second commit

6 months ago · 4b472747b9
parent 6f6a5e2ca1
commit 4b472747b9
18 changed files with 62 additions and 1 deletions
--- a/auth/.DS_Store
+++ b/auth/.DS_Store
--- a/auth/MyRateThrottle.py
+++ b/auth/MyRateThrottle.py
@ -0,0 +1,5 @@
+from rest_framework.throttling import AnonRateThrottle
+
+
+class MyRateThrottle(AnonRateThrottle):
+    THROTTLE_RATES = {"anon": "5/min"}
--- a/auth/init.py
+++ b/auth/init.py
--- a/auth/pycache/MyRateThrottle.cpython-312.pyc
+++ b/auth/pycache/MyRateThrottle.cpython-312.pyc
--- a/auth/pycache/MyRateThrottle.cpython-38.pyc
+++ b/auth/pycache/MyRateThrottle.cpython-38.pyc
--- a/auth/pycache/init.cpython-312.pyc
+++ b/auth/pycache/init.cpython-312.pyc
--- a/auth/pycache/init.cpython-38.pyc
+++ b/auth/pycache/init.cpython-38.pyc
--- a/auth/pycache/authentication.cpython-312.pyc
+++ b/auth/pycache/authentication.cpython-312.pyc
--- a/auth/pycache/authentication.cpython-38.pyc
+++ b/auth/pycache/authentication.cpython-38.pyc
--- a/auth/authentication.py
+++ b/auth/authentication.py
@ -0,0 +1,45 @@
+from rest_framework import exceptions
+from rest_framework.authentication import BaseAuthentication
+
+from myapp.models import User
+
+
+# 后台接口认证
+class AdminTokenAuthtication(BaseAuthentication):
+    def authenticate(self, request):
+        adminToken = request.META.get("HTTP_ADMINTOKEN")
+        print("检查adminToken==>" + adminToken)
+        users = User.objects.filter(admin_token=adminToken)
+        """
+        判定条件：
+            1. 传了adminToken 
+            2. 查到了该帐号 
+            3. 该帐号是管理员或演示帐号
+        """
+        if not adminToken or len(users) == 0 or users[0].role == '2':
+            raise exceptions.AuthenticationFailed("AUTH_FAIL_END")
+        else:
+            print('adminToken验证通过')
+
+
+# 前台接口认证
+class TokenAuthtication(BaseAuthentication):
+    def authenticate(self, request):
+        token = request.META.get("HTTP_TOKEN", "")
+        if token is not None:
+            print("检查token==>" + token)
+            users = User.objects.filter(token=token)
+            # print(users)
+            """
+            判定条件：
+                1. 传了token 
+                2. 查到了该帐号 
+                3. 该帐号是普通用户
+            """
+            if not token or len(users) == 0 or (users[0].role in ['1', '3']):
+                raise exceptions.AuthenticationFailed("AUTH_FAIL_FRONT")
+            else:
+                print('token验证通过')
+        else:
+            print("检查token==>token 为空")
+            raise exceptions.AuthenticationFailed("AUTH_FAIL_FRONT")
--- a/1
+++ b/1
@ -1 +0,0 @@
-Subproject commit 7d3f991a052db79492ad91f51cb582665e2e42d2
--- a/permission/.DS_Store
+++ b/permission/.DS_Store
--- a/permission/init.py
+++ b/permission/init.py
--- a/permission/pycache/init.cpython-312.pyc
+++ b/permission/pycache/init.cpython-312.pyc
--- a/permission/pycache/init.cpython-38.pyc
+++ b/permission/pycache/init.cpython-38.pyc
--- a/permission/pycache/permission.cpython-312.pyc
+++ b/permission/pycache/permission.cpython-312.pyc
--- a/permission/pycache/permission.cpython-38.pyc
+++ b/permission/pycache/permission.cpython-38.pyc
--- a/permission/permission.py
+++ b/permission/permission.py
@ -0,0 +1,12 @@
+from myapp.models import User
+
+
+def isDemoAdminUser(request):
+    adminToken = request.META.get("HTTP_ADMINTOKEN")
+    users = User.objects.filter(admin_token=adminToken)
+    if len(users) > 0:
+        user = users[0]
+        if user.role == '3':  # （角色3）表示演示帐号
+            print('演示帐号===>')
+            return True
+    return False
				`@ -1 +0,0 @@`
				`Subproject commit 7d3f991a052db79492ad91f51cb582665e2e42d2`