From 1a1ad0f1a2897b210982fcec596c7f576b64bfa5 Mon Sep 17 00:00:00 2001
From: Michael Bai <baijiangjie@gmail.com>
Date: Mon, 13 Sep 2021 13:47:34 +0800
Subject: [PATCH] =?UTF-8?q?perf:=20=E5=8F=96=E6=B6=88API=20Token=E7=9A=84?=
 =?UTF-8?q?=E9=85=8D=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/jumpserver/api.py                 | 45 ++++++++++++++------------
 apps/settings/serializers/auth/base.py |  6 ++--
 2 files changed, 28 insertions(+), 23 deletions(-)

diff --git a/apps/jumpserver/api.py b/apps/jumpserver/api.py
index 76192130f..e67bff1cd 100644
--- a/apps/jumpserver/api.py
+++ b/apps/jumpserver/api.py
@@ -298,28 +298,33 @@ class IndexApi(DatesLoginMetricMixin, APIView):
 
 
 class HealthApiMixin(APIView):
-    def is_token_right(self):
-        token = self.request.query_params.get('token')
-        ok_token = settings.HEALTH_CHECK_TOKEN
-        if ok_token and token != ok_token:
-            return False
-        return True
+    pass
 
-    def is_localhost(self):
-        ip = get_request_ip(self.request)
-        return ip in ['localhost', '127.0.0.1']
+    # 先去掉 Health Api 的权限校验，方便各组件直接调用
 
-    def check_permissions(self, request):
-        if self.is_token_right():
-            return
-        if self.is_localhost():
-            return
-        msg = ''' 
-        Health check token error, 
-        Please set query param in url and same with setting HEALTH_CHECK_TOKEN. 
-        eg: $PATH/?token=$HEALTH_CHECK_TOKEN
-        '''
-        self.permission_denied(request, message={'error': msg}, code=403)
+    # def is_token_right(self):
+    #     token = self.request.query_params.get('token')
+    #     ok_token = settings.HEALTH_CHECK_TOKEN
+    #     if ok_token and token != ok_token:
+    #         return False
+    #     return True
+
+    # def is_localhost(self):
+    #     ip = get_request_ip(self.request)
+    #     return ip in ['localhost', '127.0.0.1']
+
+    # def check_permissions(self, request):
+    #      if self.is_token_right():
+    #          return
+    #      if self.is_localhost():
+    #          return
+    #      msg = '''
+    #      Health check token error,
+    #      Please set query param in url and
+    #      same with setting HEALTH_CHECK_TOKEN.
+    #      eg: $PATH/?token=$HEALTH_CHECK_TOKEN
+    #      '''
+    #      self.permission_denied(request, message={'error': msg}, code=403)
 
 
 class HealthCheckView(HealthApiMixin):
diff --git a/apps/settings/serializers/auth/base.py b/apps/settings/serializers/auth/base.py
index d98816108..42a8c8563 100644
--- a/apps/settings/serializers/auth/base.py
+++ b/apps/settings/serializers/auth/base.py
@@ -17,9 +17,9 @@ class AuthSettingSerializer(serializers.Serializer):
     FORGOT_PASSWORD_URL = serializers.CharField(
         required=False, max_length=1024, label=_("Forgot password url")
     )
-    HEALTH_CHECK_TOKEN = serializers.CharField(
-        required=False, max_length=1024, label=_("Health check token")
-    )
+    # HEALTH_CHECK_TOKEN = serializers.CharField(
+    #     required=False, max_length=1024, label=_("Health check token")
+    # )
     LOGIN_REDIRECT_MSG_ENABLED = serializers.BooleanField(
         required=False, label=_("Enable login redirect msg")
     )