From 1cec2251b39f9cf79f3bef2e34e34c7945977073 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E6=9D=8E=E5=BC=BA?= <1206709430@qq.com> Date: Sat, 13 Mar 2021 11:42:38 +0800 Subject: [PATCH] =?UTF-8?q?=E5=90=8E=E7=AB=AF=E7=99=BB=E5=BD=95=E4=BC=98?= =?UTF-8?q?=E5=8C=96=E3=80=81token=E8=BF=87=E6=9C=9F=E5=90=8E=E6=8F=90?= =?UTF-8?q?=E7=A4=BA=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- dvadmin-backend/application/settings.py | 5 +++-- dvadmin-backend/utils/authentication.py | 21 ++++++++++++++++----- dvadmin-ui/src/utils/request.js | 4 +--- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/dvadmin-backend/application/settings.py b/dvadmin-backend/application/settings.py index c2d6cbd..b7cf65c 100644 --- a/dvadmin-backend/application/settings.py +++ b/dvadmin-backend/application/settings.py @@ -264,10 +264,11 @@ REST_FRAMEWORK = { ), 'DEFAULT_AUTHENTICATION_CLASSES': ( - 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', + 'utils.authentication.RedisOpAuthJwtAuthentication', + # 'rest_framework_jwt.authentication.JSONWebTokenAuthentication', 'rest_framework.authentication.BasicAuthentication', 'rest_framework.authentication.SessionAuthentication', - 'utils.authentication.RedisOpAuthJwtAuthentication' + ), 'DEFAULT_SCHEMA_CLASS': 'rest_framework.schemas.AutoSchema', diff --git a/dvadmin-backend/utils/authentication.py b/dvadmin-backend/utils/authentication.py index 92a0058..5d8f93c 100644 --- a/dvadmin-backend/utils/authentication.py +++ b/dvadmin-backend/utils/authentication.py @@ -3,10 +3,13 @@ """ import logging +import jwt from django.conf import settings from django.contrib.auth import get_user_model from django.core.cache import cache from django.utils.six import text_type +from django.utils.translation import ugettext as _ +from rest_framework import exceptions from rest_framework_jwt.utils import jwt_decode_handler from .decorators import exceptionHandler @@ -20,12 +23,21 @@ class OpAuthJwtAuthentication(object): 统一JWT认证(环境允许情况下, 推荐使用RedisOpAuthJwtAuthentication) """ - @exceptionHandler() def authenticate(self, request): token = self.get_header_authorization(request) or self.get_cookie_authorization(request) if not token: return None - payload = jwt_decode_handler(token) + try: + payload = jwt_decode_handler(token) + except jwt.ExpiredSignature: + msg = _('Signature has expired.') + raise exceptions.AuthenticationFailed(msg) + except jwt.DecodeError: + msg = _('Error decoding signature.') + raise exceptions.AuthenticationFailed(msg) + except jwt.InvalidTokenError: + raise exceptions.AuthenticationFailed() + username = payload.get('username', None) if not username: return None @@ -51,7 +63,7 @@ class OpAuthJwtAuthentication(object): if not auth: return '' auth = str(auth, encoding='utf-8').split() - if len(auth) != 2 or auth[0].upper() != settings.JWT_AUTH.get('JWT_AUTH_HEADER_PREFIX', 'JWT'): + if len(auth) != 2 or auth[0].upper() != settings.JWT_AUTH.get('JWT_AUTH_HEADER_PREFIX', 'JWT').upper(): return '' return auth[1] @@ -75,11 +87,10 @@ class RedisOpAuthJwtAuthentication(OpAuthJwtAuthentication): """ prefix = settings.JWT_AUTH.get('JWT_AUTH_HEADER_PREFIX', 'JWT') - @exceptionHandler() def authenticate(self, request): res = super().authenticate(request) if res: - user, token = super().authenticate(request) + user, token = res key = f"{self.prefix}_{user.username}" redis_token = cache.get(key) if redis_token == token: diff --git a/dvadmin-ui/src/utils/request.js b/dvadmin-ui/src/utils/request.js index ae89f24..ba8ac75 100755 --- a/dvadmin-ui/src/utils/request.js +++ b/dvadmin-ui/src/utils/request.js @@ -60,9 +60,7 @@ service.interceptors.response.use(res => { type: 'warning' } ).then(() => { - store.dispatch('LogOut').then(() => { - location.href = '/index'; - }) + location.href = '/index'; }) } else if (code === 500) { Message({