add code comment

1 year ago · 4785eff591
parent 37d597cd2f
commit 4785eff591
5 changed files with 27 additions and 3 deletions
--- a/EduSystemServer/API/middle.py
+++ b/EduSystemServer/API/middle.py
@ -8,6 +8,9 @@ from teacher.models import Teacher


 class JWTMiddleware:
+    """
+    JWT中间件，验证用户是否登录
+    """
    def __init__(self, get_response):
        self.get_response = get_response

@ -28,13 +31,13 @@ class JWTMiddleware:
            # 将解码后的 Token 数据存储在 request 中，以便视图可以访问
            if payload.get("type") == "student":
                if not Student.objects.filter(username=payload.get("username")).exists():
-                    return JsonResponse(ResponseUtil.error("登录失效！"))
+                    return JsonResponse(ResponseUtil.error("错误信息！"), status=401)
            if payload.get("type") == "teacher":
                if not Teacher.objects.filter(username=payload.get("username")).exists():
-                    return JsonResponse(ResponseUtil.error("登录失效！"))
+                    return JsonResponse(ResponseUtil.error("错误信息！"), status=401)
            if payload.get("type") == "admin":
                if not Admin.objects.filter(username=payload.get("username")).exists():
-                    return JsonResponse(ResponseUtil.error("登录失效！"))
+                    return JsonResponse(ResponseUtil.error("错误信息！"), status=401)
            request.jwt_payload = payload
        except jwt.ExpiredSignatureError:
            return JsonResponse(ResponseUtil.error("登录失效！"), status=401)
--- a/EduSystemServer/API/views.py
+++ b/EduSystemServer/API/views.py
@ -26,6 +26,9 @@ def generate_jwt_token(user, _type):

@csrf_exempt
 def login(request):
+    """
+    登录
+    """
    username = request.POST.get("username")
    password = request.POST.get("password")
    _type = request.POST.get("type")
@ -54,6 +57,9 @@ def login(request):

@csrf_exempt
 def get_user_info(request):
+    """
+    返回用户信息
+    """
    _type = request.jwt_payload.get("type")
    username = request.jwt_payload.get("username")
    if _type == "student":
--- a/EduSystemServer/EduSystemServer/settings.py
+++ b/EduSystemServer/EduSystemServer/settings.py
@ -174,4 +174,5 @@ CORS_ALLOW_HEADERS = (
    'Cookie',  # 添加Cookie到允许的头部
 )

+# token密钥
 TOKEN_KEY = "eduSystem"
--- a/EduSystemServer/EduSystemServer/utils.py
+++ b/EduSystemServer/EduSystemServer/utils.py
@ -5,6 +5,7 @@ from django.http import HttpResponseForbidden, JsonResponse
 def permission(allowed_roles):
    """
    装饰器：权限控制
+    使用装饰器对路由视图进行权限控制
    """
    def decorator(view_func):
        @wraps(view_func)
@ -16,6 +17,7 @@ def permission(allowed_roles):
        return _wrapped_view
    return decorator

+
 class ResponseUtil:
    @staticmethod
    def ok(data, message="success!"):
--- a/EduSystemServer/Student/views.py
+++ b/EduSystemServer/Student/views.py
@ -16,6 +16,9 @@ from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
@csrf_exempt
@permission(allowed_roles=["admin", "teacher"])
 def add_student(request):
+    """
+    添加学生
+    """
    if not request.method == "POST":
        return JsonResponse(ResponseUtil.error("request method error!"))
    try:
@ -37,6 +40,9 @@ def add_student(request):
@csrf_exempt
@permission(allowed_roles=["admin", "teacher"])
 def search_student(request):
+    """
+    根据表单对学生进行模糊查询，以及将查询的数据进行分页
+    """
    currentPage = request.GET.get("currentPage")
    pageSize = request.GET.get("pageSize")
    request_data = request.POST
@ -67,6 +73,9 @@ def search_student(request):
@csrf_exempt
@permission(allowed_roles=["admin", "teacher"])
 def del_student(request):
+    """
+    根据学生ID删除学生
+    """
    if not request.method == "GET":
        return JsonResponse(ResponseUtil.error("request method error!"))
    try:
@ -82,6 +91,9 @@ def del_student(request):
@csrf_exempt
@permission(allowed_roles=["admin", "student", "teacher"])
 def select_course(request):
+    """
+    选课
+    """
    if not request.method == "POST":
        return JsonResponse(ResponseUtil.error("request method error!"))
    try: