c\u7684\u67e5\u8868\u653b\u51fb\uff09\u3002<br> 1. <strong>\u5f69\u8679\u8868\u653b\u51fb\u7684\u539f\u7406<\/strong>\uff1a\u653b\u51fb\u8005\u53ef\u4ee5<strong>\u9884\u8ba1\u7b97<\/strong>\u4e00\u7ec4\u5e38\u89c1\u5bc6\u7801\u7684\u54c8\u5e0c\u503c\uff0c\u5e76\u5b58\u5165\u5f69\u8679\u8868\u3002\u5982\u679c\u6570\u636e\u5e93\u5b58\u7684\u662f<strong>\u6ca1\u6709\u52a0\u76d0\u7684\u54c8\u5e0c<\/strong>\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u76f4\u63a5\u67e5\u8868\u627e\u5230\u5bf9\u5e94\u7684\u539f\u59cb\u5bc6\u7801\u3002<br>2. <strong>\u52a0\u76d0\u7684\u4f5c\u7528<\/strong>\uff1a\u76d0\u662f\u4e00\u4e2a<strong>\u968f\u673a\u751f\u6210\u7684\u5b57\u7b26\u4e32<\/strong>\uff0c\u6bcf\u4e2a\u7528\u6237\u7684\u5bc6\u7801\u90fd\u4f1a\u5e26\u4e0a\u4e00\u4e2a\u72ec\u7279\u7684\u76d0\u503c\u540e\u518d\u8fdb\u884c\u54c8\u5e0c\u8ba1\u7b97\u3002\u8fd9\u6837\uff0c\u5373\u4f7f\u4e24\u4e2a\u7528\u6237\u4f7f\u7528\u76f8\u540c\u7684\u5bc6\u7801\uff0c\u5b83\u4eec\u7684\u54c8\u5e0c\u503c\u4e5f\u4f1a\u4e0d\u540c\u3002\u8fd9\u4f7f\u5f97<strong>\u5f69\u8679\u8868\u5931\u6548<\/strong>\uff0c\u56e0\u4e3a\u653b\u51fb\u8005\u65e0\u6cd5\u9884\u8ba1\u7b97\u6240\u6709\u53ef\u80fd\u7684\u76d0\u503c\u7ec4\u5408\u3002<\/p>\n\n\n\n<p class=\"has-electric-grass-gradient-background has-background has-small-font-size\">\u2753<strong> FAQ-3. <strong>\u4e3a\u4ec0\u4e48\u6211\u4eec\u4f7f\u7528 bcrypt<\/strong> \u5e93\uff1f<\/strong><br>bcrypt \u662f\u4e13\u95e8\u4e3a\u5bc6\u7801\u5b58\u50a8\u8bbe\u8ba1\u7684\u54c8\u5e0c\u7b97\u6cd5\uff0c\u76f8\u6bd4\u901a\u7528\u54c8\u5e0c\u51fd\u6570\uff08\u5982 SHA-256\uff09\uff0c\u5b83\u5728\u5b89\u5168\u6027\u4e0a\u6709\u4ee5\u4e0b\u4f18\u52bf\uff1a<br><strong>1. \u5185\u7f6e Salt\uff0c\u9632\u6b62\u5f69\u8679\u8868\u653b\u51fb<\/strong>\uff1abcrypt <strong>\u81ea\u52a8\u751f\u6210\u5e76\u5b58\u50a8 Salt<\/strong>\uff0c\u5f00\u53d1\u8005\u65e0\u9700\u624b\u52a8\u5904\u7406\uff0c\u907f\u514d\u4e86\u56e0 Salt \u5904\u7406\u4e0d\u5f53\u5bfc\u81f4\u7684\u5b89\u5168\u6f0f\u6d1e\u3002<br><strong>2. \u9002\u5e94\u6027\u5f3a\uff08Work Factor\uff0c\u53ef\u8c03\u6210\u672c\uff09<\/strong>\uff1abcrypt \u63d0\u4f9b\u4e86<strong>\u53ef\u914d\u7f6e\u7684\u8ba1\u7b97\u6210\u672c\uff08Work Factor \/ \u8f6e\u6570\uff09<\/strong>\uff0c\u5373\u4f7f\u8ba1\u7b97\u80fd\u529b\u63d0\u5347\uff0c\u4ecd\u7136\u53ef\u4ee5\u589e\u52a0\u8ba1\u7b97\u590d\u6742\u5ea6\uff0c\u589e\u5f3a\u6297\u66b4\u529b\u7834\u89e3\u80fd\u529b\u3002bcrypt \u7684\u5de5\u4f5c\u56e0\u5b50\u53ef\u4ee5\u4f7f\u8ba1\u7b97<strong>\u6bd4 SHA-256 \u4e4b\u7c7b\u7684\u54c8\u5e0c\u6162\u5f88\u591a<\/strong>\uff0c\u51cf\u7f13\u66b4\u529b\u7834\u89e3\u901f\u5ea6\u3002<br><strong>3. \u8bbe\u8ba1\u4e0a\u9632\u5fa1 GPU\/ASIC \u52a0\u901f\u7834\u89e3<\/strong>\uff1a\u73b0\u4ee3\u7834\u89e3\u624b\u6bb5\u4e3b\u8981\u5229\u7528 GPU\/ASIC \u8fdb\u884c\u5927\u89c4\u6a21\u5e76\u884c\u8ba1\u7b97\uff0c\u4f8b\u5982<strong>\u66b4\u529b\u7834\u89e3\u666e\u901a\u54c8\u5e0c\uff08\u5982 SHA-256\uff09<\/strong>\u7684\u901f\u5ea6\u8fdc\u5feb\u4e8e CPU\u3002 bcrypt \u6545\u610f\u8bbe\u8ba1\u6210\u8ba1\u7b97\u5bc6\u96c6\u578b\uff0c\u5e76\u4f9d\u8d56 CPU \u8d44\u6e90\uff0c\u4f7f\u5f97 GPU\/ASIC \u5931\u53bb\u5e76\u884c\u8ba1\u7b97\u4f18\u52bf\uff0c\u63d0\u9ad8\u7834\u89e3\u6210\u672c\u3002<br>4. <strong>\u5176\u4ed6\u63a8\u8350\u7684\u5bc6\u7801\u54c8\u5e0c\u5e93<\/strong>\uff1aargon2 \u662f 2015 \u5e74\u5bc6\u7801\u54c8\u5e0c\u7ade\u8d5b\u7684\u51a0\u519b\uff0c\u8bbe\u8ba1\u4e0a\u6bd4 bcrypt \u66f4\u5148\u8fdb\uff0c\u5b89\u5168\u6027\u66f4\u9ad8\u3002 \u5b83\u4f18\u5316\u4e86\u6297 GPU \u653b\u51fb\u80fd\u529b\uff0c\u5e76\u589e\u52a0\u4e86\u5185\u5b58\u786c\u6027\u8981\u6c42\uff0c\u8ba9\u7834\u89e3\u6210\u672c\u66f4\u9ad8\u3002 Python \u53ef\u4ee5\u4f7f\u7528 argon2-cffi \u5e93\u3002<\/p>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong><mark style=\"background-color:#7bdcb5\" class=\"has-inline-color\">2. \u7528\u6237\u767b\u5f55\u4e0e Token \u751f\u6210<\/mark><\/strong><\/h3>\n\n\n\n<p><strong><mark style=\"background-color:#7bdcb5\" class=\"has-inline-color\">\/login<\/mark><\/strong> \u63a5\u53e3\u5141\u8bb8\u7528\u6237\u4f7f\u7528\u7528\u6237\u540d\u548c\u5bc6\u7801\u767b\u5f55\u3002\u5982\u679c\u9a8c\u8bc1\u6210\u529f\uff0c\u4f1a\u751f\u6210\u4e00\u4e2a <strong>JWT Token<\/strong>\uff0c\u5e76\u5c06\u5176\u8fd4\u56de\u7ed9\u5ba2\u6237\u7aef\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># 2\ufe0f\u20e3 User login (returns JWT Token)\n@app.route('\/login', methods=['POST'])\ndef login():\n    logger.debug('Received request at \/login endpoint')\n    \n    # Get request data\n    data = request.json\n    logger.debug(f\"Request Data: {data}\")\n\n    username = data.get(\"username\")\n    password = data.get(\"password\")\n\n    cursor.execute(\"SELECT id, password_hash FROM users WHERE username = %s\", (username,))\n    user = cursor.fetchone()\n\n    if user and bcrypt.checkpw(password.encode(), user[1].encode()):\n        # Generate JWT Token\n        token_payload = {\n            \"user_id\": user[0],\n            \"username\": username,\n            \"exp\": datetime.datetime.utcnow() + datetime.timedelta(hours=1)  # 1 hour validity\n        }\n        token = jwt.encode(token_payload, app.config[\"SECRET_KEY\"], algorithm=\"HS256\")\n        logger.debug(f\"Generated JWT Token: {token}\")\n        return jsonify({\"access_token\": token})\n\n    logger.debug('Invalid username or password')\n    return jsonify({\"error\": \"Invalid username or password\"}), 401<\/pre>\n\n\n\n<p><strong>\u5173\u952e\u6b65\u9aa4<\/strong>\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u4ece\u6570\u636e\u5e93\u4e2d\u83b7\u53d6\u7528\u6237\u4fe1\u606f\u3002<\/li>\n\n\n\n<li>\u4f7f\u7528 <strong>bcrypt<\/strong> \u9a8c\u8bc1\u5bc6\u7801\u662f\u5426\u5339\u914d\u3002<\/li>\n\n\n\n<li>\u751f\u6210 <strong>JWT Token<\/strong> \u5e76\u8fd4\u56de\u3002<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><strong><mark style=\"background-color:#8ed1fc\" class=\"has-inline-color\">3. \u7528\u6237\u8ba4\u8bc1<\/mark><\/strong><\/h3>\n\n\n\n<p><strong><mark style=\"background-color:#8ed1fc\" class=\"has-inline-color\">\/userinfo<\/mark><\/strong> \u63a5\u53e3\u7528\u4e8e\u901a\u8fc7 JWT Token \u6765\u9a8c\u8bc1\u7528\u6237\u8eab\u4efd\u3002\u5ba2\u6237\u7aef\u9700\u8981\u5728 <strong>Authorization<\/strong> \u5934\u4e2d\u63d0\u4f9b <strong>Bearer Token<\/strong>\u3002\u5982\u679c Token \u9a8c\u8bc1\u6210\u529f\uff0c\u8fd4\u56de\u7528\u6237\u4fe1\u606f\u3002<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\"># 3\ufe0f\u20e3 Authenticate JWT Token (get user information)\n@app.route('\/userinfo', methods=['GET'])\ndef userinfo():\n    logger.debug('Received request at \/userinfo endpoint')\n\n    token = request.headers.get(\"Authorization\")\n    if not token:\n        logger.debug('No token provided')\n        return jsonify({\"error\": \"Token not provided\"}), 401\n    \n    try:\n        token = token.split(\"Bearer \")[-1]\n        payload = jwt.decode(token, app.config[\"SECRET_KEY\"], algorithms=[\"HS256\"])\n        logger.debug(f\"Token payload: {payload}\")\n        return jsonify({\"user_id\": payload[\"user_id\"], \"username\": payload[\"username\"]})\n    except jwt.ExpiredSignatureError:\n        logger.error('Token has expired')\n        return jsonify({\"error\": \"Token has expired\"}), 401\n    except jwt.InvalidTokenError:\n        logger.error('Invalid token')\n        return jsonify({\"error\": \"Invalid token\"}), 401<\/pre>\n\n\n\n<p><strong>\u5173\u952e\u6b65\u9aa4<\/strong>\uff1a<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u4ece <strong>Authorization<\/strong> \u5934\u4e2d\u63d0\u53d6 Token\u3002<\/li>\n\n\n\n<li>\u89e3\u7801\u5e76\u9a8c\u8bc1 Token \u7684\u6709\u6548\u6027\u3002<\/li>\n\n\n\n<li>\u8fd4\u56de\u7528\u6237\u4fe1\u606f\uff0c\u5982\u679c Token \u65e0\u6548\u6216\u8fc7\u671f\uff0c\u8fd4\u56de\u76f8\u5e94\u7684\u9519\u8bef\u4fe1\u606f\u3002<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>\u63a5\u53e3\u6d4b\u8bd5<\/strong><\/h2>\n\n\n\n<p>\u5b9e\u73b0\u4e86\u8fd9\u4e9b\u63a5\u53e3\u540e\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528 <strong>curl<\/strong> \u6216 <strong>Postman<\/strong> \u6765\u6d4b\u8bd5\u8fd9\u4e9b\u63a5\u53e3\u3002<\/p>\n\n\n\n<p><strong>\u7528\u6237\u6ce8\u518c<\/strong>\uff1a <\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">curl -X POST http:\/\/127.0.0.1:5001\/register -H \"Content-Type: application\/json\" -d '{\"username\": \"testuser\", \"password\": \"password123\"}'<\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"272\" src=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-10-1024x272.png\" alt=\"\" class=\"wp-image-2719\" srcset=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-10-1024x272.png 1024w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-10-300x80.png 300w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-10-768x204.png 768w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-10-1536x408.png 1536w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-10-2048x544.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>\u7528\u6237\u767b\u5f55<\/strong>\uff1a <\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">curl -X POST http:\/\/127.0.0.1:5001\/login -H \"Content-Type: application\/json\" -d '{\"username\": \"testuser\", \"password\": \"password123\"}'<\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"265\" src=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-11-1024x265.png\" alt=\"\" class=\"wp-image-2720\" srcset=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-11-1024x265.png 1024w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-11-300x78.png 300w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-11-768x199.png 768w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-11-1536x398.png 1536w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-11-2048x531.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>\u8fd4\u56de\u5b57\u6bb5 access_token \u5c31\u662f\u6211\u4eec\u8ba4\u8bc1\u670d\u52a1\u5668\u751f\u4ea7\u7684 JWT Token\uff0c\u89e3\u5bc6\u6b64 token \u53ef\u4ee5\u5728 payload \u4e2d\u770b\u5230\u8ba4\u8bc1\u7684\u7528\u6237\u4fe1\u606f<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"328\" src=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-13-1024x328.png\" alt=\"\" class=\"wp-image-2722\" srcset=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-13-1024x328.png 1024w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-13-300x96.png 300w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-13-768x246.png 768w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-13-1536x492.png 1536w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-13.png 1693w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p><strong>\u83b7\u53d6\u7528\u6237\u4fe1\u606f\uff08\u9700\u8981 JWT Token\uff09<\/strong>\uff1a<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">curl -X GET http:\/\/127.0.0.1:5001\/userinfo -H \"Authorization: Bearer &lt;your_jwt_token>\"<\/pre>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"257\" src=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-12-1024x257.png\" alt=\"\" class=\"wp-image-2721\" srcset=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-12-1024x257.png 1024w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-12-300x75.png 300w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-12-768x193.png 768w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-12-1536x386.png 1536w, https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-12-2048x515.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<hr class=\"wp-block-separator has-text-color has-cyan-bluish-gray-color has-alpha-channel-opacity has-cyan-bluish-gray-background-color has-background is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>\u603b\u7ed3<\/strong><\/h2>\n\n\n\n<p>\u5728\u672c\u7bc7\u535a\u5ba2\u4e2d\uff0c\u6211\u4eec\u6210\u529f\u5730\u5b9e\u73b0\u4e86\u4e00\u4e2a\u7b80\u5355\u7684 SSO \u670d\u52a1\u5668\u7684\u57fa\u7840\u529f\u80fd\uff0c\u5305\u62ec\u7528\u6237\u6ce8\u518c\u3001\u767b\u5f55\u4ee5\u53ca\u57fa\u4e8e <strong>JWT<\/strong> \u7684\u8ba4\u8bc1\u3002\u6211\u4eec\u4f7f\u7528\u4e86 <strong>Flask<\/strong> \u6846\u67b6\u642d\u5efa\u4e86\u540e\u7aef\u5e94\u7528\uff0c\u4f7f\u7528 <strong>bcrypt<\/strong> \u5bf9\u5bc6\u7801\u8fdb\u884c\u4e86\u5b89\u5168\u7684\u5b58\u50a8\u548c\u9a8c\u8bc1\u3002<\/p>\n\n\n\n<p>\u4e0b\u4e00\u90e8\u5206\u6211\u4eec\u5c06\u7ee7\u7eed\u6269\u5c55\u8fd9\u4e2a\u7cfb\u7edf\uff0c\u52a0\u5165\u66f4\u591a\u7684\u529f\u80fd\uff0c\u6bd4\u5982 <strong>Token \u8fc7\u671f\u5904\u7406<\/strong>\u3001<strong>\u5237\u65b0 Token<\/strong> \u7b49\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u5f15\u8a00 \u5728\u6570\u5b57\u5316\u65f6\u4ee3\uff0c\u968f\u7740\u4f01\u4e1a\u548c\u5e94\u7528\u7a0b\u5e8f\u7684\u589e\u591a\uff0c\u5982\u4f55\u7ba1\u7406\u7528\u6237\u8eab\u4efd\u548c\u6388\u6743\u8bbf\u95ee\u5df2\u7ecf\u6210\u4e3a\u4e00\u4e2a\u4e9f\u5f85\u89e3\u51b3\u7684\u91cd\u8981\u95ee\u9898\u3002\u4f20\u7edf\u7684\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u5b58\u5728\u4e00\u5b9a\u7684\u5c40\u9650\u6027\uff0c\u65e0\u6cd5\u6ee1\u8db3\u73b0\u4ee3\u5e94\u7528\u7a0b\u5e8f\u5bf9\u5b89\u5168\u3001\u7075\u6d3b\u6027\u548c\u53ef\u6269\u5c55\u6027\u7684\u9700\u6c42\u3002\u56e0\u6b64\uff0c \u8eab\u4efd\u4e0e\u8bbf\u95ee\u7ba1\u7406\uff08IAM\uff09 \u6210\u4e3a\u73b0\u4ee3\u7cfb\u7edf\u67b6\u6784\u7684\u6838\u5fc3\u90e8\u5206\uff0c\u5b83\u4e0d\u4ec5\u6d89\u53ca\u7528\u6237\u8eab\u4efd\u7684\u7ba1\u7406\uff0c\u8fd8\u5305\u62ec\u5bf9\u5e94\u7528\u548c\u8d44\u6e90\u7684\u8bbf\u95ee\u63a7\u5236\u3002 \u5728\u8fd9\u4e00\u7cfb\u5217\u535a\u5ba2\u4e2d\uff0c\u6211\u5c06\u5e26\u4f60\u4e00\u8d77\u7814\u7a76\u5982\u4f55\u6784\u5efa\u4e00\u4e2a SSO\uff08Single Sign-On\uff09 \u7cfb\u7edf\uff0c\u8fd9\u4e0d\u4ec5\u4ec5\u662f\u4e00\u4e2a\u7b80\u5355\u7684\u8eab\u4efd\u9a8c\u8bc1\u529f\u80fd\uff0c\u66f4\u662f\u4e00\u4e2a\u5f3a\u5927\u7684 \u8eab\u4efd\u7ba1\u7406\uff08IAM\uff09 \u7cfb\u7edf\u7684\u57fa\u7840\u3002\u901a\u8fc7\u6784\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668\uff0c\u6211\u4eec\u53ef\u4ee5\u6df1\u5165\u7406\u89e3\u4ee5\u4e0b\u51e0\u4e2a\u5173\u952e\u6982\u5ff5\uff1a \u2611\ufe0f SSO\uff1a\u8ba9\u7528\u6237\u901a\u8fc7\u4e00\u6b21\u767b\u5f55\u5b9e\u73b0\u5bf9\u591a\u4e2a\u5e94\u7528\u7cfb\u7edf\u7684\u8bbf\u95ee\u3002 \u2611\ufe0f IAM\uff1a\u63d0\u4f9b\u4e00\u79cd\u96c6\u4e2d\u7ba1\u7406\u548c\u63a7\u5236\u8eab\u4efd\u8ba4\u8bc1\u3001\u6388\u6743\u548c\u5ba1\u8ba1\u7684\u673a\u5236\u3002 \u2611\ufe0f RBAC\uff08\u57fa\u4e8e\u89d2\u8272\u7684\u8bbf\u95ee\u63a7\u5236\uff09\uff1a\u6839\u636e\u7528\u6237\u7684\u89d2\u8272\u548c\u6743\u9650\u7ba1\u7406\u4ed6\u4eec\u5bf9\u8d44\u6e90\u7684\u8bbf\u95ee\u63a7\u5236\uff0c\u786e\u4fdd\u7cfb\u7edf\u4e2d\u7684\u6bcf\u4e2a\u7528\u6237\u90fd\u80fd\u6309\u7167\u6388\u6743\u7684\u6743\u9650\u8bbf\u95ee\u76f8\u5e94\u7684\u8d44\u6e90\u3002 \u5728\u672c\u7cfb\u5217\u7684\u7b2c\u4e00\u90e8\u5206\u4e2d\uff0c\u6211\u4eec\u5c06\u5b9e\u73b0\u4e00\u4e2a\u57fa\u7840\u7684 SSO \u767b\u5f55 + \u8ba4\u8bc1 API\uff0c\u4e3a\u6784\u5efa\u4e00\u4e2a\u9ad8\u6548\u3001\u5b89\u5168\u7684\u8eab\u4efd\u7ba1\u7406\u7cfb\u7edf\u5960\u5b9a\u57fa\u7840\u3002\u968f\u7740\u7cfb\u5217\u7684\u6df1\u5165\uff0c\u6211\u4eec\u4f1a\u9010\u6b65\u6269\u5c55\u529f\u80fd\uff0c\u63a2\u8ba8\u5982\u4f55\u5b9e\u73b0\u590d\u6742\u7684\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u3001\u89d2\u8272\u7ba1\u7406\u3001\u6743\u9650\u63a7\u5236\u7b49 IAM \u548c RBAC \u76f8\u5173\u7684\u529f\u80fd\uff0c\u5e2e\u52a9\u4f60\u5168\u9762\u4e86\u89e3\u4e00\u4e2a\u73b0\u4ee3\u4f01\u4e1a\u7ea7\u5e94\u7528\u7cfb\u7edf\u7684\u8eab\u4efd\u7ba1\u7406\u67b6\u6784\u3002 \u5728\u672c\u7bc7\u4e2d\uff0c\u6211\u4eec\u5c06\uff1a \u8ba9\u6211\u4eec\u4e00\u6b65\u6b65\u6765\u770b\u5982\u4f55\u5b9e\u73b0\u8fd9\u4e00\u8fc7\u7a0b\u3002 \u4f7f\u7528\u7684\u6280\u672f Python \u4f9d\u8d56\u5b89\u88c5 \u6b65\u9aa41 &#8211; \u521b\u5efa\u6570\u636e\u5e93\u4e0e\u8868 \u5728\u5b9e\u73b0 SSO \u7cfb\u7edf\u4e4b\u524d\uff0c\u6211\u4eec\u9996\u5148\u9700\u8981\u521b\u5efa\u4e00\u4e2a MySQL \u6570\u636e\u5e93\u6765\u5b58\u50a8\u7528\u6237\u4fe1\u606f\u3002\u4ee5\u4e0b\u662f\u521b\u5efa\u6570\u636e\u5e93\u548c\u8868\u7684\u6b65\u9aa4\uff1a 1. \u521b\u5efa\u6570\u636e\u5e93 \u9996\u5148\uff0c\u5728 MySQL \u4e2d\u521b\u5efa\u4e00\u4e2a\u6570\u636e\u5e93\u6765\u5b58\u50a8\u7528\u6237\u6570\u636e\uff1a 2. \u521b\u5efa\u7528\u6237\u8868 \u63a5\u7740\uff0c\u521b\u5efa\u4e00\u4e2a users \u8868\u6765\u5b58\u50a8\u7528\u6237\u7684\u57fa\u672c\u4fe1\u606f\u548c\u54c8\u5e0c\u5bc6\u7801\u3002\u8fd9\u4e2a\u8868\u5c06\u5305\u542b\u4e24\u4e2a\u5b57\u6bb5\uff1aid \u548c password_hash\u3002id \u662f\u4e3b\u952e\uff0cpassword_hash \u7528\u4e8e\u5b58\u50a8\u7528\u6237\u7684\u5bc6\u7801\u54c8\u5e0c\u3002 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[10],"tags":[73],"class_list":["post-2691","post","type-post","status-publish","format-standard","hentry","category-tutorial","tag-iam"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 - Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API - \u6781\u7b80IT\uff5cSimpleIT<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ruianding.com\/blog\/\u642d\u5efa\u81ea\u5df1\u7684-sso-\u670d\u52a1\u5668-part-1\uff1a\u5b9e\u73b0\u767b\u5f55-\u8ba4\u8bc1-api\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 - Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API - \u6781\u7b80IT\uff5cSimpleIT\" \/>\n<meta property=\"og:description\" content=\"\u5f15\u8a00 \u5728\u6570\u5b57\u5316\u65f6\u4ee3\uff0c\u968f\u7740\u4f01\u4e1a\u548c\u5e94\u7528\u7a0b\u5e8f\u7684\u589e\u591a\uff0c\u5982\u4f55\u7ba1\u7406\u7528\u6237\u8eab\u4efd\u548c\u6388\u6743\u8bbf\u95ee\u5df2\u7ecf\u6210\u4e3a\u4e00\u4e2a\u4e9f\u5f85\u89e3\u51b3\u7684\u91cd\u8981\u95ee\u9898\u3002\u4f20\u7edf\u7684\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u5b58\u5728\u4e00\u5b9a\u7684\u5c40\u9650\u6027\uff0c\u65e0\u6cd5\u6ee1\u8db3\u73b0\u4ee3\u5e94\u7528\u7a0b\u5e8f\u5bf9\u5b89\u5168\u3001\u7075\u6d3b\u6027\u548c\u53ef\u6269\u5c55\u6027\u7684\u9700\u6c42\u3002\u56e0\u6b64\uff0c \u8eab\u4efd\u4e0e\u8bbf\u95ee\u7ba1\u7406\uff08IAM\uff09 \u6210\u4e3a\u73b0\u4ee3\u7cfb\u7edf\u67b6\u6784\u7684\u6838\u5fc3\u90e8\u5206\uff0c\u5b83\u4e0d\u4ec5\u6d89\u53ca\u7528\u6237\u8eab\u4efd\u7684\u7ba1\u7406\uff0c\u8fd8\u5305\u62ec\u5bf9\u5e94\u7528\u548c\u8d44\u6e90\u7684\u8bbf\u95ee\u63a7\u5236\u3002 \u5728\u8fd9\u4e00\u7cfb\u5217\u535a\u5ba2\u4e2d\uff0c\u6211\u5c06\u5e26\u4f60\u4e00\u8d77\u7814\u7a76\u5982\u4f55\u6784\u5efa\u4e00\u4e2a SSO\uff08Single Sign-On\uff09 \u7cfb\u7edf\uff0c\u8fd9\u4e0d\u4ec5\u4ec5\u662f\u4e00\u4e2a\u7b80\u5355\u7684\u8eab\u4efd\u9a8c\u8bc1\u529f\u80fd\uff0c\u66f4\u662f\u4e00\u4e2a\u5f3a\u5927\u7684 \u8eab\u4efd\u7ba1\u7406\uff08IAM\uff09 \u7cfb\u7edf\u7684\u57fa\u7840\u3002\u901a\u8fc7\u6784\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668\uff0c\u6211\u4eec\u53ef\u4ee5\u6df1\u5165\u7406\u89e3\u4ee5\u4e0b\u51e0\u4e2a\u5173\u952e\u6982\u5ff5\uff1a \u2611\ufe0f SSO\uff1a\u8ba9\u7528\u6237\u901a\u8fc7\u4e00\u6b21\u767b\u5f55\u5b9e\u73b0\u5bf9\u591a\u4e2a\u5e94\u7528\u7cfb\u7edf\u7684\u8bbf\u95ee\u3002 \u2611\ufe0f IAM\uff1a\u63d0\u4f9b\u4e00\u79cd\u96c6\u4e2d\u7ba1\u7406\u548c\u63a7\u5236\u8eab\u4efd\u8ba4\u8bc1\u3001\u6388\u6743\u548c\u5ba1\u8ba1\u7684\u673a\u5236\u3002 \u2611\ufe0f RBAC\uff08\u57fa\u4e8e\u89d2\u8272\u7684\u8bbf\u95ee\u63a7\u5236\uff09\uff1a\u6839\u636e\u7528\u6237\u7684\u89d2\u8272\u548c\u6743\u9650\u7ba1\u7406\u4ed6\u4eec\u5bf9\u8d44\u6e90\u7684\u8bbf\u95ee\u63a7\u5236\uff0c\u786e\u4fdd\u7cfb\u7edf\u4e2d\u7684\u6bcf\u4e2a\u7528\u6237\u90fd\u80fd\u6309\u7167\u6388\u6743\u7684\u6743\u9650\u8bbf\u95ee\u76f8\u5e94\u7684\u8d44\u6e90\u3002 \u5728\u672c\u7cfb\u5217\u7684\u7b2c\u4e00\u90e8\u5206\u4e2d\uff0c\u6211\u4eec\u5c06\u5b9e\u73b0\u4e00\u4e2a\u57fa\u7840\u7684 SSO \u767b\u5f55 + \u8ba4\u8bc1 API\uff0c\u4e3a\u6784\u5efa\u4e00\u4e2a\u9ad8\u6548\u3001\u5b89\u5168\u7684\u8eab\u4efd\u7ba1\u7406\u7cfb\u7edf\u5960\u5b9a\u57fa\u7840\u3002\u968f\u7740\u7cfb\u5217\u7684\u6df1\u5165\uff0c\u6211\u4eec\u4f1a\u9010\u6b65\u6269\u5c55\u529f\u80fd\uff0c\u63a2\u8ba8\u5982\u4f55\u5b9e\u73b0\u590d\u6742\u7684\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u3001\u89d2\u8272\u7ba1\u7406\u3001\u6743\u9650\u63a7\u5236\u7b49 IAM \u548c RBAC \u76f8\u5173\u7684\u529f\u80fd\uff0c\u5e2e\u52a9\u4f60\u5168\u9762\u4e86\u89e3\u4e00\u4e2a\u73b0\u4ee3\u4f01\u4e1a\u7ea7\u5e94\u7528\u7cfb\u7edf\u7684\u8eab\u4efd\u7ba1\u7406\u67b6\u6784\u3002 \u5728\u672c\u7bc7\u4e2d\uff0c\u6211\u4eec\u5c06\uff1a \u8ba9\u6211\u4eec\u4e00\u6b65\u6b65\u6765\u770b\u5982\u4f55\u5b9e\u73b0\u8fd9\u4e00\u8fc7\u7a0b\u3002 \u4f7f\u7528\u7684\u6280\u672f Python \u4f9d\u8d56\u5b89\u88c5 \u6b65\u9aa41 &#8211; \u521b\u5efa\u6570\u636e\u5e93\u4e0e\u8868 \u5728\u5b9e\u73b0 SSO \u7cfb\u7edf\u4e4b\u524d\uff0c\u6211\u4eec\u9996\u5148\u9700\u8981\u521b\u5efa\u4e00\u4e2a MySQL \u6570\u636e\u5e93\u6765\u5b58\u50a8\u7528\u6237\u4fe1\u606f\u3002\u4ee5\u4e0b\u662f\u521b\u5efa\u6570\u636e\u5e93\u548c\u8868\u7684\u6b65\u9aa4\uff1a 1. \u521b\u5efa\u6570\u636e\u5e93 \u9996\u5148\uff0c\u5728 MySQL \u4e2d\u521b\u5efa\u4e00\u4e2a\u6570\u636e\u5e93\u6765\u5b58\u50a8\u7528\u6237\u6570\u636e\uff1a 2. \u521b\u5efa\u7528\u6237\u8868 \u63a5\u7740\uff0c\u521b\u5efa\u4e00\u4e2a users \u8868\u6765\u5b58\u50a8\u7528\u6237\u7684\u57fa\u672c\u4fe1\u606f\u548c\u54c8\u5e0c\u5bc6\u7801\u3002\u8fd9\u4e2a\u8868\u5c06\u5305\u542b\u4e24\u4e2a\u5b57\u6bb5\uff1aid \u548c password_hash\u3002id \u662f\u4e3b\u952e\uff0cpassword_hash \u7528\u4e8e\u5b58\u50a8\u7528\u6237\u7684\u5bc6\u7801\u54c8\u5e0c\u3002 [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ruianding.com\/blog\/\u642d\u5efa\u81ea\u5df1\u7684-sso-\u670d\u52a1\u5668-part-1\uff1a\u5b9e\u73b0\u767b\u5f55-\u8ba4\u8bc1-api\/\" \/>\n<meta property=\"og:site_name\" content=\"\u6781\u7b80IT\uff5cSimpleIT\" \/>\n<meta property=\"article:published_time\" content=\"2025-03-25T10:22:02+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-02-07T07:10:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png\" \/>\n\t<meta property=\"og:image:width\" content=\"211\" \/>\n\t<meta property=\"og:image:height\" content=\"382\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Ruian Ding\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ruian Ding\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/\"},\"author\":{\"name\":\"Ruian Ding\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"headline\":\"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 &#8211; Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API\",\"datePublished\":\"2025-03-25T10:22:02+00:00\",\"dateModified\":\"2026-02-07T07:10:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/\"},\"wordCount\":125,\"publisher\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"image\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png\",\"keywords\":[\"IAM\"],\"articleSection\":[\"Tutorial\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/\",\"url\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/\",\"name\":\"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 - Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API - \u6781\u7b80IT\uff5cSimpleIT\",\"isPartOf\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png\",\"datePublished\":\"2025-03-25T10:22:02+00:00\",\"dateModified\":\"2026-02-07T07:10:30+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#primaryimage\",\"url\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png\",\"contentUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png\",\"width\":211,\"height\":382},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.ruianding.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 &#8211; Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#website\",\"url\":\"https:\/\/www.ruianding.com\/blog\/\",\"name\":\"Ruian's Tech Troubleshooting Toolbox\",\"description\":\"Debug the World.\",\"publisher\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"alternateName\":\"\u4e01\u777f\u5b89\u7684\u6280\u672f\u5206\u4eab\u535a\u5ba2\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.ruianding.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\",\"name\":\"Ruian Ding\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png\",\"contentUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png\",\"width\":284,\"height\":284,\"caption\":\"Ruian Ding\"},\"logo\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/\"},\"description\":\"I am currently a Support Specialist at NIO, focusing on cloud-related issues for NIO Power. Previously, at Microsoft Entra ID, I specialized in identity and access management (IAM), including device registration, Windows Hello for Business (WHfB), multi-factor authentication (MFA), and single sign-on (SSO). In addition to my core expertise, I have a strong foundation in Active Directory, Servers, Cloud Computing, Network Administration, and Front-end Web Development. This diverse technical skill set enables me to effectively handle a wide range of challenges in a fast-paced IT environment.\",\"sameAs\":[\"https:\/\/www.ruianding.com\"],\"url\":\"https:\/\/www.ruianding.com\/blog\/author\/ruiand\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 - Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API - \u6781\u7b80IT\uff5cSimpleIT","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ruianding.com\/blog\/\u642d\u5efa\u81ea\u5df1\u7684-sso-\u670d\u52a1\u5668-part-1\uff1a\u5b9e\u73b0\u767b\u5f55-\u8ba4\u8bc1-api\/","og_locale":"en_US","og_type":"article","og_title":"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 - Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API - \u6781\u7b80IT\uff5cSimpleIT","og_description":"\u5f15\u8a00 \u5728\u6570\u5b57\u5316\u65f6\u4ee3\uff0c\u968f\u7740\u4f01\u4e1a\u548c\u5e94\u7528\u7a0b\u5e8f\u7684\u589e\u591a\uff0c\u5982\u4f55\u7ba1\u7406\u7528\u6237\u8eab\u4efd\u548c\u6388\u6743\u8bbf\u95ee\u5df2\u7ecf\u6210\u4e3a\u4e00\u4e2a\u4e9f\u5f85\u89e3\u51b3\u7684\u91cd\u8981\u95ee\u9898\u3002\u4f20\u7edf\u7684\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u5b58\u5728\u4e00\u5b9a\u7684\u5c40\u9650\u6027\uff0c\u65e0\u6cd5\u6ee1\u8db3\u73b0\u4ee3\u5e94\u7528\u7a0b\u5e8f\u5bf9\u5b89\u5168\u3001\u7075\u6d3b\u6027\u548c\u53ef\u6269\u5c55\u6027\u7684\u9700\u6c42\u3002\u56e0\u6b64\uff0c \u8eab\u4efd\u4e0e\u8bbf\u95ee\u7ba1\u7406\uff08IAM\uff09 \u6210\u4e3a\u73b0\u4ee3\u7cfb\u7edf\u67b6\u6784\u7684\u6838\u5fc3\u90e8\u5206\uff0c\u5b83\u4e0d\u4ec5\u6d89\u53ca\u7528\u6237\u8eab\u4efd\u7684\u7ba1\u7406\uff0c\u8fd8\u5305\u62ec\u5bf9\u5e94\u7528\u548c\u8d44\u6e90\u7684\u8bbf\u95ee\u63a7\u5236\u3002 \u5728\u8fd9\u4e00\u7cfb\u5217\u535a\u5ba2\u4e2d\uff0c\u6211\u5c06\u5e26\u4f60\u4e00\u8d77\u7814\u7a76\u5982\u4f55\u6784\u5efa\u4e00\u4e2a SSO\uff08Single Sign-On\uff09 \u7cfb\u7edf\uff0c\u8fd9\u4e0d\u4ec5\u4ec5\u662f\u4e00\u4e2a\u7b80\u5355\u7684\u8eab\u4efd\u9a8c\u8bc1\u529f\u80fd\uff0c\u66f4\u662f\u4e00\u4e2a\u5f3a\u5927\u7684 \u8eab\u4efd\u7ba1\u7406\uff08IAM\uff09 \u7cfb\u7edf\u7684\u57fa\u7840\u3002\u901a\u8fc7\u6784\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668\uff0c\u6211\u4eec\u53ef\u4ee5\u6df1\u5165\u7406\u89e3\u4ee5\u4e0b\u51e0\u4e2a\u5173\u952e\u6982\u5ff5\uff1a \u2611\ufe0f SSO\uff1a\u8ba9\u7528\u6237\u901a\u8fc7\u4e00\u6b21\u767b\u5f55\u5b9e\u73b0\u5bf9\u591a\u4e2a\u5e94\u7528\u7cfb\u7edf\u7684\u8bbf\u95ee\u3002 \u2611\ufe0f IAM\uff1a\u63d0\u4f9b\u4e00\u79cd\u96c6\u4e2d\u7ba1\u7406\u548c\u63a7\u5236\u8eab\u4efd\u8ba4\u8bc1\u3001\u6388\u6743\u548c\u5ba1\u8ba1\u7684\u673a\u5236\u3002 \u2611\ufe0f RBAC\uff08\u57fa\u4e8e\u89d2\u8272\u7684\u8bbf\u95ee\u63a7\u5236\uff09\uff1a\u6839\u636e\u7528\u6237\u7684\u89d2\u8272\u548c\u6743\u9650\u7ba1\u7406\u4ed6\u4eec\u5bf9\u8d44\u6e90\u7684\u8bbf\u95ee\u63a7\u5236\uff0c\u786e\u4fdd\u7cfb\u7edf\u4e2d\u7684\u6bcf\u4e2a\u7528\u6237\u90fd\u80fd\u6309\u7167\u6388\u6743\u7684\u6743\u9650\u8bbf\u95ee\u76f8\u5e94\u7684\u8d44\u6e90\u3002 \u5728\u672c\u7cfb\u5217\u7684\u7b2c\u4e00\u90e8\u5206\u4e2d\uff0c\u6211\u4eec\u5c06\u5b9e\u73b0\u4e00\u4e2a\u57fa\u7840\u7684 SSO \u767b\u5f55 + \u8ba4\u8bc1 API\uff0c\u4e3a\u6784\u5efa\u4e00\u4e2a\u9ad8\u6548\u3001\u5b89\u5168\u7684\u8eab\u4efd\u7ba1\u7406\u7cfb\u7edf\u5960\u5b9a\u57fa\u7840\u3002\u968f\u7740\u7cfb\u5217\u7684\u6df1\u5165\uff0c\u6211\u4eec\u4f1a\u9010\u6b65\u6269\u5c55\u529f\u80fd\uff0c\u63a2\u8ba8\u5982\u4f55\u5b9e\u73b0\u590d\u6742\u7684\u8eab\u4efd\u9a8c\u8bc1\u673a\u5236\u3001\u89d2\u8272\u7ba1\u7406\u3001\u6743\u9650\u63a7\u5236\u7b49 IAM \u548c RBAC \u76f8\u5173\u7684\u529f\u80fd\uff0c\u5e2e\u52a9\u4f60\u5168\u9762\u4e86\u89e3\u4e00\u4e2a\u73b0\u4ee3\u4f01\u4e1a\u7ea7\u5e94\u7528\u7cfb\u7edf\u7684\u8eab\u4efd\u7ba1\u7406\u67b6\u6784\u3002 \u5728\u672c\u7bc7\u4e2d\uff0c\u6211\u4eec\u5c06\uff1a \u8ba9\u6211\u4eec\u4e00\u6b65\u6b65\u6765\u770b\u5982\u4f55\u5b9e\u73b0\u8fd9\u4e00\u8fc7\u7a0b\u3002 \u4f7f\u7528\u7684\u6280\u672f Python \u4f9d\u8d56\u5b89\u88c5 \u6b65\u9aa41 &#8211; \u521b\u5efa\u6570\u636e\u5e93\u4e0e\u8868 \u5728\u5b9e\u73b0 SSO \u7cfb\u7edf\u4e4b\u524d\uff0c\u6211\u4eec\u9996\u5148\u9700\u8981\u521b\u5efa\u4e00\u4e2a MySQL \u6570\u636e\u5e93\u6765\u5b58\u50a8\u7528\u6237\u4fe1\u606f\u3002\u4ee5\u4e0b\u662f\u521b\u5efa\u6570\u636e\u5e93\u548c\u8868\u7684\u6b65\u9aa4\uff1a 1. \u521b\u5efa\u6570\u636e\u5e93 \u9996\u5148\uff0c\u5728 MySQL \u4e2d\u521b\u5efa\u4e00\u4e2a\u6570\u636e\u5e93\u6765\u5b58\u50a8\u7528\u6237\u6570\u636e\uff1a 2. \u521b\u5efa\u7528\u6237\u8868 \u63a5\u7740\uff0c\u521b\u5efa\u4e00\u4e2a users \u8868\u6765\u5b58\u50a8\u7528\u6237\u7684\u57fa\u672c\u4fe1\u606f\u548c\u54c8\u5e0c\u5bc6\u7801\u3002\u8fd9\u4e2a\u8868\u5c06\u5305\u542b\u4e24\u4e2a\u5b57\u6bb5\uff1aid \u548c password_hash\u3002id \u662f\u4e3b\u952e\uff0cpassword_hash \u7528\u4e8e\u5b58\u50a8\u7528\u6237\u7684\u5bc6\u7801\u54c8\u5e0c\u3002 [&hellip;]","og_url":"https:\/\/www.ruianding.com\/blog\/\u642d\u5efa\u81ea\u5df1\u7684-sso-\u670d\u52a1\u5668-part-1\uff1a\u5b9e\u73b0\u767b\u5f55-\u8ba4\u8bc1-api\/","og_site_name":"\u6781\u7b80IT\uff5cSimpleIT","article_published_time":"2025-03-25T10:22:02+00:00","article_modified_time":"2026-02-07T07:10:30+00:00","og_image":[{"width":211,"height":382,"url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png","type":"image\/png"}],"author":"Ruian Ding","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Ruian Ding","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#article","isPartOf":{"@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/"},"author":{"name":"Ruian Ding","@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"headline":"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 &#8211; Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API","datePublished":"2025-03-25T10:22:02+00:00","dateModified":"2026-02-07T07:10:30+00:00","mainEntityOfPage":{"@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/"},"wordCount":125,"publisher":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"image":{"@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png","keywords":["IAM"],"articleSection":["Tutorial"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/","url":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/","name":"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 - Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API - \u6781\u7b80IT\uff5cSimpleIT","isPartOf":{"@id":"https:\/\/www.ruianding.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#primaryimage"},"image":{"@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png","datePublished":"2025-03-25T10:22:02+00:00","dateModified":"2026-02-07T07:10:30+00:00","breadcrumb":{"@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#primaryimage","url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png","contentUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2025\/03\/image-9.png","width":211,"height":382},{"@type":"BreadcrumbList","@id":"https:\/\/www.ruianding.com\/blog\/%e6%90%ad%e5%bb%ba%e8%87%aa%e5%b7%b1%e7%9a%84-sso-%e6%9c%8d%e5%8a%a1%e5%99%a8-part-1%ef%bc%9a%e5%ae%9e%e7%8e%b0%e7%99%bb%e5%bd%95-%e8%ae%a4%e8%af%81-api\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.ruianding.com\/blog\/"},{"@type":"ListItem","position":2,"name":"\u642d\u5efa\u81ea\u5df1\u7684 SSO \u670d\u52a1\u5668 &#8211; Part 1: \u5b9e\u73b0\u767b\u5f55 + \u8ba4\u8bc1 API"}]},{"@type":"WebSite","@id":"https:\/\/www.ruianding.com\/blog\/#website","url":"https:\/\/www.ruianding.com\/blog\/","name":"Ruian's Tech Troubleshooting Toolbox","description":"Debug the World.","publisher":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"alternateName":"\u4e01\u777f\u5b89\u7684\u6280\u672f\u5206\u4eab\u535a\u5ba2","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ruianding.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b","name":"Ruian Ding","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png","contentUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png","width":284,"height":284,"caption":"Ruian Ding"},"logo":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/"},"description":"I am currently a Support Specialist at NIO, focusing on cloud-related issues for NIO Power. Previously, at Microsoft Entra ID, I specialized in identity and access management (IAM), including device registration, Windows Hello for Business (WHfB), multi-factor authentication (MFA), and single sign-on (SSO). In addition to my core expertise, I have a strong foundation in Active Directory, Servers, Cloud Computing, Network Administration, and Front-end Web Development. This diverse technical skill set enables me to effectively handle a wide range of challenges in a fast-paced IT environment.","sameAs":["https:\/\/www.ruianding.com"],"url":"https:\/\/www.ruianding.com\/blog\/author\/ruiand\/"}]}},"_links":{"self":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/2691","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/comments?post=2691"}],"version-history":[{"count":25,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/2691\/revisions"}],"predecessor-version":[{"id":2755,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/2691\/revisions\/2755"}],"wp:attachment":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/media?parent=2691"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/categories?post=2691"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/tags?post=2691"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}