Blame view

middlewares/session_middleware.py 3.13 KB
e11f60ade   zhenchaozhu   m
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
  # coding: utf-8
  
  import requests
  from django.conf import settings
  from django.core.cache import caches
  from django.contrib.auth import get_user_model
  from django.contrib.auth.models import AnonymousUser
  
  class SessionWithoutLocalUserMiddleware(object):
      """
      统一权限(认证)中间件,Django系统本地不保存用户的情况使用
      """
  
      def __init__(self):
          self.cache_alias = settings.CACHE_MIDDLEWARE_ALIAS
          self.cache = caches[self.cache_alias]
          self.UserModel = get_user_model()
  
      def process_request(self, request):
          if hasattr(request, "user") and getattr(request.user, "is_superuser", False):
              # 对于Django系统的admin用户,这里不做任何处理
              pass
          else:
              pt = request.COOKIES.get('pt')
              pu = request.COOKIES.get('pu')
1a597f51f   zhuzhenchao   add login token
26
              username = request.COOKIES.get('username')
e11f60ade   zhenchaozhu   m
27
              if pt and pu:
1a597f51f   zhuzhenchao   add login token
28
29
                  # 查询session状态成功的情况,构造QCCRUser
                  user = XYTUser(username, pu, pt)
e11f60ade   zhenchaozhu   m
30
31
32
33
34
35
36
37
38
39
                  request.user = user
              else:
                  # 拿不到统一认证的session,将当前用户设为匿名用户
                  request.user = AnonymousUser()
  
  
  class Manager(object):
  
      def __init__(self):
          self.auth_domain = 'https://api.xiuyetang.com/sys/user/login'
1a597f51f   zhuzhenchao   add login token
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
  
  class XYTUser(object):
      id = None
      pk = None
      username = ''
      sessionId = ''
      accountNo = ''
      employeeName = ''
      employeeId = 0
      employeeNo = ''
      employeeTel = ''
      deptIds = ''
      email = ''
      entryTime = ''
      uid = ''
      is_staff = False
      is_active = False
      is_superuser = False
      _groups = ''
      _user_permissions = ''
  
      def __init__(self, username, pu, pt):
          self.username = username
          self.id = pu
          self.pk = pu
          self.sessionId = pt
  
      def __str__(self):
          return self.username
  
      def __eq__(self, other):
          return self.username == other.username
  
      def __ne__(self, other):
          return not self.__eq__(other)
  
      def __hash__(self):
          return hash(self.username)
  
      def save(self):
          raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
  
      def delete(self):
          raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.")
  
      def set_password(self, raw_password):
          raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
  
      def check_password(self, raw_password):
          raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.")
  
      def _get_groups(self):
          return self._groups
  
      groups = property(_get_groups)
  
      def _get_user_permissions(self):
          return self._user_permissions
  
      user_permissions = property(_get_user_permissions)
  
      def get_group_permissions(self, obj=None):
          return set()
  
      @property
      def is_anonymous(self):
          return lambda: False
  
      @property
      def is_authenticated(self):
          return lambda: True
  
      def get_username(self):
          return self.username