大屏用户登录header

2022-02-15 15:04:32 +08:00 · 2022-02-15 15:04:32 +08:00 · e93f6b6e36
parent 9e5efe57d4
commit e93f6b6e36
4 changed files with 8 additions and 9 deletions
--- a/hb_server/apps/system/authentication.py
+++ b/hb_server/apps/system/authentication.py
@ -9,15 +9,11 @@ class CustomBackend(ModelBackend):
    def authenticate(self, request, username=None, password=None, **kwargs):
        if username is None:
            username = kwargs.get(UserModel.USERNAME_FIELD)
-        if username is None or password is None:
-            return
        try:
            user = UserModel._default_manager.get(
                Q(username=username) | Q(phone=username) | Q(email=username))
        except UserModel.DoesNotExist:
-            # Run the default password hasher once to reduce the timing
-            # difference between an existing and a nonexistent user (#20760).
-            UserModel().set_password(password)
+            return None
        else:
            if user.check_password(password) and self.user_can_authenticate(user):
                return user
--- a/hb_server/apps/system/permission.py
+++ b/hb_server/apps/system/permission.py
@ -35,7 +35,10 @@ class RbacPermission(BasePermission):
        :return:
        """
        if not request.user:
-            perms = ['visitor'] # 如果没有经过认证,视为游客
+            if request.META.get('HTTP_AUTHORIZATION', None) == 'big_screen':
+                perms = ['visitor']
+            else:
+                return False
        else:
            perms = cache.get(request.user.username + '__perms')
        if not perms:
--- a/hb_server/server/settings.py
+++ b/hb_server/server/settings.py
@ -158,7 +158,7 @@ REST_FRAMEWORK = {
        'rest_framework.authentication.SessionAuthentication',
    ],
    'DEFAULT_PERMISSION_CLASSES': [
-        'rest_framework.permissions.IsAuthenticated',
+        # 'rest_framework.permissions.IsAuthenticated',
        'apps.system.permission.RbacPermission'
    ],
    'DEFAULT_RENDERER_CLASSES': [
--- a/hb_server/utils/response.py
+++ b/hb_server/utils/response.py
@ -48,9 +48,9 @@ class FitJSONRenderer(JSONRenderer):
        response_body = BaseResponse()
        response = renderer_context.get("response")
        status_code = response.status_code # Http状态异常码
-        print(status_code)
        if status_code >= 400:  # 如果http响应异常
-            if isinstance(data, dict) and 'code' in data: # 如果自定义了异常码
+            if isinstance(data, dict) \
+                and 'code' in data and 'msg' in data: # 如果自定义了异常码
                response_body = data
            else:
                response_body.data = data  # data里是详细异常信息