!19 Dash-FastAPI-Admin v1.2.1

Merge pull request !19 from insistence/develop

Author: insistence

README.md

@@ -1,18 +1,19 @@
 <p align="center">
 	<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png">
 </p>
-<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">Dash-FastAPI-Admin v1.2.0</h1>
+<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">Dash-FastAPI-Admin v1.2.1</h1>
 <h4 align="center">基于Dash+FastAPI前后端分离的纯Python快速开发框架</h4>
 <p align="center">
 	<a href="https://gitee.com/insistence2022/dash-fastapi-admin/stargazers"><img src="https://gitee.com/insistence2022/dash-fastapi-admin/badge/star.svg?theme=dark"></a>
     <a href="https://github.com/insistence/Dash-FastAPI-Admin"><img src="https://img.shields.io/github/stars/insistence/Dash-FastAPI-Admin?style=social"></a>
-	<a href="https://gitee.com/insistence2022/dash-fastapi-admin"><img src="https://img.shields.io/badge/DashFastAPIAdmin-v1.2.0-brightgreen.svg"></a>
+	<a href="https://gitee.com/insistence2022/dash-fastapi-admin"><img src="https://img.shields.io/badge/DashFastAPIAdmin-v1.2.1-brightgreen.svg"></a>
 	<a href="https://gitee.com/insistence2022/dash-fastapi-admin/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
     <img src="https://img.shields.io/badge/python-3.8 | 3.9-blue">
     <img src="https://img.shields.io/badge/MySQL-≥5.7-blue">
 </p>
 
 
+
 ## 平台简介
 
 Dash-FastAPI-Admin是一套全部开源的快速开发平台，毫无保留给个人及企业免费使用。

dash-fastapi-backend/.env.dev

@@ -10,7 +10,7 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.2.0'
+APP_VERSION= '1.2.1'
 # 应用是否开启热重载
 APP_RELOAD = true
 

dash-fastapi-backend/.env.prod

@@ -10,7 +10,7 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.2.0'
+APP_VERSION= '1.2.1'
 # 应用是否开启热重载
 APP_RELOAD = false
 

dash-fastapi-backend/module_admin/annotation/log_annotation.py

@@ -49,7 +49,7 @@ async def wrapper(*args, **kwargs):
             # 获取请求的url
             oper_url = request.url.path
             # 获取请求的ip及ip归属区域
-            oper_ip = request.headers.get('X-Forwarded-For') if AppConfig.app_env == 'prod' else request.headers.get('remote_addr')
+            oper_ip = request.headers.get('remote_addr') if request.headers.get('is_browser') == 'no' else request.headers.get('X-Forwarded-For')
             oper_location = '内网IP'
             try:
                 if oper_ip != '127.0.0.1' and oper_ip != 'localhost':

dash-fastapi-backend/module_admin/aspect/interface_auth.py

@@ -1,4 +1,5 @@
 from fastapi import Depends
+from typing import Union, List
 from module_admin.entity.vo.user_vo import CurrentUserInfoServiceResponse
 from module_admin.service.login_service import get_current_user
 from utils.response_util import PermissionException
@@ -7,13 +8,50 @@
 class CheckUserInterfaceAuth:
     """
     校验当前用户是否具有相应的接口权限
+    :param perm: 权限标识
+    :param is_strict: 当传入的权限标识是list类型时，是否开启严格模式，开启表示会校验列表中的每一个权限标识，所有的校验结果都需要为True才会通过
     """
-    def __init__(self, perm_str: str = 'common'):
-        self.perm_str = perm_str
+    def __init__(self, perm: Union[str, List], is_strict: bool = False):
+        self.perm = perm
+        self.is_strict = is_strict
 
     def __call__(self, current_user: CurrentUserInfoServiceResponse = Depends(get_current_user)):
         user_auth_list = [item.perms for item in current_user.menu]
         user_auth_list.append('common')
-        if self.perm_str in user_auth_list:
-            return True
+        if isinstance(self.perm, str):
+            if self.perm in user_auth_list:
+                return True
+        if isinstance(self.perm, list):
+            if self.is_strict:
+                if all([perm_str in user_auth_list for perm_str in self.perm]):
+                    return True
+            else:
+                if any([perm_str in user_auth_list for perm_str in self.perm]):
+                    return True
+        raise PermissionException(data="", message="该用户无此接口权限")
+
+
+class CheckRoleInterfaceAuth:
+    """
+    根据角色校验当前用户是否具有相应的接口权限
+    :param role_key: 角色标识
+    :param is_strict: 当传入的角色标识是list类型时，是否开启严格模式，开启表示会校验列表中的每一个角色标识，所有的校验结果都需要为True才会通过
+    """
+    def __init__(self, role_key: Union[str, List], is_strict: bool = False):
+        self.role_key = role_key
+        self.is_strict = is_strict
+
+    def __call__(self, current_user: CurrentUserInfoServiceResponse = Depends(get_current_user)):
+        user_role_list = current_user.role
+        user_role_key_list = [role.role_key for role in user_role_list]
+        if isinstance(self.role_key, str):
+            if self.role_key in user_role_key_list:
+                return True
+        if isinstance(self.role_key, list):
+            if self.is_strict:
+                if all([role_key_str in user_role_key_list for role_key_str in self.role_key]):
+                    return True
+            else:
+                if any([role_key_str in user_role_key_list for role_key_str in self.role_key]):
+                    return True
         raise PermissionException(data="", message="该用户无此接口权限")

dash-fastapi-frontend/utils/request.py

@@ -15,9 +15,9 @@ def api_request(method: str, url: str, is_headers: bool, params: Optional[dict]
     remote_addr = request.headers.get("X-Forwarded-For") if AppConfig.app_env == 'prod' else request.remote_addr
     if is_headers:
         api_headers = {'Authorization': 'Bearer ' + authorization, 'remote_addr': remote_addr,
-                       'User-Agent': user_agent}
+                       'User-Agent': user_agent, 'is_browser': 'no'}
     else:
-        api_headers = {'remote_addr': remote_addr, 'User-Agent': user_agent}
+        api_headers = {'remote_addr': remote_addr, 'User-Agent': user_agent, 'is_browser': 'no'}
     try:
         if method == 'get':
             response = requests.get(url=api_url, params=params, data=data, json=json, headers=api_headers,
@@ -49,21 +49,21 @@ def api_request(method: str, url: str, is_headers: bool, params: Optional[dict]
         if response_code == 200:
             logger.info("[api]请求人:{}||请求IP:{}||请求方法:{}||请求Api:{}||请求参数:{}||请求结果:{}",
                         session.get('user_info').get('user_name') if session.get('user_info') else None,
-                        request.remote_addr, method, url,
+                        remote_addr, method, url,
                         ','.join([str(x) for x in data_list if x]),
                         response_message)
         else:
             logger.warning("[api]请求人:{}||请求IP:{}||请求方法:{}||请求Api:{}||请求参数:{}||请求结果:{}",
                            session.get('user_info').get('user_name') if session.get('user_info') else None,
-                           request.remote_addr, method, url,
+                           remote_addr, method, url,
                            ','.join([str(x) for x in data_list if x]),
                            response_message)
 
         return response if stream else response.json()
     except Exception as e:
         logger.error("[api]请求人:{}||请求IP:{}||请求方法:{}||请求Api:{}||请求结果:{}",
                      session.get('user_info').get('user_name') if session.get('user_info') else None,
-                     request.remote_addr, method, url, str(e))
+                     remote_addr, method, url, str(e))
         session['code'] = 500
         session['message'] = str(e)