新增演示接口黑名单功能
This commit is contained in:
ktianc
parent
057915375a
commit
3ccbc2c4b2
@ -28,6 +28,10 @@ DEMO_WHITE_LIST_PATH = [
|
||||
"/vadmin/resource/images",
|
||||
"/vadmin/auth/user/export/query/list/to/excel"
|
||||
]
|
||||
"""演示功能黑名单(触发异常 status_code=403),黑名单优先级更高"""
|
||||
DEMO_BLACK_LIST_PATH = [
|
||||
"/auth/api/login"
|
||||
]
|
||||
|
||||
"""
|
||||
引入数据库配置
|
||||
|
||||
@ -17,11 +17,12 @@ from core.logger import logger
|
||||
from fastapi import FastAPI
|
||||
from fastapi.routing import APIRoute
|
||||
from user_agents import parse
|
||||
from application.settings import OPERATION_RECORD_METHOD, MONGO_DB_ENABLE, IGNORE_OPERATION_FUNCTION,\
|
||||
DEMO_WHITE_LIST_PATH, DEMO
|
||||
from application.settings import OPERATION_RECORD_METHOD, MONGO_DB_ENABLE, IGNORE_OPERATION_FUNCTION, \
|
||||
DEMO_WHITE_LIST_PATH, DEMO, DEMO_BLACK_LIST_PATH
|
||||
from utils.response import ErrorResponse
|
||||
from apps.vadmin.record.crud import OperationRecordDal
|
||||
from core.database import mongo_getter
|
||||
from utils import status
|
||||
|
||||
|
||||
def write_request_log(request: Request, response: Response):
|
||||
@ -129,8 +130,15 @@ def register_demo_env_middleware(app: FastAPI):
|
||||
path = request.scope.get("path")
|
||||
if request.method != "GET":
|
||||
print("路由:", path, request.method)
|
||||
if DEMO and request.method != "GET" and path not in DEMO_WHITE_LIST_PATH:
|
||||
return ErrorResponse(msg="演示环境,禁止操作")
|
||||
if DEMO and request.method != "GET":
|
||||
if path in DEMO_BLACK_LIST_PATH:
|
||||
return ErrorResponse(
|
||||
status=status.HTTP_403_FORBIDDEN,
|
||||
code=status.HTTP_403_FORBIDDEN,
|
||||
msg="演示环境,禁止操作"
|
||||
)
|
||||
elif path not in DEMO_WHITE_LIST_PATH:
|
||||
return ErrorResponse(msg="演示环境,禁止操作")
|
||||
return await call_next(request)
|
||||
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user