|
|
import jwt
|
|
|
from django.http import JsonResponse
|
|
|
from EduSystemServer.settings import TOKEN_KEY
|
|
|
from EduSystemServer.utils import ResponseUtil
|
|
|
from Eduadmin.models import Admin
|
|
|
from Student.models import Student
|
|
|
from teacher.models import Teacher
|
|
|
|
|
|
|
|
|
class JWTMiddleware:
|
|
|
"""
|
|
|
JWT中间件,验证用户是否登录
|
|
|
"""
|
|
|
def __init__(self, get_response):
|
|
|
self.get_response = get_response
|
|
|
|
|
|
def __call__(self, request):
|
|
|
# 检查请求的路径是否是登录路由,如果是,放行
|
|
|
if request.path == '/login' \
|
|
|
or request.path == "/index" \
|
|
|
or request.path == "/" \
|
|
|
or request.path.startswith("/admin")\
|
|
|
or request.path.startswith("/static"):
|
|
|
response = self.get_response(request)
|
|
|
return response
|
|
|
# 从请求头中获取 Token
|
|
|
token = request.META.get('HTTP_AUTHORIZATION', '')
|
|
|
try:
|
|
|
# 验证 Token
|
|
|
payload = jwt.decode(token, TOKEN_KEY, algorithms=['HS256'])
|
|
|
# 将解码后的 Token 数据存储在 request 中,以便视图可以访问
|
|
|
if payload.get("type") == "student":
|
|
|
if not Student.objects.filter(username=payload.get("username")).exists():
|
|
|
return JsonResponse(ResponseUtil.error("用户不存在!"), status=401)
|
|
|
if payload.get("type") == "teacher":
|
|
|
if not Teacher.objects.filter(username=payload.get("username")).exists():
|
|
|
return JsonResponse(ResponseUtil.error("用户不存在!"), status=401)
|
|
|
if payload.get("type") == "admin":
|
|
|
if not Admin.objects.filter(username=payload.get("username")).exists():
|
|
|
return JsonResponse(ResponseUtil.error("用户不存在!"), status=401)
|
|
|
request.jwt_payload = payload
|
|
|
except jwt.ExpiredSignatureError:
|
|
|
return JsonResponse(ResponseUtil.error("Token 失效,请重新登录!"), status=401)
|
|
|
except jwt.DecodeError:
|
|
|
return JsonResponse(ResponseUtil.error("Token Error!"), status=401)
|
|
|
# 继续处理请求
|
|
|
response = self.get_response(request)
|
|
|
return response |
