在全局settings.py中添加配置
MIDDLEWARE = [
'apps.middleware.basic_auth_middleware',
...
]
在apps目录下创建middleware.py文件
import hashlib
# django
from django.shortcuts import render
from django.template import loader
from django.http import HttpResponse
from apps.login.views import check_action_illegle
import re
def _unauthed(request):
context = {}
template = loader.get_template('login/login.html')
return HttpResponse(template.render(context, request))
def _change_passwd(request):
context = {}
template = loader.get_template('login/changepassword.html')
return HttpResponse(template.render(context, request))
def basic_auth_middleware(get_response):
def middleware(request):
username = request.COOKIES.get('username')
#access login page and change password page
if re.match(u'/login/userlogin', request.path) or re.match(u'/login/changepasswd', request.path):
return get_response(request)
userInfo = check_action_illegle(request)
#not auth
if not userInfo:
return _unauthed(request)
#force change password
changeFlag = request.COOKIES.get('changeFlag')
if changeFlag=="True":
return _change_passwd(request)
#auth action success
if re.match(u'/login/adduser', request.path) or re.match(u'/login/resetpasswd', request.path) or re.match(u'/login/userlist', request.path):
if userInfo['role']=="管理员":
return get_response(request)
else:
return HttpResponse("您当前没有权限进行这个操作")
#access other pages
return get_response(request)
return middleware