def process_request(self,req): """ session 检查 - 超时或用户身份为鉴定,提示用户登录 webapi权限调用检查 - 业务用户与管理员api调用控制 - 不同权限用户的api调用控制 :param request: :return: """ if project.settings.DEBUG: print 'META:',req.META print 'PATH:',req.path print 'GET:',req.GET print 'POST:',req.POST prefix ='/WEBAPI/' if req.path.find(prefix) != -1: IGNAL_LIST=('/domain','/accessToken','/hippo/') match = False for path in IGNAL_LIST: if req.path.find(path)!=-1: match = True break if match: return try: session = req.META.get('HTTP_SESSION_TOKEN') if not session: session = req.META.get('SESSION-TOKEN') ifver = req.META.get('HTTP_IF_VERSION') if not ifver: ifver = req.META.get('IF-VERSION') userinfo = decodeUserToken(session) if not userinfo: return FailCallReturn(ErrorDefs.TokenInvalid).httpResponse() userinfo = json.loads(userinfo) req.META['USER_ID'] = str(userinfo['user_id']) except: traceback.print_exc() return FailCallReturn(ErrorDefs.TokenInvalid).httpResponse()