Blame view
middlewares/session_middleware.py
3.13 KB
e11f60ade m |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
# coding: utf-8 import requests from django.conf import settings from django.core.cache import caches from django.contrib.auth import get_user_model from django.contrib.auth.models import AnonymousUser class SessionWithoutLocalUserMiddleware(object): """ 统一权限(认证)中间件,Django系统本地不保存用户的情况使用 """ def __init__(self): self.cache_alias = settings.CACHE_MIDDLEWARE_ALIAS self.cache = caches[self.cache_alias] self.UserModel = get_user_model() def process_request(self, request): if hasattr(request, "user") and getattr(request.user, "is_superuser", False): # 对于Django系统的admin用户,这里不做任何处理 pass else: pt = request.COOKIES.get('pt') pu = request.COOKIES.get('pu') |
1a597f51f add login token |
26 |
username = request.COOKIES.get('username') |
e11f60ade m |
27 |
if pt and pu: |
1a597f51f add login token |
28 29 |
# 查询session状态成功的情况,构造QCCRUser user = XYTUser(username, pu, pt) |
e11f60ade m |
30 31 32 33 34 35 36 37 38 39 |
request.user = user else: # 拿不到统一认证的session,将当前用户设为匿名用户 request.user = AnonymousUser() class Manager(object): def __init__(self): self.auth_domain = 'https://api.xiuyetang.com/sys/user/login' |
1a597f51f add login token |
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 |
class XYTUser(object): id = None pk = None username = '' sessionId = '' accountNo = '' employeeName = '' employeeId = 0 employeeNo = '' employeeTel = '' deptIds = '' email = '' entryTime = '' uid = '' is_staff = False is_active = False is_superuser = False _groups = '' _user_permissions = '' def __init__(self, username, pu, pt): self.username = username self.id = pu self.pk = pu self.sessionId = pt def __str__(self): return self.username def __eq__(self, other): return self.username == other.username def __ne__(self, other): return not self.__eq__(other) def __hash__(self): return hash(self.username) def save(self): raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.") def delete(self): raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. User info in LDAP.") def set_password(self, raw_password): raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.") def check_password(self, raw_password): raise NotImplementedError("Django doesn't provide a DB representation for QCCRUser. Password in LDAP.") def _get_groups(self): return self._groups groups = property(_get_groups) def _get_user_permissions(self): return self._user_permissions user_permissions = property(_get_user_permissions) def get_group_permissions(self, obj=None): return set() @property def is_anonymous(self): return lambda: False @property def is_authenticated(self): return lambda: True def get_username(self): return self.username |