def before_app_request():
if request.endpoint and 'static' in request.endpoint:
return
if request.endpoint and request.endpoint.split('.')[-1] in ['favicon']:
return
# #############通用登录检查代码##############
# 登录成功后,session中必有phone,单点登录成功用户的身份识别使用phone。
phone = session.get('phone', None)
if not phone:
# 没有登录或者session已经过期
# session['access_url'] = request.url
# return redirect('%s://%s/bbsconsole/user/login' % (config.scheme, config.domain))
return
# 找到登录的用户
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=phone)
if not ta.exists:
raise BadRequest(description='用户不存在!')
# 如果不为职工,则不允许登录
staff = Staff(uid=ta.uid)
if not staff.exists:
raise BadRequest(description='您不在职工列表内!')
g.user = User(uid=ta.uid)
session['user'] = g.user.to_dict()
session['power'] = []
urls = []
staff = Staff(uid=g.user.uid)
if staff.exists:
roleids = staff.roleids
if roleids:
roles = StaffRole.query(roleid=roleids)
for r in roles:
l = r.to_dict().get('permission_urls') if r.to_dict().get(
'permission_urls') else []
urls.extend(l)
session['power'] = '|'.join(list(set(urls)))
# 拒绝url直接访问
if str(request.path) in Blueprint.get_allmenu_urls() and str(
request.path) not in list(set(urls)):
raise BadRequest(description='无权限访问!')
