A complete set of basic development platform for permission control based on RBAC model, with front-end and back-end separation, and the back-end using django+django-rest-framework, while the frontend using Vue+ElementUI+d2admin.
Home Page: https://django-vue-admin.com
License: Apache License 2.0
Using the URLconf defined in application.urls, Django tried these URL patterns, in this order:
media/(?P.*)
^admin/
The current path, admin, didn't match any of these.
\backend\dvadmin\system\views\role.py 中的from dvadmin.utils.crud_mixin import FastCrudMixin找不到dvadmin.utils.crud_mixin模块
| Request Method: | GET |
|---|---|
| http://127.0.0.1:8000/ |
media/(?P.*)
^admin/
The empty path didn't match any of these.
ERROR: Couldn't find env file: /data/home/lk/django-vue-admin/.env
change user login 404 error,切换用户登录时会报错,无法登陆。
“角色管理”-“权限管理”,无保存按钮,去掉如下代码后按钮才会出现。
web/src/views/system/rolePermission/index.vue第16行:v-permission="'Save'"
分支:2.x
model中含有json字段时,django会在生成表时添加json的检查约束。system_config表的初始化数据的json字段数据,有几个字段并没有严格按照json格式构建数据,在oracle下会出现违反约束异常(ORA-02290: check constraint (CUSTOMER.SYS_C00218232) violated)
v2.x
settings配置文件中导入了mongoengine包,但没找到具体使用。
目前的代码REFRESH_TOKEN刷新机制尚未完善,自己摸索了一下,可按以下配置:
token2天过期,到期后使用REFRESH_TOKEN刷新,直到 REFRESH_TOKEN也过期,则必须重新登录。cookie 中配置 expires: 2,2天后过期也必须重新登录,如果cookie被别人拿到,原理上则可以一直刷新token使用14天。建议'ROTATE_REFRESH_TOKENS': False,强制过期。
1.settings.py
SIMPLE_JWT = {
# 认证token有效时长 2天
'ACCESS_TOKEN_LIFETIME': timedelta(days=2),
# 刷新token有效时长 14天,用于ACCESS_TOKEN过期后重新获取
'REFRESH_TOKEN_LIFETIME': timedelta(days=14),
# 设置前缀
'AUTH_HEADER_TYPES': ('JWT',),
# 若为True,则刷新后新的refresh_token有效时间自动延长,客户端可以一直获得新的token,不安全
# 若为False,REFRESH_TOKEN到期即失效
'ROTATE_REFRESH_TOKENS': False,
}
// 响应拦截
service.interceptors.response.use(
.............略
// 刷新token
case 401:
//目前看msg存在messages则说明是access-token过期
if (dataAxios.msg.code === 'token_not_valid' && dataAxios.msg.messages) {
// 如果access-token过期则使用refresh-token刷新
if (dataAxios.msg.messages[0].token_type === 'access') {
refreshTken().then(res => {
util.cookies.set('token', res.access)
router.go(0)
})
}
} else {
// 如果refresh-token过期则直接退出登录
errorCreate(${getErrorMessage(dataAxios.msg)})
}
// --------------chuanwei-at-2022.4.22--------
break
3.util.cookies.js
cookies.set = function (name = 'default', value = '', cookieSetting = {}) {
const currentCookieSetting = {
expires: 2
}
v2.0.4 打开用户管理页面更新用户信息会要求再次输入密码
是否可以考虑实现限制同时登录系统用户数量和限制单个用户同时在不同平台登录数量这种登录限制功能?如果可以提供修改思路也可以,万分感谢!
我把你们的代码克隆下来,然后push到自己的仓库,就发现 github 自动检测到那么多漏洞。希望你们尽快修复好,我才敢买你们的低代码插件。
步骤:
1,登录方式选择微信,
2,再选择字节
预期:微信二维码没有消失
实际:出现2个二维码
前端crud.js传入的参数limit默认为10,当数据条数大于10会出现返回结果不全,
建议调整为999或者改成从前端配置文件读取
例如:
src/views/system/user/crud.js第139行: return request({ url: url, params: { page: 1, limit: 999, status: 1 } }).then(ret => {
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
