新增演示接口黑名单功能

kinit-api/application/settings.py

@@ -28,6 +28,10 @@ DEMO_WHITE_LIST_PATH = [
     "/vadmin/resource/images",
     "/vadmin/auth/user/export/query/list/to/excel"
 ]
+"""演示功能黑名单（触发异常 status_code=403），黑名单优先级更高"""
+DEMO_BLACK_LIST_PATH = [
+    "/auth/api/login"
+]
 
 """
 引入数据库配置

kinit-api/core/middleware.py

@@ -17,11 +17,12 @@ from core.logger import logger
 from fastapi import FastAPI
 from fastapi.routing import APIRoute
 from user_agents import parse
-from application.settings import OPERATION_RECORD_METHOD, MONGO_DB_ENABLE, IGNORE_OPERATION_FUNCTION,\
+from application.settings import OPERATION_RECORD_METHOD, MONGO_DB_ENABLE, IGNORE_OPERATION_FUNCTION, \
-    DEMO_WHITE_LIST_PATH, DEMO
+    DEMO_WHITE_LIST_PATH, DEMO, DEMO_BLACK_LIST_PATH
 from utils.response import ErrorResponse
 from apps.vadmin.record.crud import OperationRecordDal
 from core.database import mongo_getter
+from utils import status
 
 
 def write_request_log(request: Request, response: Response):
@@ -129,8 +130,15 @@ def register_demo_env_middleware(app: FastAPI):
         path = request.scope.get("path")
         if request.method != "GET":
             print("路由：", path, request.method)
-        if DEMO and request.method != "GET" and path not in DEMO_WHITE_LIST_PATH:
+        if DEMO and request.method != "GET":
-            return ErrorResponse(msg="演示环境，禁止操作")
+            if path in DEMO_BLACK_LIST_PATH:
+                return ErrorResponse(
+                    status=status.HTTP_403_FORBIDDEN,
+                    code=status.HTTP_403_FORBIDDEN,
+                    msg="演示环境，禁止操作"
+                )
+            elif path not in DEMO_WHITE_LIST_PATH:
+                return ErrorResponse(msg="演示环境，禁止操作")
         return await call_next(request)