OnlineJudge/account/middleware.py

from django.conf import settings
from django.db import connection
from django.utils.timezone import now
from django.utils.deprecation import MiddlewareMixin

from utils.api import JSONResponse
from account.models import User


class APITokenAuthMiddleware(MiddlewareMixin):
    def process_request(self, request):
        appkey = request.META.get("HTTP_APPKEY")
        if appkey:
            try:
                request.user = User.objects.get(open_api_appkey=appkey, open_api=True, is_disabled=False)
                request.csrf_processing_done = True
                request.auth_method = "api_key"
            except User.DoesNotExist:
                pass


class SessionRecordMiddleware(MiddlewareMixin):
    def process_request(self, request):
        request.ip = request.META.get(settings.IP_HEADER, request.META.get("REMOTE_ADDR"))
        if request.user.is_authenticated():
            session = request.session
            session["user_agent"] = request.META.get("HTTP_USER_AGENT", "")
            session["ip"] = request.ip
            session["last_activity"] = now()
            user_sessions = request.user.session_keys
            if session.session_key not in user_sessions:
                user_sessions.append(session.session_key)
                request.user.save()


class AdminRoleRequiredMiddleware(MiddlewareMixin):
    def process_request(self, request):
        path = request.path_info
        if path.startswith("/admin/") or path.startswith("/api/admin/"):
            if not (request.user.is_authenticated() and request.user.is_admin_role()):
                return JSONResponse.response({"error": "login-required", "data": "Please login in first"})


class LogSqlMiddleware(MiddlewareMixin):
    def process_response(self, request, response):
        print("\033[94m", "#" * 30, "\033[0m")
        time_threshold = 0.03
        for query in connection.queries:
            if float(query["time"]) > time_threshold:
                print("\033[93m", query, "\n", "-" * 30, "\033[0m")
            else:
                print(query, "\n", "-" * 30)
        return response
fix ip header 2018-01-06 15:53:41 +00:00			`from django.conf import settings`
大幅优化数据库查询, 升级django至1.11 LTS, 升级python至3.6.2 2017-08-29 11:26:38 +00:00			`from django.db import connection`
bug fixes 2017-10-06 09:46:14 +00:00			`from django.utils.timezone import now`
大幅优化数据库查询, 升级django至1.11 LTS, 升级python至3.6.2 2017-08-29 11:26:38 +00:00			`from django.utils.deprecation import MiddlewareMixin`
修改账户系统以及部分用户权限写法增加部分测试和注释，完善国际化 2016-06-23 04:19:16 +00:00
使用Python3和更科学的API写法 2016-11-19 04:32:23 +00:00			`from utils.api import JSONResponse`
add api to reset openapi appkey and related middleware 2017-11-25 13:47:51 +00:00			`from account.models import User`


			`class APITokenAuthMiddleware(MiddlewareMixin):`
			`def process_request(self, request):`
			`appkey = request.META.get("HTTP_APPKEY")`
			`if appkey:`
			`try:`
			`request.user = User.objects.get(open_api_appkey=appkey, open_api=True, is_disabled=False)`
			`request.csrf_processing_done = True`
remove restriction when using open api 2018-12-16 02:30:19 +00:00			`request.auth_method = "api_key"`
add api to reset openapi appkey and related middleware 2017-11-25 13:47:51 +00:00			`except User.DoesNotExist:`
			`pass`
isort 2017-01-23 08:48:04 +00:00
增加了管理员和超级管理员24小时不活动 session 自动过期的机制 2015-11-06 12:53:52 +00:00
support avatar upload; use middleware to operate session data. 2017-09-19 11:10:50 +00:00			`class SessionRecordMiddleware(MiddlewareMixin):`
			`def process_request(self, request):`
fix ip header 2018-01-06 15:53:41 +00:00			`request.ip = request.META.get(settings.IP_HEADER, request.META.get("REMOTE_ADDR"))`
support avatar upload; use middleware to operate session data. 2017-09-19 11:10:50 +00:00			`if request.user.is_authenticated():`
			`session = request.session`
bug fixes 2017-10-06 09:46:14 +00:00			`session["user_agent"] = request.META.get("HTTP_USER_AGENT", "")`
fix ip header 2018-01-06 15:53:41 +00:00			`session["ip"] = request.ip`
bug fixes 2017-10-06 09:46:14 +00:00			`session["last_activity"] = now()`
support avatar upload; use middleware to operate session data. 2017-09-19 11:10:50 +00:00			`user_sessions = request.user.session_keys`
bug fixes 2017-10-06 09:46:14 +00:00			`if session.session_key not in user_sessions:`
support avatar upload; use middleware to operate session data. 2017-09-19 11:10:50 +00:00			`user_sessions.append(session.session_key)`
			`request.user.save()`


大幅优化数据库查询, 升级django至1.11 LTS, 升级python至3.6.2 2017-08-29 11:26:38 +00:00			`class AdminRoleRequiredMiddleware(MiddlewareMixin):`
重构 2016-09-25 06:07:45 +00:00			`def process_request(self, request):`
			`path = request.path_info`
			`if path.startswith("/admin/") or path.startswith("/api/admin/"):`
大幅优化数据库查询, 升级django至1.11 LTS, 升级python至3.6.2 2017-08-29 11:26:38 +00:00			`if not (request.user.is_authenticated() and request.user.is_admin_role()):`
tiny work 2017-10-01 20:33:43 +00:00			`return JSONResponse.response({"error": "login-required", "data": "Please login in first"})`
大幅优化数据库查询, 升级django至1.11 LTS, 升级python至3.6.2 2017-08-29 11:26:38 +00:00

			`class LogSqlMiddleware(MiddlewareMixin):`
			`def process_response(self, request, response):`
			`print("\033[94m", "#" * 30, "\033[0m")`
			`time_threshold = 0.03`
			`for query in connection.queries:`
			`if float(query["time"]) > time_threshold:`
			`print("\033[93m", query, "\n", "-" * 30, "\033[0m")`
			`else:`
			`print(query, "\n", "-" * 30)`
			`return response`