def __auth(self, path: str, session_user: User, session: SessionBase, request: HttpRequest):
"""
权限验证
:param session: 会话
:param request: 请求对象
:return:
"""
if path != '/login/':
if session_user is not None:
# 权限判断
if self.not_intercept_urls.count(path) > 0:
if path == '/index/':
session[SESSION_SELECT_URL_KEY] = '/index/'
return self.get_response(request)
menus_json = session.get(SESSION_MENUS_KEY)
menu_vos = json.loads(menus_json, object_hook=lambda d: utils.dict_to_obj(d, MenuVO()))
for menu_vo in menu_vos:
if menu_vo.url and menu_vo.url == path:
session[SESSION_SELECT_URL_KEY] = path
return self.get_response(request)
else:
session[SESSION_SELECT_URL_KEY] = '/index/'
raise PermissionDenied
else:
return HttpResponseRedirect(redirect_to='/login/')
elif session_user is not None:
return HttpResponseRedirect(redirect_to='/index/')
else:
return self.get_response(request)
def sudo_password_needed(session: SessionBase) -> bool:
"""
Check whether password reentry is necessary for sudo actions
"""
timestamp = int(session.get(SUDO_SESSION_KEY, '0'))
time_diff = time.time() - timestamp
return time_diff >= SUDO_TIMEOUT_SEC or time_diff < 0
def get_action_payload(session: SessionBase) -> Dict:
"""Get the payload from the current session.
:param session: Session object
:return: request.session[session_dictionary_name] or None
"""
return session.get(action_session_dictionary)
def sudo_password_expires_at(session: SessionBase) -> datetime.datetime:
"""
Return exact expiry time of current sudo session
"""
timestamp = int(session.get(SUDO_SESSION_KEY, '0'))
renew_time = datetime.datetime.fromtimestamp(
timestamp, timezone.get_default_timezone())
renew_time += datetime.timedelta(seconds=SUDO_TIMEOUT_SEC)
return renew_time
def is_user_authenticated(session: SessionBase) -> bool:
"""Return True if user is authenticated on website and False if not"""
return session.get("is_authenticated", False)