用户登入及接口认证token完善

src/app/api/organization.py

@@ -9,6 +9,7 @@ from werkzeug.datastructures import FileStorage
 from app.defines import StatesCode
 from app.database import engine
 from app.modle.organization import Company, Department
+from app.utils.jwt_util import login_required
 from app.utils.to_dict import to_dict
 
 ns = Namespace('organization', description='组织管理接口')
@@ -20,6 +21,9 @@ company_list.add_argument(name='page', type=int, location='args', required=False
 
 @ns.route('/company_list')
 class CompanyListApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='get_company_list', description='获取公司列表')
     @ns.expect(company_list)
     def get(self):
@@ -54,6 +58,9 @@ delete_company.add_argument(name='company_id', type=int, location='form', requir
 
 @ns.route('/company')
 class CompanyApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='get_company', description='搜索公司')
     @ns.expect()
     def get(self):
@@ -132,6 +139,8 @@ get_company_details.add_argument(name='company_id', type=int, location='args', r
 @ns.route('/company_details')
 class CompanyDetailsApi(Resource):
 
+    method_decorators = [login_required]
+
     @ns.doc(id='get_company_details', description='获取公司详情')
     @ns.expect(get_company_details)
     def get(self):
@@ -205,6 +214,8 @@ department_details.add_argument(name='censure', type=str, location='form', requi
 @ns.route('/department')
 class DepartmentApi(Resource):
 
+    method_decorators = [login_required]
+
     @ns.doc(id='department_list', description='获取公司下部门列表')
     @ns.expect(get_company_details)
     def get(self):
@@ -286,6 +297,8 @@ get_department.add_argument(name='department_id', type=str, location='args', req
 @ns.route('/department_details')
 class DepartmentDetailsApi(Resource):
 
+    method_decorators = [login_required]
+
     @ns.doc(id='get_department_details', description='获取部门详情')
     @ns.expect(get_department)
     def get(self):
@@ -348,6 +361,9 @@ batch_delete_company.add_argument(name='company_ids', type=list, location='form'
 
 @ns.route('/batch_delete_company')
 class BatchDeletecompanyApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='batch_delete_users', description='批量删除公司')
     @ns.expect(batch_delete_company)
     def delete(self):

src/app/api/role.py

@@ -10,6 +10,7 @@ from app.database import engine
 from app.defines import StatesCode
 from app.modle.role import Role
 from app.modle.users import User
+from app.utils.jwt_util import login_required
 from app.utils.to_dict import to_dict
 
 ns = Namespace('role', description='角色管理接口')
@@ -21,6 +22,9 @@ role_list.add_argument(name='page', type=int, location='args', required=False, h
 
 @ns.route('/role_list')
 class GetUserListApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='get_role_list', description='获取角色列表')
     @ns.expect(role_list)
     def get(self):
@@ -45,6 +49,9 @@ role.add_argument(name='role_permission', type=str, location='form', required=Fa
 
 @ns.route('/role')
 class RoleApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='get_role', description='搜索角色')
     @ns.expect()
     def get(self):
@@ -136,6 +143,9 @@ class RoleApi(Resource):
 
 @ns.route('/member')
 class RoleMemberApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='get_role_member', description='获取角色成员')
     @ns.expect()
     def get(self):
@@ -167,6 +177,9 @@ class RoleMemberApi(Resource):
 
 @ns.route('/role_permission')
 class RolePermissionApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='get_role_permission', description='获取权限配置信息')
     @ns.expect()
     def get(self):

src/app/api/users.py

@@ -9,6 +9,7 @@ from sqlalchemy.orm import Session
 from app.defines import StatesCode
 from app.database import engine
 from app.modle.users import User
+from app.utils.jwt_util import login_required
 from app.utils.to_dict import to_dict
 
 ns = Namespace('users', description='用户管理接口')
@@ -21,6 +22,9 @@ get_users.add_argument(name='page', type=int, location='args', required=False, h
 
 @ns.route('/user_list')
 class GetUserListApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='get_users_list', description='获取用户列表')
     @ns.expect(get_users)
     def get(self):
@@ -65,6 +69,9 @@ del_users.add_argument(name='id', type=int, required=True, location='form', help
 
 @ns.route('/user')
 class UsersApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='query_users', description='搜索用户')
     @ns.expect()
     def get(self):
@@ -180,6 +187,9 @@ user_details.add_argument(name='id', type=int, required=True, location='args', h
 
 @ns.route('/user_details')
 class GetUsersApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='get_users_details', description='获取用户详情')
     @ns.expect(user_details)
     def get(self):
@@ -243,6 +253,9 @@ batch_delete_user.add_argument(name='users_id', type=str, required=True, locatio
 
 @ns.route('/batch_delete_user')
 class BatchDeleteUserApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='batch_delete_users', description='批量删除用户')
     @ns.expect(batch_delete_user)
     def delete(self):
@@ -273,6 +286,9 @@ batch_modify_user_status.add_argument(name='status', type=int, required=True, lo
 
 @ns.route('/batch_modify_user_status')
 class BatchModifyUsersStatusApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='batch_modify_user_status', description='批量修改用户状态，激活、禁用')
     @ns.expect(batch_modify_user_status)
     def put(self):
@@ -302,6 +318,9 @@ class BatchModifyUsersStatusApi(Resource):
 
 @ns.route('/export_data')
 class ExportDataApi(Resource):
+
+    method_decorators = [login_required]
+
     @ns.doc(id='export_data', description='导出用户数据')
     @ns.expect()
     def get(self):

src/app/helpers/request_handlers.py

@@ -1,4 +1,4 @@
-from flask import request
+from flask import request, g, jsonify
 
 from app.defines import StatesCode
 from app.utils.jwt_util import verify_jwt
@@ -12,9 +12,13 @@ def configure(app):
         :return:
         """
         token = request.headers.get('token')
+
+        g.user_id = None
+
         if token:
             payload = verify_jwt(token)
-            if payload is None:
-                return {"code": StatesCode.UNKNOWN_ERROR, "message": "无效的token"}
-        else:
-            return {"code": StatesCode.UNKNOWN_ERROR, "message": "无效的token"}
+
+            if payload is not None:
+                g.user_id = payload.get('user_id')
+            else:
+                return jsonify(code=StatesCode.UNKNOWN_ERROR, message='无效的token')

src/app/utils/jwt_util.py

@@ -1,9 +1,10 @@
 import time
 
 import jwt
-from jwt import ExpiredSignatureError
+from flask import g, jsonify
 
 from app.configs.config import JWT_SECRET, JWT_EXPIRY
+from app.defines import StatesCode
 
 headers = {
     "alg": "HS256",
@@ -34,8 +35,21 @@ def verify_jwt(token):
     """
 
     try:
-        payload = jwt.decode(token, JWT_SECRET, algorithm=['HS256'], headers=headers)
-    except ExpiredSignatureError:
+        payload = jwt.decode(token, JWT_SECRET, algorithms=['HS256'], headers=headers)
+    except jwt.DecodeError:
         payload = None
 
+    # except jwt.InvalidSignatureError:
+    #     payload = None
+
     return payload
+
+
+def login_required(func):
+    def wrapper(*args, **kwargs):
+        if g.user_id is not None:
+            return func(*args, **kwargs)
+        else:
+            return jsonify(code=StatesCode.UNKNOWN_ERROR, message='Invalid token'), 401
+
+    return wrapper