Commit e11f60ade21caf94a7350969c66725450079e5e4
1 parent
c51fd49afc
Exists in
master
m
Showing
4 changed files
with
76 additions
and
2 deletions
Show diff stats
decrators.py
homepage/views.py
... | ... | @@ -10,6 +10,7 @@ from django.contrib.auth import get_user_model |
10 | 10 | from django.shortcuts import render_to_response |
11 | 11 | from django.template import RequestContext |
12 | 12 | from django.template.context_processors import csrf |
13 | +from django.conf import settings | |
13 | 14 | |
14 | 15 | @login_required |
15 | 16 | def homepage(request): |
... | ... | @@ -31,7 +32,24 @@ def mylogin(request): |
31 | 32 | postdata = request.POST |
32 | 33 | username = postdata.get('username','') |
33 | 34 | password = postdata.get('password','') |
34 | - user = auth.authenticate(username=username, password=password) | |
35 | + post_params = { | |
36 | + 'comefrom': 2, | |
37 | + 'user_name': username, | |
38 | + 'password': password, | |
39 | + } | |
40 | + resp = request.post(settings.AUTH_DOMAIN, data=post_params, verify=False) | |
41 | + if resp.status_code == 200: | |
42 | + rst = resp.json() | |
43 | + if rst.get('status') == 1: | |
44 | + data = rst.get('data') | |
45 | + token = data.get('token') | |
46 | + suid = data.get('1000') | |
47 | + t = HttpResponseRedirect('/admin/') | |
48 | + t.set_cookie('pu', username, 864000) | |
49 | + t.set_cookie(('pt'), ) | |
50 | + | |
51 | + else: | |
52 | + pass | |
35 | 53 | if user: |
36 | 54 | auth.login(request, user) |
37 | 55 | t = HttpResponseRedirect('/admin/') | ... | ... |
middlewares/session_middleware.py
... | ... | @@ -0,0 +1,54 @@ |
1 | +# coding: utf-8 | |
2 | + | |
3 | +import requests | |
4 | +from django.conf import settings | |
5 | +from django.core.cache import caches | |
6 | +from django.contrib.auth import get_user_model | |
7 | +from django.contrib.auth.models import AnonymousUser | |
8 | + | |
9 | +class SessionWithoutLocalUserMiddleware(object): | |
10 | + """ | |
11 | + 统一权限(认证)中间件,Django系统本地不保存用户的情况使用 | |
12 | + """ | |
13 | + | |
14 | + def __init__(self): | |
15 | + self.cache_alias = settings.CACHE_MIDDLEWARE_ALIAS | |
16 | + self.cache = caches[self.cache_alias] | |
17 | + self.UserModel = get_user_model() | |
18 | + | |
19 | + def process_request(self, request): | |
20 | + if hasattr(request, "user") and getattr(request.user, "is_superuser", False): | |
21 | + # 对于Django系统的admin用户,这里不做任何处理 | |
22 | + pass | |
23 | + else: | |
24 | + pt = request.COOKIES.get('pt') | |
25 | + pu = request.COOKIES.get('pu') | |
26 | + if pt and pu: | |
27 | + # 能拿到统一认证session的情况,优先从缓存中拿用户 | |
28 | + user = self.cache.get(pu) | |
29 | + if not user: | |
30 | + # 如果缓存未命中,则直接调用统一权限,查询当前session的状态,构造用户,并存入缓存 | |
31 | + user_info = '' | |
32 | + | |
33 | + manager = Manager() | |
34 | + user_info = manager.get_user_info(request) | |
35 | + if user_info is None: | |
36 | + # 查询session状态失败的情况,构造匿名用户 | |
37 | + user = AnonymousUser() | |
38 | + else: | |
39 | + # 查询session状态成功的情况,构造QCCRUser | |
40 | + user = user_info | |
41 | + self.cache.set(pt, user, 60) | |
42 | + request.user = user | |
43 | + else: | |
44 | + # 拿不到统一认证的session,将当前用户设为匿名用户 | |
45 | + request.user = AnonymousUser() | |
46 | + | |
47 | + | |
48 | +class Manager(object): | |
49 | + | |
50 | + def __init__(self): | |
51 | + self.auth_domain = 'https://api.xiuyetang.com/sys/user/login' | |
52 | + | |
53 | + def get_user_info(self, request): | |
54 | + pass | |
0 | 55 | \ No newline at end of file | ... | ... |
weapp_sys/settings.py
... | ... | @@ -135,4 +135,6 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) |
135 | 135 | MEDIA_ROOT = os.path.join(BASE_DIR, 'media') |
136 | 136 | MEDIA_URL = '/media/' |
137 | 137 | |
138 | -LOGIN_URL = '/login/' | |
139 | 138 | \ No newline at end of file |
139 | +LOGIN_URL = '/login/' | |
140 | + | |
141 | +AUTH_DOMAIN = 'https://api.xiuyetang.com/sys/user/login' | |
140 | 142 | \ No newline at end of file | ... | ... |