second commit

6 months ago · d4c78b8d5d
parent a9820ca7f3
commit d4c78b8d5d
34 changed files with 62 additions and 0 deletions
--- a/pycache/init.cpython-312.pyc
+++ b/pycache/init.cpython-312.pyc
--- a/pycache/init.cpython-38.pyc
+++ b/pycache/init.cpython-38.pyc
--- a/pycache/admin.cpython-312.pyc
+++ b/pycache/admin.cpython-312.pyc
--- a/pycache/admin.cpython-38.pyc
+++ b/pycache/admin.cpython-38.pyc
--- a/pycache/apps.cpython-312.pyc
+++ b/pycache/apps.cpython-312.pyc
--- a/pycache/apps.cpython-38.pyc
+++ b/pycache/apps.cpython-38.pyc
--- a/pycache/handler.cpython-312.pyc
+++ b/pycache/handler.cpython-312.pyc
--- a/pycache/handler.cpython-38.pyc
+++ b/pycache/handler.cpython-38.pyc
--- a/pycache/models.cpython-312.pyc
+++ b/pycache/models.cpython-312.pyc
--- a/pycache/models.cpython-38.pyc
+++ b/pycache/models.cpython-38.pyc
--- a/pycache/serializers.cpython-312.pyc
+++ b/pycache/serializers.cpython-312.pyc
--- a/pycache/serializers.cpython-38.pyc
+++ b/pycache/serializers.cpython-38.pyc
--- a/pycache/urls.cpython-312.pyc
+++ b/pycache/urls.cpython-312.pyc
--- a/pycache/urls.cpython-38.pyc
+++ b/pycache/urls.cpython-38.pyc
--- a/pycache/utils.cpython-312.pyc
+++ b/pycache/utils.cpython-312.pyc
--- a/pycache/utils.cpython-38.pyc
+++ b/pycache/utils.cpython-38.pyc
--- a/auth/.DS_Store
+++ b/auth/.DS_Store
--- a/auth/MyRateThrottle.py
+++ b/auth/MyRateThrottle.py
@ -0,0 +1,5 @@
+from rest_framework.throttling import AnonRateThrottle
+
+
+class MyRateThrottle(AnonRateThrottle):
+    THROTTLE_RATES = {"anon": "5/min"}
--- a/auth/init.py
+++ b/auth/init.py
--- a/auth/pycache/MyRateThrottle.cpython-312.pyc
+++ b/auth/pycache/MyRateThrottle.cpython-312.pyc
--- a/auth/pycache/MyRateThrottle.cpython-38.pyc
+++ b/auth/pycache/MyRateThrottle.cpython-38.pyc
--- a/auth/pycache/init.cpython-312.pyc
+++ b/auth/pycache/init.cpython-312.pyc
--- a/auth/pycache/init.cpython-38.pyc
+++ b/auth/pycache/init.cpython-38.pyc
--- a/auth/pycache/authentication.cpython-312.pyc
+++ b/auth/pycache/authentication.cpython-312.pyc
--- a/auth/pycache/authentication.cpython-38.pyc
+++ b/auth/pycache/authentication.cpython-38.pyc
--- a/auth/authentication.py
+++ b/auth/authentication.py
@ -0,0 +1,45 @@
+from rest_framework import exceptions
+from rest_framework.authentication import BaseAuthentication
+
+from myapp.models import User
+
+
+# 后台接口认证
+class AdminTokenAuthtication(BaseAuthentication):
+    def authenticate(self, request):
+        adminToken = request.META.get("HTTP_ADMINTOKEN")
+        print("检查adminToken==>" + adminToken)
+        users = User.objects.filter(admin_token=adminToken)
+        """
+        判定条件：
+            1. 传了adminToken 
+            2. 查到了该帐号 
+            3. 该帐号是管理员或演示帐号
+        """
+        if not adminToken or len(users) == 0 or users[0].role == '2':
+            raise exceptions.AuthenticationFailed("AUTH_FAIL_END")
+        else:
+            print('adminToken验证通过')
+
+
+# 前台接口认证
+class TokenAuthtication(BaseAuthentication):
+    def authenticate(self, request):
+        token = request.META.get("HTTP_TOKEN", "")
+        if token is not None:
+            print("检查token==>" + token)
+            users = User.objects.filter(token=token)
+            # print(users)
+            """
+            判定条件：
+                1. 传了token 
+                2. 查到了该帐号 
+                3. 该帐号是普通用户
+            """
+            if not token or len(users) == 0 or (users[0].role in ['1', '3']):
+                raise exceptions.AuthenticationFailed("AUTH_FAIL_FRONT")
+            else:
+                print('token验证通过')
+        else:
+            print("检查token==>token 为空")
+            raise exceptions.AuthenticationFailed("AUTH_FAIL_FRONT")
--- a/0
+++ b/0
--- a/permission/.DS_Store
+++ b/permission/.DS_Store
--- a/permission/init.py
+++ b/permission/init.py
--- a/permission/pycache/init.cpython-312.pyc
+++ b/permission/pycache/init.cpython-312.pyc
--- a/permission/pycache/init.cpython-38.pyc
+++ b/permission/pycache/init.cpython-38.pyc
--- a/permission/pycache/permission.cpython-312.pyc
+++ b/permission/pycache/permission.cpython-312.pyc
--- a/permission/pycache/permission.cpython-38.pyc
+++ b/permission/pycache/permission.cpython-38.pyc
--- a/permission/permission.py
+++ b/permission/permission.py
@ -0,0 +1,12 @@
+from myapp.models import User
+
+
+def isDemoAdminUser(request):
+    adminToken = request.META.get("HTTP_ADMINTOKEN")
+    users = User.objects.filter(admin_token=adminToken)
+    if len(users) > 0:
+        user = users[0]
+        if user.role == '3':  # （角色3）表示演示帐号
+            print('演示帐号===>')
+            return True
+    return False