Django-权限信息中间件操作

# 在当前app下新建一个middleware的文件夹，然后就可以尽情的写中间件了，只能是这个名字，切记~@！
import re

from django.shortcuts import redirect,HttpResponse
from django.conf import settings

class MiddlewareMixin(object):
    def __init__(self, get_response=None):
        self.get_response = get_response
        super(MiddlewareMixin, self).__init__()

    def __call__(self, request):
        response = None
        if hasattr(self, 'process_request'):
            response = self.process_request(request)
        if not response:
            response = self.get_response(request)
        if hasattr(self, 'process_response'):
            response = self.process_response(request, response)
        return response


class LoginMiddleware(MiddlewareMixin):
    def process_request(self,request):
        if request.path_info == '/login/' or request.path_info == "/get_validCode_img/":
            return None
        if request.session.get('user_info'):
            return None
        return redirect('/login/')



class RbacMiddleware(MiddlewareMixin):

    def process_request(self,request):
        # 1. 获取当前请求的URL
        # request.path_info
        # 2. 获取Session中保存当前用户的权限
        # request.session.get("permission_url_list')
        current_url = request.path_info

        # 当前请求不需要执行权限验证
        for url in settings.VALID_URL:
            if re.match(url,current_url):
                return None

        permission_dict = request.session.get(settings.PERMISSION_URL_DICT_KEY)
        if not permission_dict:
            return redirect('/login/')

        flag = False
        for group_id,code_url in permission_dict.items():

            for db_url in code_url['urls']:
                regax = "^{0}$".format(db_url)
                if re.match(regax, current_url):
                    request.permission_code_list = code_url['codes']
                    flag = True
                    break
            if flag:
                break

        if not flag:
            return HttpResponse('无权访问')