spug/spug_api/libs/middleware.py

44 lines
1.5 KiB
Python
Raw Normal View History

2020-01-15 12:48:22 +00:00
# Copyright: (c) OpenSpug Organization. https://github.com/openspug/spug
# Copyright: (c) <spug.dev@gmail.com>
# Released under the MIT License.
2019-11-08 08:53:16 +00:00
from django.utils.deprecation import MiddlewareMixin
from django.conf import settings
from .utils import json_response
from apps.account.models import User
import traceback
import time
class HandleExceptionMiddleware(MiddlewareMixin):
"""
处理试图函数异常
"""
def process_exception(self, request, exception):
traceback.print_exc()
return json_response(error='Exception: %s' % exception)
class AuthenticationMiddleware(MiddlewareMixin):
"""
登录验证
"""
def process_request(self, request):
if request.path in settings.AUTHENTICATION_EXCLUDES:
return None
if any(x.match(request.path) for x in settings.AUTHENTICATION_EXCLUDES if hasattr(x, 'match')):
return None
2020-01-10 04:32:41 +00:00
access_token = request.headers.get('x-token') or request.GET.get('x-token')
2019-11-08 08:53:16 +00:00
if access_token and len(access_token) == 32:
2020-01-10 04:32:41 +00:00
x_real_ip = request.headers.get('x-real-ip', '')
2019-11-08 08:53:16 +00:00
user = User.objects.filter(access_token=access_token).first()
2020-01-10 04:32:41 +00:00
if user and x_real_ip == user.last_ip and user.token_expired >= time.time() and user.is_active:
2019-11-08 08:53:16 +00:00
request.user = user
user.token_expired = time.time() + 8 * 60 * 60
user.save()
return None
response = json_response(error="验证失败,请重新登录")
response.status_code = 401
return response