diff --git a/dvadmin-backend/application/settings.py b/dvadmin-backend/application/settings.py index 5c462fb..f32bff1 100644 --- a/dvadmin-backend/application/settings.py +++ b/dvadmin-backend/application/settings.py @@ -59,6 +59,7 @@ MIDDLEWARE = [ 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', + # 'vadmin.op_drf.middleware.ApiLoggingMiddleware', # 用于记录API访问日志 ] # 允许跨域源 CORS_ORIGIN_ALLOW_ALL = CORS_ORIGIN_ALLOW_ALL diff --git a/dvadmin-backend/apps/vadmin/permission/views.py b/dvadmin-backend/apps/vadmin/permission/views.py index 9f6a01b..e657e9e 100644 --- a/dvadmin-backend/apps/vadmin/permission/views.py +++ b/dvadmin-backend/apps/vadmin/permission/views.py @@ -10,6 +10,7 @@ from ..permission.serializers import UserProfileSerializer, MenuSerializer, Role RoleCreateUpdateSerializer, DeptTreeSerializer, MenuTreeSerializer, UserProfileCreateUpdateSerializer, \ PostSimpleSerializer, RoleSimpleSerializer, ExportUserProfileSerializer, ExportRoleSerializer, ExportPostSerializer from ..op_drf.filters import DataLevelPermissionsFilter +from ..system.models import DictDetails from ..utils.export_excel import export_excel_save_model from ..utils.response import SuccessResponse, ErrorResponse @@ -56,6 +57,7 @@ class GetRouters(APIView): # data = '{"msg":"操作成功","code":200,"data":[{"name":"System","path":"/system","hidden":false,"redirect":"noRedirect","component":"Layout","alwaysShow":true,"meta":{"title":"系统管理","icon":"system","noCache":false},"children":[{"name":"User","path":"user","hidden":false,"component":"permission/user/index","meta":{"title":"用户管理","icon":"user","noCache":false}},{"name":"Role","path":"role","hidden":false,"component":"permission/role/index","meta":{"title":"角色管理","icon":"peoples","noCache":false}},{"name":"Menu","path":"menu","hidden":false,"component":"permission/menu/index","meta":{"title":"菜单管理","icon":"tree-table","noCache":false}},{"name":"Dept","path":"dept","hidden":false,"component":"permission/dept/index","meta":{"title":"部门管理","icon":"tree","noCache":false}},{"name":"Post","path":"post","hidden":false,"component":"permission/post/index","meta":{"title":"岗位管理","icon":"post","noCache":false}},{"name":"Dict","path":"dict","hidden":false,"component":"system/dict/index","meta":{"title":"字典管理","icon":"dict","noCache":false}},{"name":"Config","path":"config","hidden":false,"component":"system/config/index","meta":{"title":"参数设置","icon":"edit","noCache":false}},{"name":"Notice","path":"notice","hidden":false,"component":"system/notice/index","meta":{"title":"通知公告","icon":"message","noCache":false}},{"name":"Log","path":"log","hidden":false,"redirect":"noRedirect","component":"ParentView","alwaysShow":true,"meta":{"title":"日志管理","icon":"log","noCache":false},"children":[{"name":"Operlog","path":"operlog","hidden":false,"component":"monitor/operlog/index","meta":{"title":"操作日志","icon":"form","noCache":false}},{"name":"Logininfor","path":"logininfor","hidden":false,"component":"monitor/logininfor/index","meta":{"title":"登录日志","icon":"logininfor","noCache":false}}]}]},{"name":"Monitor","path":"/monitor","hidden":false,"redirect":"noRedirect","component":"Layout","alwaysShow":true,"meta":{"title":"系统监控","icon":"monitor","noCache":false},"children":[{"name":"Online","path":"online","hidden":false,"component":"monitor/online/index","meta":{"title":"在线用户","icon":"online","noCache":false}},{"name":"Job","path":"job","hidden":false,"component":"monitor/job/index","meta":{"title":"定时任务","icon":"job","noCache":false}},{"name":"Druid","path":"druid","hidden":false,"component":"monitor/druid/index","meta":{"title":"数据监控","icon":"druid","noCache":false}},{"name":"Server","path":"server","hidden":false,"component":"monitor/server/index","meta":{"title":"服务监控","icon":"server","noCache":false}},{"name":"Cache","path":"cache","hidden":false,"component":"monitor/cache/index","meta":{"title":"缓存监控","icon":"redis","noCache":false}}]},{"name":"Tool","path":"/tool","hidden":false,"redirect":"noRedirect","component":"Layout","alwaysShow":true,"meta":{"title":"系统工具","icon":"tool","noCache":false},"children":[{"name":"Build","path":"build","hidden":false,"component":"tool/build/index","meta":{"title":"表单构建","icon":"build","noCache":false}},{"name":"Gen","path":"gen","hidden":false,"component":"tool/gen/index","meta":{"title":"代码生成","icon":"code","noCache":false}},{"name":"Swagger","path":"swagger","hidden":false,"component":"tool/swagger/index","meta":{"title":"系统接口","icon":"swagger","noCache":false}}]},{"name":"Http://ruoyi.vip","path":"http://ruoyi.vip","hidden":false,"component":"Layout","meta":{"title":"若依官网","icon":"guide","noCache":false}}]}' # data = json.loads(data) data = [] + sys_show_hide = DictDetails.get_default_dictValue('sys_show_hide') for ele in menus: data.append({ 'id': ele.get('id'), @@ -64,7 +66,7 @@ class GetRouters(APIView): 'hidden': True if ele.get('visible') != '1' else False, 'redirect': ele.get('web_path') if ele.get('isFrame') == '1' else 'noRedirect', 'component': ele.get('component_path') or 'Layout', - 'meta': {"title": ele.get('name'), "icon": ele.get('icon'), "noCache": ele.get('isCache')}, + 'meta': {"title": ele.get('name'), "icon": ele.get('icon'), "noCache": True if ele.get('isCache') == sys_show_hide else False}, 'parentId': ele.get('parentId') }) return SuccessResponse(data) diff --git a/dvadmin-backend/apps/vadmin/system/models/dict_details.py b/dvadmin-backend/apps/vadmin/system/models/dict_details.py index e030fce..1db9b5c 100644 --- a/dvadmin-backend/apps/vadmin/system/models/dict_details.py +++ b/dvadmin-backend/apps/vadmin/system/models/dict_details.py @@ -9,9 +9,14 @@ class DictDetails(CoreModel): is_default = BooleanField(verbose_name="是否默认", default=False) status = CharField(max_length=2, verbose_name="字典状态") sort = CharField(max_length=256, verbose_name="字典排序") - dict_data = ForeignKey(to='DictData', on_delete=CASCADE, verbose_name="关联字典",db_constraint=False) + dict_data = ForeignKey(to='DictData', on_delete=CASCADE, verbose_name="关联字典", db_constraint=False) remark = CharField(max_length=256, verbose_name="备注", null=True, blank=True) + @classmethod + def get_default_dictValue(cls, dictName): + instance = DictDetails.objects.filter(dict_data__dictName=dictName, is_default=True).first() + return instance and instance.dictValue + class Meta: verbose_name = '字典详情' verbose_name_plural = verbose_name diff --git a/dvadmin-backend/apps/vadmin/utils/authentication.py b/dvadmin-backend/apps/vadmin/utils/authentication.py index 0dd1289..cc3b781 100644 --- a/dvadmin-backend/apps/vadmin/utils/authentication.py +++ b/dvadmin-backend/apps/vadmin/utils/authentication.py @@ -13,6 +13,7 @@ from rest_framework import exceptions from rest_framework_jwt.utils import jwt_decode_handler from .decorators import exceptionHandler +from .jwt_util import jwt_get_session_id logger = logging.getLogger(__name__) User = get_user_model() @@ -91,7 +92,8 @@ class RedisOpAuthJwtAuthentication(OpAuthJwtAuthentication): res = super().authenticate(request) if res: user, token = res - key = f"{self.prefix}_{user.username}" + session_id = jwt_get_session_id(token) + key = f"{self.prefix}_{session_id}_{user.username}" redis_token = cache.get(key) if redis_token == token: return user, token diff --git a/dvadmin-backend/apps/vadmin/utils/jwt_util.py b/dvadmin-backend/apps/vadmin/utils/jwt_util.py index 1c7a041..da937ff 100644 --- a/dvadmin-backend/apps/vadmin/utils/jwt_util.py +++ b/dvadmin-backend/apps/vadmin/utils/jwt_util.py @@ -1,6 +1,8 @@ +import uuid from calendar import timegm from datetime import datetime +import jwt from django.conf import settings from django.contrib.auth import login @@ -19,10 +21,16 @@ def jwt_response_payload_handler(token, user, request): } -def jwt_get_secret_key(payload=None): +def jwt_get_session_id(token=None): + """ + 获取会话id + :param token: + :return: + """ + payload = jwt.decode(token, None, False) if isinstance(payload, dict): - return payload.get("secret", "") - return getattr(payload, "secret", "") + return payload.get("session_id", "") + return getattr(payload, "session_id", "") def jwt_get_user_secret_key(user): @@ -37,7 +45,7 @@ def jwt_payload_handler(user): payload = { 'user_id': user.pk, 'username': user.username, - 'secret': jwt_get_user_secret_key(user), + 'session_id': str(uuid.uuid4()), 'exp': datetime.utcnow() + settings.JWT_AUTH.get('JWT_EXPIRATION_DELTA') } if settings.JWT_AUTH.get('JWT_ALLOW_REFRESH'): diff --git a/dvadmin-backend/apps/vadmin/utils/login.py b/dvadmin-backend/apps/vadmin/utils/login.py index a2d8735..81bfd11 100644 --- a/dvadmin-backend/apps/vadmin/utils/login.py +++ b/dvadmin-backend/apps/vadmin/utils/login.py @@ -11,6 +11,7 @@ from rest_framework.views import APIView from rest_framework_jwt.views import ObtainJSONWebToken, jwt_response_payload_handler from .exceptions import GenException +from .jwt_util import jwt_get_session_id from .response import SuccessResponse, ErrorResponse # from .jwt_util import jwt_response_payload_handler @@ -71,7 +72,8 @@ class LoginView(ObtainJSONWebToken): response = SuccessResponse(response_data) if token: username = user.username - key = f"{self.prefix}_{username}" + session_id = jwt_get_session_id(token) + key = f"{self.prefix}_{session_id}_{username}" cache.set(key, token, self.ex.total_seconds()) if self.JWT_AUTH_COOKIE and token: expiration = (datetime.datetime.utcnow() + self.ex)