【python+Django】全部页面跳转至登录页面_django登录后每打开一个页面都要转到登录页面

在全局settings.py中添加配置

    MIDDLEWARE = [
        'apps.middleware.basic_auth_middleware',
        ...
     ]
1
2
3
4

在apps目录下创建middleware.py文件

import hashlib
# django
from django.shortcuts import render
from django.template import loader
from django.http import HttpResponse
from apps.login.views import check_action_illegle
import re


def _unauthed(request):
    context = {}
    template = loader.get_template('login/login.html')
    return HttpResponse(template.render(context, request))

def _change_passwd(request):
    context = {}
    template = loader.get_template('login/changepassword.html')
    return HttpResponse(template.render(context, request))


def basic_auth_middleware(get_response):

    def middleware(request):
        username = request.COOKIES.get('username')
        #access login page and change password page
        if re.match(u'/login/userlogin', request.path) or re.match(u'/login/changepasswd', request.path):
            return get_response(request)
        userInfo = check_action_illegle(request)
        #not auth
        if not userInfo:
            return _unauthed(request)

        #force change password
        changeFlag = request.COOKIES.get('changeFlag')
        if changeFlag=="True":
            return _change_passwd(request)

        #auth action success
        if re.match(u'/login/adduser', request.path) or re.match(u'/login/resetpasswd', request.path) or re.match(u'/login/userlist', request.path):
            if userInfo['role']=="管理员":
                return get_response(request)
            else:
                return HttpResponse("您当前没有权限进行这个操作")
        #access other pages
        return get_response(request)
    return middleware
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46