Archery从Release v1.8.4开始支持REST API (#1475)
目前支持的接口:
- 用户/用户组/资源组CRUD、用户认证校验
- 实例CRUD/实例资源
- SQL上线工单清单/SQL检查/提交SQL上线工单/待审核清单/审核工单/执行工单/工单日志
访问项目:https://demo.archerydms.com/api/swagger/
API调试页面:
redoc:
https://demo.archerydms.com/api/redoc/
配置API_USER_WHITELIST,将API账号添加至白名单
token有效期:安全起见,不可设置过短
# API Authentication
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(hours=4),
'REFRESH_TOKEN_LIFETIME': timedelta(days=3),
...
}
限速:目前所有业务接口均需要鉴权,所以anon为token接口频率,user为业务接口频率
# API Framework
REST_FRAMEWORK = {
...
# 限速(anon:未认证用户 user:认证用户)
...
'DEFAULT_THROTTLE_RATES': {
'anon': '120/min',
'user': '600/min'
},
...
}
Archery API鉴权使用JSON Web Token (JWT)
使用Archery账号获取access token和refresh token
curl \
-X POST \
-H "Content-Type: application/json" \
-d '{"username": "archery_api_user", "password": "archery_api_user_password"}' \
http://archeryhost:9123/api/auth/token/
Responses:
{
"refresh": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTY1MjU5ODA3OCwiaWF0IjoxNjUwMDA2MDc4LCJqdGkiOiIwMjM3MjA5ZTBiY2U0ZThmYjI1MTI3ZTU3NDU3NDZjMSIsInVzZXJfaWQiOjI1fQ.iQZP1-lvtgV84KmwI-eq5WyhMI4Yj9jLiVO1QpyFXWc",
"access": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjUyNTk4MDc4LCJpYXQiOjE2NTAwMDYwNzgsImp0aSI6IjYwMTBjYzNlMmI4NjQxNjA4MWFmMzEyNzdhYjQ0M2RmIiwidXNlcl9pZCI6MjV9.el6V4MbJmJZF_rclDwrOEbi1rpMcCVAmRAPfmPeflwU"
}
使用refresh token刷新access token
curl \
-X POST \
-H "Content-Type: application/json" \
-d '{"refresh":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTY1MjU5ODA3OCwiaWF0IjoxNjUwMDA2MDc4LCJqdGkiOiIwMjM3MjA5ZTBiY2U0ZThmYjI1MTI3ZTU3NDU3NDZjMSIsInVzZXJfaWQiOjI1fQ.iQZP1-lvtgV84KmwI-eq5WyhMI4Yj9jLiVO1QpyFXWc"}' \
http://archeryhost:9123/api/auth/token/refresh/
Responses:
{
"access": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjUzNDQ2NzQ5LCJqdGkiOiI0MjdiZDY3ZWVkZDA0NjliOWIwMDhkMGEyZTMyN2U2YSIsImlhdCI6MTY1MDAwNjA3OCwidXNlcl9pZCI6MjV9.97os81Ph9cBLs1kmKmFjV5hzSnAQ-HaL-rok5dJAy4M"
}
校验token有效性
curl \
-X POST \
-H "Content-Type: application/json" \
-d '{"token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoicmVmcmVzaCIsImV4cCI6MTY1MjU5ODA3OCwiaWF0IjoxNjUwMDA2MDc4LCJqdGkiOiIwMjM3MjA5ZTBiY2U0ZThmYjI1MTI3ZTU3NDU3NDZjMSIsInVzZXJfaWQiOjI1fQ.iQZP1-lvtgV84KmwI-eq5WyhMI4Yj9jLiVO1QpyFXWc"}' \
http://archeryhost:9123/api/auth/token/verify/
Responses:
valid:
{}
invalid:
{
"detail": "Token is invalid or expired",
"code": "token_not_valid"
}
使用access token请求业务接口
curl \
-X GET \
-H "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0b2tlbl90eXBlIjoiYWNjZXNzIiwiZXhwIjoxNjUyNTk4MDc4LCJpYXQiOjE2NTAwMDYwNzgsImp0aSI6IjYwMTBjYzNlMmI4NjQxNjA4MWFmMzEyNzdhYjQ0M2RmIiwidXNlcl9pZCI6MjV9.el6V4MbJmJZF_rclDwrOEbi1rpMcCVAmRAPfmPeflwU" \
http://archeryhost:9123/api/v1/instance/
Responses:
{
"count": 12,
"next": "http://archeryhost:9123/api/v1/instance/?page=2",
"previous": null,
"results": [
{
"id": 1,
"instance_name": "192.168.233.111 - 测试",
"type": "master",
"db_type": "mysql",
"mode": "",
"host": "192.168.233.111",
"port": 3306,
"user": "archery",
"db_name": "db_test",
"charset": "utf8mb4",
"service_name": null,
"sid": null,
"create_time": "2022-03-28T10:50:26.161812",
"update_time": "2022-04-12T15:28:26.287502",
"tunnel": null,
"resource_group": [
1
],
"instance_tag": [
1,
2
]
},
...
]
}