修改为header权限验证，通过设置全局js注入，实现访问自动加载令牌到请求头

2025-03-23 10:46:19 +08:00 · 2025-03-23 10:46:19 +08:00 · 47edaf8e26
parent 548ecf3c9e
commit 47edaf8e26
5 changed files with 18 additions and 25 deletions
--- a/src/app.py
+++ b/src/app.py
@ -38,6 +38,10 @@ app.layout = fuc.FefferyTopProgress(
        dcc.Store(id='global-url-init-load'),
        # 应用根容器
        html.Div(id='root-container'),
+        # 全局永久cookie登录令牌组件
+        fuc.FefferyCookie(id='global-cookie-authorization-permanent', cookieKey='global-cookie-authorization-permanent', secure=True, expires=3600 * 24 * 365),
+        # 全局会话cookie登录令牌组件
+        fuc.FefferyCookie(id='global-cookie-authorization-session', cookieKey='global-cookie-authorization-session', secure=True),
    ],
    listenPropsMode='include',
    includeProps=['root-container.children'],
--- a/src/assets/js/globalCallbacks.js
+++ b/src/assets/js/globalCallbacks.js
@ -20,13 +20,18 @@ function getCookie(name) {
    return null; // 未找到返回 null
  }
  
-document.addEventListener('DOMContentLoaded', function() {
+  document.addEventListener('DOMContentLoaded', function() {
    const originalFetch = window.fetch;
    window.fetch = function(url, config) {
        // if (url.includes('/_dash-update-component')) {
            config = config || {};
            let authToken = null;
-            authToken = getCookie("global-cookie-authorization"); 
+            // 检查永久授权 cookie
+            authToken = getCookie("global-cookie-authorization-permanent");
+            // 如果永久授权 cookie 不存在，检查会话授权 cookie
+            if (authToken == null || authToken == '' || authToken == '""') {
+                authToken = getCookie("global-cookie-authorization-session"); 
+            }
            // 如果存在 Token，添加 Header
            if (authToken !== null && authToken !== '' && authToken != '""') {
                authToken = authToken.replace(/"/g, '')
--- a/src/common/utilities/util_jwt.py
+++ b/src/common/utilities/util_jwt.py
@ -4,7 +4,7 @@ from datetime import timedelta, datetime, timezone
 import jwt
 from dash import set_props
 from enum import Enum
-from flask import request, session
+from flask import request


 class AccessFailType(Enum):
@ -81,13 +81,12 @@ def jwt_encode_save_access_to_session(data: Dict, expires_delta: Optional[timede
    - NoReturn, 该函数不返回任何值。
    """
    access_token = jwt_encode(data, expires_delta=expires_delta)
-    session.permanent = True
    if session_permanent:
-        session['keep_login'] = 1
-        set_props('global-cookie-authorization', {'expires': 3600 * 24 * 365})
+        set_props('global-cookie-authorization-permanent', {'value': f'Bearer {access_token}'})
+        set_props('global-cookie-authorization-session', {'value': '""'})
    else:
-        session['keep_login'] = 0
-    set_props('global-cookie-authorization', {'value': f'Bearer {access_token}'})
+        set_props('global-cookie-authorization-permanent', {'value': '""'})
+        set_props('global-cookie-authorization-session', {'value': f'Bearer {access_token}'})


 def jwt_decode_from_session(verify_exp: bool = True) -> Union[Dict, AccessFailType]:
@ -133,4 +132,5 @@ def clear_access_token_from_session() -> None:
    返回:
    - None, 该函数不返回任何值。
    """
-    set_props('global-cookie-authorization', {'value': '""'})
+    set_props('global-cookie-authorization-permanent', {'value': '""'})
+    set_props('global-cookie-authorization-session', {'value': '""'})
--- a/src/dash_view/framework/func_main.py
+++ b/src/dash_view/framework/func_main.py
@ -1,7 +1,6 @@
 import feffery_antd_components as fac
 import feffery_utils_components as fuc
 from dash import dcc, html
-from flask import session


 def render():
@ -32,13 +31,6 @@ def render():
        fuc.FefferyExecuteJs(id='main-execute-js-output'),
        # 监听窗口大小
        fuc.FefferyWindowSize(id='main-window-size'),
-        # 全局cookie登录令牌组件
-        fuc.FefferyCookie(
-            id='global-cookie-authorization',
-            cookieKey='global-cookie-authorization',
-            secure=True,
-            **(dict(expires=3600 * 24 * 365) if session.get('keep_login') else {}),
-        ),
        # 退出登录提示弹窗
        fac.AntdModal(
            html.Div(
--- a/src/dash_view/pages/login.py
+++ b/src/dash_view/pages/login.py
@ -3,7 +3,6 @@ import feffery_antd_components as fac
 from config.dashgo_conf import ShowConf, JwtConf, LoginConf
 from dash import dcc
 from dash_view.framework.lang import render_lang_content
-from flask import session
 import dash_callback.pages.login_c  # noqa
 from i18n import t__other

@ -124,13 +123,6 @@ def render_content():
                                            dcc.Store(id='login-store-need-vc', storage_type='local'),
                                            dcc.Store(id='login-store-fc', storage_type='local'),
                                            dcc.Store(id='login-password-sha256'),
-                                            # 全局cookie登录令牌组件
-                                            fuc.FefferyCookie(
-                                                id='global-cookie-authorization',
-                                                cookieKey='global-cookie-authorization',
-                                                secure=True,
-                                                **(dict(expires=3600 * 24 * 365) if session.get('keep_login') else {}),
-                                            ),
                                        ],
                                        direction='vertical',
                                        className={