python flask程序需要用户登录也需要角色验证,可以采用如下方法
def is_login(func):@wraps(func)def inner(*args,**kwargs):user = session.get('user')if not user:return redirect(url_for('login'))return func(*args,**kwargs)return innerdef roles_required(*args1):def outer(func):@wraps(*args1)def inner(*args,**kwargs):user = session.get('user')if not user:return redirect(url_for('login'))else:sql="select role from users where username='{}'".format(user)flag=len(mydb.get_all(sql))if flag:result=mydb.get_all(sql)if result[0]['role'] in args1:print(f"{result[0]['role']}在{args1}中")return func(*args, **kwargs)else:print('用户权限不足')return redirect(url_for('index'))else:print('用户没有登录')return redirect(url_for('login'))return innerreturn outer
函数代码
@app.route('/userjson',methods=['GET','POST'],endpoint='userjson')
@roles_required('admin')
def userjson():sql='select * from users'data=mydb.get_all(sql)info = request.valuesprint(info)limit = info.get('limit', 10) # 每页显示的条数offset = info.get('offset', 0) # 分片数,(页码-1)*limit,它表示一段数据的起点username = info.get('uname','')if username:sql="select * from users where username='{}'".format(username)print(sql)data=mydb.get_all(sql)return jsonify({'total': len(data), 'rows': data[int(offset):(int(offset) + int(limit))]})
这个的需要admin权限用户才可以访问