From 926dabfc5bdee4d37e66e85c0f4070774100cfc8 Mon Sep 17 00:00:00 2001 From: HisAtri Date: Thu, 29 Feb 2024 01:57:33 +0800 Subject: [PATCH] =?UTF-8?q?=E8=A1=A5=E5=85=85=E9=83=A8=E5=88=86=E7=B1=BB?= =?UTF-8?q?=E5=9E=8B=E6=B3=A8=E9=87=8A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mod/auth/authentication.py | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/mod/auth/authentication.py b/mod/auth/authentication.py index 8c846b0..44a1d21 100644 --- a/mod/auth/authentication.py +++ b/mod/auth/authentication.py @@ -1,19 +1,24 @@ -from . import cookie +import flask +from . import cookie from mod.args import GlobalArgs args = GlobalArgs() -# 鉴权函数,在auth_token存在的情况下,对请求进行鉴权 -# permission=r 代表最小权限 -def require_auth(request, permission='r'): - user_cookie = request.cookies.get("api_auth_token", "") - cookie_key = cookie.cookie_key(user_cookie) - auth_header = request.headers.get('Authorization', False) or request.headers.get('Authentication', False) - cookie_permission = has_permission(get_permission(cookie_key), permission) - header_permission = has_permission(get_permission(auth_header), permission) +def require_auth(request: flask.request, permission: str = 'r'): + """ + 鉴权 + :param request: + :param permission: 默认为读权限 + :return: + """ + user_cookie: str = request.cookies.get("api_auth_token", "") + cookie_key: str = cookie.cookie_key(user_cookie) + auth_header: str = request.headers.get('Authorization', False) or request.headers.get('Authentication', False) + cookie_permission: bool = has_permission(get_permission(cookie_key), permission) + header_permission: bool = has_permission(get_permission(auth_header), permission) if permission == 'r' and not args.auth: return 1