朱振超 / forum

Blame view

middlewares/session_middleware.py 3.13 KB
edit raw normal view history
c323519dd   zhenchaozhu   m 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
 
  # coding: utf-8
  
  import requests
  from django.conf import settings
  from django.core.cache import caches
  from django.contrib.auth import get_user_model
  from django.contrib.auth.models import AnonymousUser
  
  
  class SessionWithoutLocalUserMiddleware(object):
      """
      统一权限(认证)中间件,Django系统本地不保存用户的情况使用
      """
  
      def __init__(self):
          self.cache_alias = settings.CACHE_MIDDLEWARE_ALIAS
          self.cache = caches[self.cache_alias]
          self.UserModel = get_user_model()
  
      def process_request(self, request):
          if hasattr(request, "user") and getattr(request.user, "is_superuser", False):
              # 对于Django系统的admin用户,这里不做任何处理
              pass
          else:
              pt = request.COOKIES.get('pt')
              pu = request.COOKIES.get('pu')
              username = request.COOKIES.get('username')
              if pt and pu:
                  # 查询session状态成功的情况,构造QCCRUser
                  user = XYTUser(username, pu, pt)
                  request.user = user
              else:
                  # 拿不到统一认证的session,将当前用户设为匿名用户
                  request.user = AnonymousUser()
  
  
  class Manager(object):
  
      def __init__(self):
          self.auth_domain = 'https://api.xiuyetang.com/sys/user/login'
  
  
  class XYTUser(object):
      id = None
      pk = None
      username = ''
      sessionId = ''
      accountNo = ''
      employeeName = ''
      employeeId = 0
      employeeNo = ''
      employeeTel = ''
      deptIds = ''
      email = ''
      entryTime = ''
      uid = ''
      is_staff = False
      is_active = False
      is_superuser = False
      _groups = ''
      _user_permissions = ''
  
      def __init__(self, username, pu, pt):
          self.username = username
          self.id = pu
          self.pk = pu
          self.sessionId = pt
  
      def __str__(self):
          return self.username
  
      def __eq__(self, other):
          return self.username == other.username
  
      def __ne__(self, other):
          return not self.__eq__(other)
  
      def __hash__(self):
          return hash(self.username)
  
      def save(self):
          raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
  
      def delete(self):
          raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
  
      def set_password(self, raw_password):
          raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
  
      def check_password(self, raw_password):
          raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
  
      def _get_groups(self):
          return self._groups
  
      groups = property(_get_groups)
  
      def _get_user_permissions(self):
          return self._user_permissions
  
      user_permissions = property(_get_user_permissions)
  
      def get_group_permissions(self, obj=None):
          return set()
  
      @property
      def is_anonymous(self):
          return lambda: False
  
      @property
      def is_authenticated(self):
          return lambda: True
  
      def get_username(self):
          return self.username