def __permArr(self, perm: str): permAll = {} arr = [] if not perm else Util.Explode(' ', perm) for val in arr: s = Util.Explode(':', val) permAll[s[0]] = int(s[1]) return permAll
def Perm(token: str): permAll = {} # Token tData = Safety.Decode(token) if not tData: return permAll # 权限 redis = Redis() permStr = redis.Get(Env.api_token_prefix + '_perm_' + tData['uid']) redis.Close() # 拆分 arr = [] if not permStr else Util.Explode(' ', permStr) for val in arr: s = Util.Explode(':', val) permAll[s[0]] = int(s[1]) return permAll
def Base64(params={}): # 参数 param = Util.ArrayMerge( { 'path': 'upload/', #上传目录 'base64': '', #文件内容 'filename': '', #文件名 'ext': 'png', #后缀 }, params) # 内容 base64 = param['base64'] # 否有类型 ct = Util.Explode(',', param['base64']) if len(ct) > 1: param['ext'] = Base64.GetExt(ct[0]) base64 = ct[1] # 创建目录 FileEo.Root = Env.root_dir if not FileEo.Mkdir(param['path']): print('[Upload] Mkdir:', '创建目录失败!') return '' # 文件名 filename = Upload.GetFileName( ) + '.' + param['ext'] if not param['filename'] else param['filename'] if not FileEo.Writer(param['path'] + filename, Base64.Decode(base64)): print('[Upload] Writer:', '保存文件失败!') return '' return filename
def Verify(token: str, urlPerm: str): # Token if token == '': return 'Token不能为空!' tData = Safety.Decode(token) if not tData: return 'Token验证失败!' # 是否过期 uid = str(tData['uid']) redis = Redis() time = redis.Ttl(Env.api_token_prefix + '_token_' + uid) redis.Close() if time < 1: return 'Token已过期!' # 续期 if Env.api_token_auto: redis = Redis() redis.Expire(Env.api_token_prefix + '_token_' + uid, Env.api_token_time) redis.Expire(Env.api_token_prefix + '_perm_' + uid, Env.api_token_time) redis.Close() # URL权限 if urlPerm == '': return '' arr = Util.Explode('/', urlPerm) action = arr[-1:][0] controller = Util.Implode('/', arr[:-1]) # 菜单 menu = ApiMenu() menu.Columns('id', 'action') menu.Where('controller=%s', controller) menuData = menu.FindFirst() if not menuData: return '菜单验证无效!' # 验证-菜单 id = str(menuData['id']) permData = ApiToken.Perm(token) if id not in permData.keys(): return '无权访问菜单!' # 验证-动作 actionVal = permData[id] permArr = Util.JsonDecode(menuData['action']) permVal = 0 for val in permArr: if action == val['action']: permVal = int(val['perm']) break if actionVal & permVal == 0: return '无权访问动作!' return ''