changes 接口添加token
This commit is contained in:
parent
736fcf5411
commit
9afaa954b4
|
@ -5,13 +5,15 @@ from fastapi import APIRouter, Depends, UploadFile, File, HTTPException
|
|||
from sqlalchemy.orm import Session
|
||||
|
||||
from APPData.Crud import CompanyCrud, BalanceCrud
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.MongoHelperUtils import get_mongodb
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
from Utils.TycApi.CommonUtil import CommonUtils
|
||||
|
||||
router = APIRouter(
|
||||
tags=["资产负债表"],
|
||||
prefix="/api/balance_sheet"
|
||||
prefix="/api/balance_sheet",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -3,6 +3,7 @@ from fastapi import APIRouter, Depends, HTTPException
|
|||
from sqlalchemy.orm import Session
|
||||
|
||||
from APPData.Crud import CompanyCrud, BusinessCrud
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.MongoHelperUtils import get_mongodb, get_tyc_mongodb
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
from Utils.TycApi.Business import get_tyc_data
|
||||
|
@ -11,7 +12,8 @@ from Utils.TycApi.Configure import DB_GSBJ
|
|||
|
||||
router = APIRouter(
|
||||
tags=["工商信息"],
|
||||
prefix="/api/business"
|
||||
prefix="/api/business",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -5,13 +5,15 @@ from fastapi import APIRouter, Depends, UploadFile, File, HTTPException
|
|||
from sqlalchemy.orm import Session
|
||||
|
||||
from APPData.Crud import CompanyCrud, CashFlowCrud
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.MongoHelperUtils import get_mongodb
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
from Utils.TycApi.CommonUtil import CommonUtils
|
||||
|
||||
router = APIRouter(
|
||||
tags=["现金流量表"],
|
||||
prefix="/api/cash_flow_statement"
|
||||
prefix="/api/cash_flow_statement",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -3,11 +3,13 @@ from sqlalchemy.orm import Session
|
|||
|
||||
from APPData.Crud import CompanyCrud
|
||||
from APPData.Schemas import CompanySchemas
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
|
||||
router = APIRouter(
|
||||
tags=["企业管理"],
|
||||
prefix="/api/company"
|
||||
prefix="/api/company",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -2,6 +2,7 @@ from fastapi import APIRouter, Depends, HTTPException
|
|||
from sqlalchemy.orm import Session
|
||||
|
||||
from APPData.Crud import CompanyCrud, DishonestCrud
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.MongoHelperUtils import get_mongodb, get_tyc_mongodb
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
|
||||
|
@ -11,7 +12,8 @@ from Utils.TycApi.Dishonest import get_tyc_data
|
|||
|
||||
router = APIRouter(
|
||||
tags=["失信人"],
|
||||
prefix="/api/dishonest"
|
||||
prefix="/api/dishonest",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -5,13 +5,15 @@ from fastapi import APIRouter, Depends, UploadFile, File, HTTPException
|
|||
from sqlalchemy.orm import Session
|
||||
|
||||
from APPData.Crud import CompanyCrud, IncomeCrud
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.MongoHelperUtils import get_mongodb
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
from Utils.TycApi.CommonUtil import CommonUtils
|
||||
|
||||
router = APIRouter(
|
||||
tags=["利润表"],
|
||||
prefix="/api/income_sheet"
|
||||
prefix="/api/income_sheet",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -3,6 +3,7 @@ from fastapi import APIRouter, Depends, HTTPException
|
|||
from sqlalchemy.orm import Session
|
||||
|
||||
from APPData.Crud import CompanyCrud, LawsuitCrud
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.MongoHelperUtils import get_mongodb, get_tyc_mongodb
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
from Utils.TycApi.CommonUtil import CommonUtils
|
||||
|
@ -11,7 +12,8 @@ from Utils.TycApi.Lawsuit import get_tyc_data
|
|||
|
||||
router = APIRouter(
|
||||
tags=["法律诉讼"],
|
||||
prefix="/api/lawsuit"
|
||||
prefix="/api/lawsuit",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -6,12 +6,14 @@ from sqlalchemy.orm import Session
|
|||
|
||||
from APPData.Crud import MacroDataCrud
|
||||
from APPData.Schemas import CompanySchemas
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.MongoHelperUtils import get_mongodb
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
|
||||
router = APIRouter(
|
||||
tags=["宏观数据"],
|
||||
prefix="/api/macro_data"
|
||||
prefix="/api/macro_data",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -3,11 +3,13 @@ from sqlalchemy.orm import Session
|
|||
|
||||
from APPData.Crud import CompanyCrud
|
||||
from APPData.Schemas import CompanySchemas
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
|
||||
router = APIRouter(
|
||||
tags=["查询汇总"],
|
||||
prefix="/api/query"
|
||||
prefix="/api/query",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -3,6 +3,7 @@ from fastapi import APIRouter, Depends, HTTPException
|
|||
from sqlalchemy.orm import Session
|
||||
|
||||
from APPData.Crud import CompanyCrud, ShareholderCrud
|
||||
from Utils.AccessControl.AccessUtil import rbac
|
||||
from Utils.DataBase.MongoHelperUtils import get_mongodb, get_tyc_mongodb
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db
|
||||
from Utils.TycApi.CommonUtil import CommonUtils
|
||||
|
@ -11,7 +12,8 @@ from Utils.TycApi.Shareholder import get_shareholer_data
|
|||
|
||||
router = APIRouter(
|
||||
tags=["股东信息"],
|
||||
prefix="/api/shareholder"
|
||||
prefix="/api/shareholder",
|
||||
dependencies=[Depends(rbac)]
|
||||
)
|
||||
|
||||
|
||||
|
|
|
@ -1,46 +1,58 @@
|
|||
import os
|
||||
from typing import Optional
|
||||
import re
|
||||
import requests
|
||||
|
||||
import casbin
|
||||
from fastapi import HTTPException, Header
|
||||
from typing import Optional
|
||||
from fastapi import HTTPException, Header, Request
|
||||
|
||||
from Utils.Authentication.TokenUtil import decode_token
|
||||
|
||||
|
||||
def ac_admin(token: Optional[str] = Header(...)):
|
||||
|
||||
def get_user_info(token: str):
|
||||
"""
|
||||
从token中解析用户信息
|
||||
"""
|
||||
user_info = decode_token(token).get("user_info")
|
||||
|
||||
if not user_info:
|
||||
raise HTTPException(status_code=400, detail="Invalid Token")
|
||||
raise HTTPException(status_code=401, detail="Invalid Token")
|
||||
return user_info
|
||||
|
||||
|
||||
def get_role_access_policy(name: str, token: str):
|
||||
"""
|
||||
获取用户的访问权限
|
||||
"""
|
||||
url = "http://test.fecribd.com/api/user/role/role_access_policy/view?name={}"
|
||||
url = url.format(name)
|
||||
headers = {"token": token}
|
||||
res = requests.post(url=url, headers=headers)
|
||||
return res.json()
|
||||
|
||||
|
||||
def ac(token: Optional[str] = Header(...)):
|
||||
get_user_info(token)
|
||||
return True
|
||||
|
||||
|
||||
def rbac(request: Request, token: Optional[str] = Header(None)):
|
||||
|
||||
# 获取用户角色
|
||||
user_info = get_user_info(token)
|
||||
role = user_info.get("role")
|
||||
|
||||
e = casbin.Enforcer(
|
||||
os.getcwd() + r"\Utils\AccessControl\model.conf",
|
||||
os.getcwd() + r"\Utils\AccessControl\policy_index_store.csv"
|
||||
)
|
||||
# 管理员权限
|
||||
if role == "管理员":
|
||||
return True
|
||||
|
||||
sub = role
|
||||
obj = ""
|
||||
act = ""
|
||||
# 获取角色权限
|
||||
raps = get_role_access_policy(name=role, token=token)
|
||||
|
||||
if not e.enforce(sub, obj, act):
|
||||
raise HTTPException(status_code=400, detail="No Access")
|
||||
# 权限匹配成功
|
||||
for rap in raps:
|
||||
p_obj = rap.get("obj")
|
||||
r_obj = request.url.__str__()
|
||||
m = re.search(p_obj, r_obj)
|
||||
if m:
|
||||
return True
|
||||
|
||||
# if role != "admin":
|
||||
# raise HTTPException(status_code=400, detail="No Access")
|
||||
|
||||
|
||||
# def ac_index_store(request: Request, token: Optional[str] = Header(...)):
|
||||
# e = casbin.Enforcer(
|
||||
# os.getcwd() + r"\Utils\AccessControl\model.conf",
|
||||
# os.getcwd() + r"\Utils\AccessControl\policy_index_store.csv"
|
||||
# )
|
||||
#
|
||||
# sub = decode_token(token).get("role")
|
||||
# obj = request.url.__str__().split(request.base_url.__str__()[:-1])[-1].split("?")[0]
|
||||
# act = request.method
|
||||
#
|
||||
# if not e.enforce(sub, obj, act):
|
||||
# raise HTTPException(status_code=400, detail="No Access")
|
||||
# 权限匹配失败
|
||||
raise HTTPException(status_code=202, detail="No Access")
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
[request_definition]
|
||||
r = sub, obj, act
|
||||
|
||||
[policy_definition]
|
||||
p = sub, obj, act
|
||||
|
||||
[role_definition]
|
||||
g = _, _
|
||||
g2 = _, _
|
||||
|
||||
[policy_effect]
|
||||
e = some(where (p.eft == allow))
|
||||
|
||||
[matchers]
|
||||
m = g(r.sub, p.sub) && g2(r.obj, p.obj) && r.act == p.act || r.sub == "管理员"
|
|
@ -1,4 +1,2 @@
|
|||
SECRET_KEY = "HpGXrdwbL73ZPgQC"
|
||||
ALGORITHM = "HS256"
|
||||
ACCESS_TOKEN_EXPIRE_MINUTES = 30
|
||||
REFRESH_TOKEN_EXPIRE_DAYS = 1
|
||||
|
|
|
@ -1,34 +1,17 @@
|
|||
from typing import Union
|
||||
|
||||
import jwt
|
||||
|
||||
from datetime import datetime, timedelta
|
||||
from jwt import PyJWTError
|
||||
from fastapi import HTTPException
|
||||
|
||||
from Utils.Authentication import Config
|
||||
|
||||
|
||||
def create_token(key: str, data: Union[str, dict], expires_delta: timedelta):
|
||||
|
||||
# 设置加密数据
|
||||
to_encode_body = dict()
|
||||
to_encode_body.update({key: data.copy()})
|
||||
|
||||
# 设置过期时间
|
||||
expire = datetime.utcnow() + expires_delta
|
||||
to_encode_body.update({"exp": expire})
|
||||
|
||||
# Token编码
|
||||
encoded_jwt = jwt.encode(to_encode_body, Config.SECRET_KEY, algorithm=Config.ALGORITHM)
|
||||
|
||||
return encoded_jwt
|
||||
|
||||
|
||||
def decode_token(token: str):
|
||||
|
||||
try:
|
||||
payload = jwt.decode(token, Config.SECRET_KEY, algorithms=[Config.ALGORITHM])
|
||||
except jwt.exceptions.ExpiredSignatureError:
|
||||
raise HTTPException(status_code=201, detail="Token Has Expired")
|
||||
except jwt.PyJWTError:
|
||||
raise HTTPException(status_code=401, detail="Token Has Expired")
|
||||
except PyJWTError:
|
||||
raise HTTPException(status_code=401, detail="Invalid Token")
|
||||
return payload
|
||||
|
|
Loading…
Reference in New Issue