add code comment

master
bettleChen 1 year ago
parent 37d597cd2f
commit 4785eff591

@ -8,6 +8,9 @@ from teacher.models import Teacher
class JWTMiddleware: class JWTMiddleware:
"""
JWT中间件验证用户是否登录
"""
def __init__(self, get_response): def __init__(self, get_response):
self.get_response = get_response self.get_response = get_response
@ -28,13 +31,13 @@ class JWTMiddleware:
# 将解码后的 Token 数据存储在 request 中,以便视图可以访问 # 将解码后的 Token 数据存储在 request 中,以便视图可以访问
if payload.get("type") == "student": if payload.get("type") == "student":
if not Student.objects.filter(username=payload.get("username")).exists(): if not Student.objects.filter(username=payload.get("username")).exists():
return JsonResponse(ResponseUtil.error("登录失效!")) return JsonResponse(ResponseUtil.error("错误信息!"), status=401)
if payload.get("type") == "teacher": if payload.get("type") == "teacher":
if not Teacher.objects.filter(username=payload.get("username")).exists(): if not Teacher.objects.filter(username=payload.get("username")).exists():
return JsonResponse(ResponseUtil.error("登录失效!")) return JsonResponse(ResponseUtil.error("错误信息!"), status=401)
if payload.get("type") == "admin": if payload.get("type") == "admin":
if not Admin.objects.filter(username=payload.get("username")).exists(): if not Admin.objects.filter(username=payload.get("username")).exists():
return JsonResponse(ResponseUtil.error("登录失效!")) return JsonResponse(ResponseUtil.error("错误信息!"), status=401)
request.jwt_payload = payload request.jwt_payload = payload
except jwt.ExpiredSignatureError: except jwt.ExpiredSignatureError:
return JsonResponse(ResponseUtil.error("登录失效!"), status=401) return JsonResponse(ResponseUtil.error("登录失效!"), status=401)

@ -26,6 +26,9 @@ def generate_jwt_token(user, _type):
@csrf_exempt @csrf_exempt
def login(request): def login(request):
"""
登录
"""
username = request.POST.get("username") username = request.POST.get("username")
password = request.POST.get("password") password = request.POST.get("password")
_type = request.POST.get("type") _type = request.POST.get("type")
@ -54,6 +57,9 @@ def login(request):
@csrf_exempt @csrf_exempt
def get_user_info(request): def get_user_info(request):
"""
返回用户信息
"""
_type = request.jwt_payload.get("type") _type = request.jwt_payload.get("type")
username = request.jwt_payload.get("username") username = request.jwt_payload.get("username")
if _type == "student": if _type == "student":

@ -174,4 +174,5 @@ CORS_ALLOW_HEADERS = (
'Cookie', # 添加Cookie到允许的头部 'Cookie', # 添加Cookie到允许的头部
) )
# token密钥
TOKEN_KEY = "eduSystem" TOKEN_KEY = "eduSystem"

@ -5,6 +5,7 @@ from django.http import HttpResponseForbidden, JsonResponse
def permission(allowed_roles): def permission(allowed_roles):
""" """
装饰器权限控制 装饰器权限控制
使用装饰器对路由视图进行权限控制
""" """
def decorator(view_func): def decorator(view_func):
@wraps(view_func) @wraps(view_func)
@ -16,6 +17,7 @@ def permission(allowed_roles):
return _wrapped_view return _wrapped_view
return decorator return decorator
class ResponseUtil: class ResponseUtil:
@staticmethod @staticmethod
def ok(data, message="success!"): def ok(data, message="success!"):

@ -16,6 +16,9 @@ from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
@csrf_exempt @csrf_exempt
@permission(allowed_roles=["admin", "teacher"]) @permission(allowed_roles=["admin", "teacher"])
def add_student(request): def add_student(request):
"""
添加学生
"""
if not request.method == "POST": if not request.method == "POST":
return JsonResponse(ResponseUtil.error("request method error!")) return JsonResponse(ResponseUtil.error("request method error!"))
try: try:
@ -37,6 +40,9 @@ def add_student(request):
@csrf_exempt @csrf_exempt
@permission(allowed_roles=["admin", "teacher"]) @permission(allowed_roles=["admin", "teacher"])
def search_student(request): def search_student(request):
"""
根据表单对学生进行模糊查询以及将查询的数据进行分页
"""
currentPage = request.GET.get("currentPage") currentPage = request.GET.get("currentPage")
pageSize = request.GET.get("pageSize") pageSize = request.GET.get("pageSize")
request_data = request.POST request_data = request.POST
@ -67,6 +73,9 @@ def search_student(request):
@csrf_exempt @csrf_exempt
@permission(allowed_roles=["admin", "teacher"]) @permission(allowed_roles=["admin", "teacher"])
def del_student(request): def del_student(request):
"""
根据学生ID删除学生
"""
if not request.method == "GET": if not request.method == "GET":
return JsonResponse(ResponseUtil.error("request method error!")) return JsonResponse(ResponseUtil.error("request method error!"))
try: try:
@ -82,6 +91,9 @@ def del_student(request):
@csrf_exempt @csrf_exempt
@permission(allowed_roles=["admin", "student", "teacher"]) @permission(allowed_roles=["admin", "student", "teacher"])
def select_course(request): def select_course(request):
"""
选课
"""
if not request.method == "POST": if not request.method == "POST":
return JsonResponse(ResponseUtil.error("request method error!")) return JsonResponse(ResponseUtil.error("request method error!"))
try: try:

Loading…
Cancel
Save