1 from django.utils.deprecation import MiddlewareMixin
 2 from django.shortcuts import redirect, HttpResponse
 3 import re
 4 class RbacMiddleware(MiddlewareMixin):
 5 
 6     def process_request(self, request):
 7         
 8         # 获取访问的url
 9         current_url = request.path_info
10         
11         # 白名单
12         valid_url = [‘^/login/$‘, ‘^/admin/.*‘]
13         for item in valid_url:
14             if re.match(item, current_url):
15                 return
16             
17         # 是否登入
18         permission_list = request.session.get(‘permission_list‘)
19         if not permission_list:
20             return redirect(‘/login/‘)
21         
22         # 是否有权限访问
23         flag = False
24         for item in permission_list:
25             reg = ‘^%s$‘ % item.get(‘permission__url‘)
26             if re.match(reg, current_url):
27                 flag = True
28                 break
29         if not flag:
30             return HttpResponse(‘无权访问‘)