yumoqing/rbac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix

Browse Source
This commit is contained in:
yumoqing 2025-07-23 18:01:30 +08:00
parent cef89a6332
commit 5b2945921f
1 changed files with 5 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
rbac/check_perm.py
View File

@ -95,8 +95,8 @@ async def checkUserPassword(request, username, password):
recs = await sor.sqlExe(sql, {'username':username, 'password':password}) recs = await sor.sqlExe(sql, {'username':username, 'password':password})
if len(recs) < 1: if len(recs) < 1:
return False return False
await user_login(request, recs[0].id, \ await user_login(request, recs[0].id,
username=recs[0].username, \ username=recs[0].username,
userorgid=recs[0].orgid) userorgid=recs[0].orgid)
return True return True
return False return False
@ -111,19 +111,10 @@ async def basic_auth(sor, auth):
if len(recs) < 1: if len(recs) < 1:
return None return None
await user_login(request, recs[0].id, await user_login(request, recs[0].id,
username=recs[0].username,
userorgid=recs[0].orgid)
return recs[0].id return recs[0].id
async def bearer_auth(sor, auth):
# apikey = get_apikey_from_token(auth[7:])
apikey = auth[7:]
if apikey is None:
return None
sql = "select * from userapp where apikey=${apikey}$ and expired_date > ${today}$"
recs = await sor.sqlExe(sql, {"apikey":apikey, 'today': curDateString()})
if len(recs) < 1:
return None
return recs[0].userid
async def getAuthenticationUserid(sor, request): async def getAuthenticationUserid(sor, request):
auth = request.headers.get('Authentication') auth = request.headers.get('Authentication')
if auth is None: if auth is None:
@ -168,8 +159,7 @@ where c.userid = ${userid}$
return False return False
registered_auth_methods = { registered_auth_methods = {
"Basic ": basic_auth, "Basic ": basic_auth
"Bearer ": bearer_auth
} }
def register_auth_method(heading, func): def register_auth_method(heading, func):