From bad9eb7eb0858476106355cdc990e608ef545e23 Mon Sep 17 00:00:00 2001 From: Wardenjohn Date: Thu, 11 Apr 2024 15:40:29 +0800 Subject: [PATCH] (feat) sysom_hotfix introduce TokenAuthentication --- .../sysom_hotfix/apps/hotfix/views.py | 4 ++- .../sysom_hotfix/lib/authentications.py | 26 +++++++++++++++---- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/sysom_server/sysom_hotfix/apps/hotfix/views.py b/sysom_server/sysom_hotfix/apps/hotfix/views.py index 268d81ce..79437573 100644 --- a/sysom_server/sysom_hotfix/apps/hotfix/views.py +++ b/sysom_server/sysom_hotfix/apps/hotfix/views.py @@ -40,7 +40,7 @@ from lib.function import FunctionClass from sysom_utils import SysomFramework class SaveUploadFile(APIView): - authentication_classes = [] + authentication_classes = [TokenAuthentication] @swagger_auto_schema(operation_description="上传文件", request_body=openapi.Schema( @@ -103,6 +103,7 @@ class HotfixAPIView(GenericViewSet, ): queryset = HotfixModel.objects.filter(deleted_at=None) serializer_class = serializer.HotfixSerializer + authentication_classes = [TokenAuthentication] filter_backends = [DjangoFilterBackend] filterset_fields = ['created_at', 'creator', 'building_status', 'arch'] http_method_names = ['get', 'post', 'patch', 'delete'] @@ -614,6 +615,7 @@ class ReleaseHotfixListAPIView(GenericViewSet, queryset = ReleasedHotfixListModule.objects.all() pagination_class = Pagination serializer_class = serializer.ReleasedHotfixSerializer + authentication_classes = [TokenAuthentication] filter_class = HotfixReleasedFilter filter_backends = [DjangoFilterBackend] http_method_names = ['get', 'post', 'patch', 'put', 'delete'] diff --git a/sysom_server/sysom_hotfix/lib/authentications.py b/sysom_server/sysom_hotfix/lib/authentications.py index e93a4e7b..05ad19e2 100644 --- a/sysom_server/sysom_hotfix/lib/authentications.py +++ b/sysom_server/sysom_hotfix/lib/authentications.py @@ -6,6 +6,7 @@ from django.conf import settings from rest_framework.exceptions import AuthenticationFailed from rest_framework.request import Request from rest_framework.authentication import BaseAuthentication +from sysom_utils import SysomFramework from .utils import import_module @@ -20,7 +21,7 @@ def get_jwt_decode_classes() -> List[BaseAuthentication]: m = getattr(module, 'JWTTokenDecode') jwt_decode_classes.append(m) except Exception as exc: - logger.warn(exc) + logger.warning(exc) return jwt_decode_classes @@ -37,11 +38,26 @@ def decode_token(token: str) -> dict: return result -class TaskAuthentication(BaseAuthentication): +class TokenAuthentication(BaseAuthentication): def authenticate(self, request: Request): token = request.META.get('HTTP_AUTHORIZATION') - payload = decode_token(token) + is_local = request.META.get("REMOTE_HOST", "") in ["localhost", "127.0.0.1"] + try: + payload = decode_token(token) + except Exception as exc: + if is_local: + return {"id": 1, "token": "local"}, None + else: + raise exc + # 判断用户是否已经手动注销登录 + if SysomFramework.gcache("JWT_TOKEN").load(token) is None: + if not is_local: + raise AuthenticationFailed('用户已退出登录!') + payload['token'] = token - if 'sub' in payload: + if "user_id" in payload: + payload['id'] = payload['user_id'] + elif 'sub' in payload: payload['id'] = int(payload['sub']) - return payload, _ + return payload, None + -- Gitee