swagger支持authentication

 import decimal
+from re import template
 
 from flask import Flask as _Flask
 from flask.json import JSONEncoder as _JSONEncoder
@@ -58,18 +59,51 @@ def create_app():
     app.config['OAUTH2_JWT_KEY'] = 'secret-key'
     app.config['OAUTH2_JWT_ALG'] = 'HS256'
     # app.config['SQLALCHEMY_ECHO'] = True
-    
+
     # allows cookies and credentials to be submitted across domains
     app.config['CORS_SUPPORTS_CREDENTIALS'] = true
-    app.config['CORS_ORIGINS ']="*"
+    app.config['CORS_ORIGINS '] = "*"
 
     # 跨域设置
     CORS(app)
 
     # swagger设置
     swagger_config = Swagger.DEFAULT_CONFIG
+    SWAGGER_TEMPLATE = {
+        # "openapi": "3.0.0",
+        # "components": {
+        #     "securitySchemes": {
+        #         "bearerAuth": {
+        #             "type": "http",
+        #             "scheme": "bearer",
+        #             "bearerFormat": "JWT"
+        #         },
+        #     }
+        # },
+        "securityDefinitions": {
+            "APIKeyHeader": {
+                "type": "apiKey",
+                "in": "header",
+                "name": "Authorization"
+            }
+        },
+
+        "security": [{
+            "APIKeyHeader": []
+        }
+        ]
+    }
+
+    swagger_config = Swagger.DEFAULT_CONFIG
     swagger_config.update(configure.swagger_configure)
-    Swagger(app, config=swagger_config)
+    # swagger_config['openapi'] = "3.0.0"
+    # swagger_config['swagger_ui_bundle_js'] = '//unpkg.com/swagger-ui-dist@3/swagger-ui-bundle.js'
+    # swagger_config['swagger_ui_standalone_preset_js'] = '//unpkg.com/swagger-ui-dist@3/swagger-ui-standalone-preset.js'
+    # swagger_config['jquery_js'] = '//unpkg.com/jquery@2.2.4/dist/jquery.min.js'
+    # swagger_config['swagger_ui_css'] = '//unpkg.com/swagger-ui-dist@3/swagger-ui.css'
+
+    Swagger(app, config=swagger_config,
+            template=SWAGGER_TEMPLATE)
 
     # 创建数据库
     db.init_app(app)
@@ -77,9 +111,12 @@ def create_app():
 
     # 日志
     logging.basicConfig(level=configure.log_level)
-    log_file = os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))), "logs", "log.txt")
-    handler = logging.FileHandler(log_file, encoding='UTF-8')   # 设置日志字符集和存储路径名字
-    logging_format = logging.Formatter('[%(levelname)s] %(asctime)s %(message)s')
+    log_file = os.path.join(os.path.dirname(os.path.dirname(
+        os.path.realpath(__file__))), "logs", "log.txt")
+    handler = logging.FileHandler(
+        log_file, encoding='UTF-8')   # 设置日志字符集和存储路径名字
+    logging_format = logging.Formatter(
+        '[%(levelname)s] %(asctime)s %(message)s')
     handler.setFormatter(logging_format)
     app.logger.addHandler(handler)
 
@@ -94,14 +131,13 @@ def create_app():
     # 不检测https
     os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
 
-
     @app.before_first_request
     def init_data():
         pass
-
     # start_schedule()
     return app
 
+
 def create_schedule():
     monitor = Flask(__name__)
     monitor.config['SQLALCHEMY_DATABASE_URI'] = configure.SQLALCHEMY_DATABASE_URI
@@ -112,13 +148,13 @@ def create_schedule():
 
     # allows cookies and credentials to be submitted across domains
     monitor.config['CORS_SUPPORTS_CREDENTIALS'] = true
-    monitor.config['CORS_ORIGINS ']="*"
-    
+    monitor.config['CORS_ORIGINS '] = "*"
+
     # swagger设置
     swagger_config = Swagger.DEFAULT_CONFIG
     swagger_config.update(configure.swagger_configure)
     Swagger(monitor, config=swagger_config)
-    
+
     # 创建数据库
     db.init_app(monitor)
     db.create_all(app=monitor)
@@ -128,9 +164,12 @@ def create_schedule():
 
     # 日志
     logging.basicConfig(level=configure.log_level)
-    log_file = os.path.join(os.path.dirname(os.path.dirname(os.path.realpath(__file__))), "logs", "monitor_log.txt")
-    handler = logging.FileHandler(log_file, encoding='UTF-8')   # 设置日志字符集和存储路径名字
-    logging_format = logging.Formatter('[%(levelname)s] %(asctime)s %(message)s')
+    log_file = os.path.join(os.path.dirname(os.path.dirname(
+        os.path.realpath(__file__))), "logs", "monitor_log.txt")
+    handler = logging.FileHandler(
+        log_file, encoding='UTF-8')   # 设置日志字符集和存储路径名字
+    logging_format = logging.Formatter(
+        '[%(levelname)s] %(asctime)s %(message)s')
     handler.setFormatter(logging_format)
     monitor.logger.addHandler(handler)
 

@@ -12,7 +12,7 @@ from authlib.integrations.flask_oauth2 import current_token
 from . import user_create, client_create, client_query, user_query, user_update, user_delete
 import configure
 from app.decorators.auth_decorator import auth_decorator
-
+import time
 
 def current_user():
     if "id" in session:
@@ -46,7 +46,6 @@ class DataManager(BlueprintApi):
                 return jsonify(dict(error.get_body()))
             if not user:
                 return render_template("auth/authorize.html", user=user, grant=grant)
-            # return render_template("auth/login1.html", user=user, grant=grant)
         error = ""
         if not user:
             if not "username" in request.form or not request.form.get("username"):
@@ -166,3 +165,21 @@ class DataManager(BlueprintApi):
         获取client列表
         """
         return client_query.Api().result
+    
+    @staticmethod
+    @bp.route("/init", methods=["GET"])
+    def init():
+        username = 'admin'
+        password = 'admin'
+        if not User.query.filter_by(username=username).one_or_none():
+            user = User(username=username, password=password, role='admin',
+                        phone='', company='', position='', email='',
+                        create_time=time.strftime(
+                            "%Y-%m-%d %H:%M:%S", time.localtime()),
+                        update_time=time.strftime("%Y-%m-%d %H:%M:%S", time.localtime()))
+            db.sesion.add(user)
+            db.session.commit()
+            return "创建默认用户成功"
+        else:
+            return "默认用户已存在"
+

@@ -120,6 +120,18 @@ class HybridGrant(_OpenIDHybridGrant):
 
     def generate_user_info(self, user, scope):
         return generate_user_info(user, scope)
+    
+from authlib.oauth2.rfc6749 import grants
+
+class PasswordGrant(grants.ResourceOwnerPasswordCredentialsGrant):
+    def authenticate_user(self, username, password):
+        user = User.query.filter_by(username=username).first()
+        if user.check_password(password):
+            return user
+        
+    TOKEN_ENDPOINT_AUTH_METHODS = [
+        'client_secret_basic', 'client_secret_post'
+    ]
 
 
 authorization = AuthorizationServer()
@@ -142,6 +154,7 @@ def config_oauth(app):
     ])
     authorization.register_grant(ImplicitGrant)
     authorization.register_grant(HybridGrant)
+    authorization.register_grant(PasswordGrant)
 
     # protect resource
     bearer_cls = create_bearer_token_validator(db.session, OAuth2Token)

@@ -5,7 +5,7 @@ deploy_ip_host = "172.26.40.105:8840"
 # 系统数据库
 
 SQLALCHEMY_DATABASE_URI = "postgresql://postgres:chinadci@172.26.60.100:5432/dmap_manager_test"
-# SQLALCHEMY_DATABASE_URI = "postgresql://postgres:postgres@localhost:5433/dmap_dms_test"
+# SQLALCHEMY_DATABASE_URI = "postgresql://postgres:postgres@localhost:5433/dmap_dms_test1"
 
 # 指定精华表所在位置(必须为空间库)，设置为None则存放在各自的实体库中
 #VACUATE_DB_URI = None
@@ -18,12 +18,13 @@ wmts_url = "http://172.26.99.160:6060"
 wms_url = ""
 
 # 固定配置不需要修改
+#  "openapi": "3.0.2"
 swagger_configure = {"title": "DMapManager"}
 entry_data_thread = 3
 scan_module = ["app.modules"]  # API所在的模块
 SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/'
 # 权限
-PermissionActive = False
+PermissionActive = True
 UserPermission = ['admin']
 MonitorPermission = ['admin']
 DataPermission = ['admin', 'dataman']

+## https://swagger.io/docs/specification/2-0/what-is-swagger/
+## 1 需求：api需要授权
+Swagger(app, config=swagger_config,template=SWAGGER_TEMPLATE)的template中 
+### 确定当前使用swagger的标准
+确定当前使用openapi2版本，需要查阅openapi2的文档
+### 了解简单YAML使用方式
+### 配置
\ No newline at end of file