def before_app_request(): if request.endpoint and 'static' in request.endpoint: return if request.endpoint and request.endpoint.split('.')[-1] in ['favicon']: return # #############通用登录检查代码############## # 登录成功后,session中必有phone,单点登录成功用户的身份识别使用phone。 phone = session.get('phone', None) if not phone: # 没有登录或者session已经过期 # session['access_url'] = request.url # return redirect('%s://%s/bbsconsole/user/login' % (config.scheme, config.domain)) return # 找到登录的用户 ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=phone) if not ta.exists: raise BadRequest(description='用户不存在!') # 如果不为职工,则不允许登录 staff = Staff(uid=ta.uid) if not staff.exists: raise BadRequest(description='您不在职工列表内!') g.user = User(uid=ta.uid) session['user'] = g.user.to_dict() session['power'] = [] urls = [] staff = Staff(uid=g.user.uid) if staff.exists: roleids = staff.roleids if roleids: roles = StaffRole.query(roleid=roleids) for r in roles: l = r.to_dict().get('permission_urls') if r.to_dict().get( 'permission_urls') else [] urls.extend(l) session['power'] = '|'.join(list(set(urls))) # 拒绝url直接访问 if str(request.path) in Blueprint.get_allmenu_urls() and str( request.path) not in list(set(urls)): raise BadRequest(description='无权限访问!')