Skip to content
Nick Wang edited this page Jun 2, 2022 · 7 revisions

REST API

Archery从Release v1.8.4开始支持REST API (#1475)

目前支持的接口:

  • 用户/用户组/资源组CRUD、用户认证校验
  • 实例CRUD/实例资源
  • SQL上线工单清单/SQL检查/提交SQL上线工单/待审核清单/审核工单/执行工单/工单日志

API文档

访问项目:https://demo.archerydms.com/api/swagger/

image

API调试页面:

image

redoc: https://demo.archerydms.com/api/redoc/

image

配置

配置API_USER_WHITELIST,将API账号添加至白名单
image

token有效期:安全起见,不可设置过短

# API Authentication
SIMPLE_JWT = {
    'ACCESS_TOKEN_LIFETIME': timedelta(hours=4),
    'REFRESH_TOKEN_LIFETIME': timedelta(days=3),
    ...
}

限速:目前所有业务接口均需要鉴权,所以anon为token接口频率,user为业务接口频率

# API Framework
REST_FRAMEWORK = {
    ...
    # 限速(anon:未认证用户  user:认证用户)
    ...
    'DEFAULT_THROTTLE_RATES': {
        'anon': '120/min',
        'user': '600/min'
    },
    ...
}

获取·刷新·校验token

Archery API鉴权使用JSON Web Token (JWT)

使用Archery账号获取access token和refresh token

curl \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"username": "archery_api_user", "password": "archery_api_user_password"}' \
  http://archeryhost:9123/api/auth/token/

Responses:
{
    "refresh": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTY1MjU5ODA3OCwiaWF0IjoxNjUwMDA2MDc4LCJqdGkiOiIwMjM3MjA5ZTBiY2U0ZThmYjI1MTI3ZTU3NDU3NDZjMSIsInVzZXJfaWQiOjI1fQ.iQZP1-lvtgV84KmwI-eq5WyhMI4Yj9jLiVO1QpyFXWc",
    "access": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjUyNTk4MDc4LCJpYXQiOjE2NTAwMDYwNzgsImp0aSI6IjYwMTBjYzNlMmI4NjQxNjA4MWFmMzEyNzdhYjQ0M2RmIiwidXNlcl9pZCI6MjV9.el6V4MbJmJZF_rclDwrOEbi1rpMcCVAmRAPfmPeflwU"
}

使用refresh token刷新access token

curl \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"refresh":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTY1MjU5ODA3OCwiaWF0IjoxNjUwMDA2MDc4LCJqdGkiOiIwMjM3MjA5ZTBiY2U0ZThmYjI1MTI3ZTU3NDU3NDZjMSIsInVzZXJfaWQiOjI1fQ.iQZP1-lvtgV84KmwI-eq5WyhMI4Yj9jLiVO1QpyFXWc"}' \
  http://archeryhost:9123/api/auth/token/refresh/

Responses:
{
    "access": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjUzNDQ2NzQ5LCJqdGkiOiI0MjdiZDY3ZWVkZDA0NjliOWIwMDhkMGEyZTMyN2U2YSIsImlhdCI6MTY1MDAwNjA3OCwidXNlcl9pZCI6MjV9.97os81Ph9cBLs1kmKmFjV5hzSnAQ-HaL-rok5dJAy4M"
}

校验token有效性

curl \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTY1MjU5ODA3OCwiaWF0IjoxNjUwMDA2MDc4LCJqdGkiOiIwMjM3MjA5ZTBiY2U0ZThmYjI1MTI3ZTU3NDU3NDZjMSIsInVzZXJfaWQiOjI1fQ.iQZP1-lvtgV84KmwI-eq5WyhMI4Yj9jLiVO1QpyFXWc"}' \
  http://archeryhost:9123/api/auth/token/verify/

Responses:
valid:
{}

invalid:
{
    "detail": "Token is invalid or expired",
    "code": "token_not_valid"
}

请求业务接口

使用access token请求业务接口

curl \
  -X GET \
  -H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjUyNTk4MDc4LCJpYXQiOjE2NTAwMDYwNzgsImp0aSI6IjYwMTBjYzNlMmI4NjQxNjA4MWFmMzEyNzdhYjQ0M2RmIiwidXNlcl9pZCI6MjV9.el6V4MbJmJZF_rclDwrOEbi1rpMcCVAmRAPfmPeflwU" \
  http://archeryhost:9123/api/v1/instance/

Responses:
{
    "count": 12,
    "next": "http://archeryhost:9123/api/v1/instance/?page=2",
    "previous": null,
    "results": [
        {
            "id": 1,
            "instance_name": "192.168.233.111 - 测试",
            "type": "master",
            "db_type": "mysql",
            "mode": "",
            "host": "192.168.233.111",
            "port": 3306,
            "user": "archery",
            "db_name": "db_test",
            "charset": "utf8mb4",
            "service_name": null,
            "sid": null,
            "create_time": "2022-03-28T10:50:26.161812",
            "update_time": "2022-04-12T15:28:26.287502",
            "tunnel": null,
            "resource_group": [
                1
            ],
            "instance_tag": [
                1,
                2
            ]
        },
        ...
    ]
}