0.3.4
chat v3
This commit is contained in:
26
TWB/ws_middleware.py
Normal file
26
TWB/ws_middleware.py
Normal file
@@ -0,0 +1,26 @@
|
||||
from channels.db import database_sync_to_async
|
||||
|
||||
@database_sync_to_async
|
||||
def get_user(user_id):
|
||||
from django.contrib.auth.models import User, AnonymousUser
|
||||
try:
|
||||
return User.objects.get(id=user_id)
|
||||
except User.DoesNotExist:
|
||||
return AnonymousUser()
|
||||
|
||||
class QueryAuthMiddleware:
|
||||
"""
|
||||
Custom middleware (insecure) that takes user IDs from the query string.
|
||||
"""
|
||||
|
||||
def __init__(self, app):
|
||||
# Store the ASGI application we were passed
|
||||
self.app = app
|
||||
|
||||
async def __call__(self, scope, receive, send):
|
||||
# Look up user from query string (you should also do things like
|
||||
# checking if it is a valid user ID, or if scope["user"] is already
|
||||
# populated).
|
||||
scope['user'] = await get_user(int(scope["query_string"]))
|
||||
|
||||
return await self.app(scope, receive, send)
|
||||
Reference in New Issue
Block a user