django 隐藏特殊参数或者隐藏本地变量方法

于 2019-05-21 18:42:57 发布
阅读量1.2k 收藏
点赞数
分类专栏: python django 文章标签: 隐藏参数
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/goupper1991/article/details/90412768
版权
本文介绍如何在Django中有效地隐藏特殊参数和本地变量,确保应用的安全性和数据隐私。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

django 隐藏特殊参数或者隐藏本地变量方法

from django.views.decorators.debug import sensitive_post_parameters
from django.utils.decorators import method_decorator


def sensitive_post_parameters(*parameters):
"""
Indicates which POST parameters used in the decorated view are sensitive,
so that those parameters can later be treated in a special way, for example
by hiding them when logging unhandled exceptions.

Two forms are accepted:

* with specified parameters:

    @sensitive_post_parameters('password', 'credit_card')
    def my_view(request):
        pw = request.POST['password']
        cc = request.POST['credit_card']
        ...

* without any specified parameters, in which case it is assumed that
  all parameters are considered sensitive:

    @sensitive_post_parameters()
    def my_view(request)
        ...
"""
def decorator(view):
    @functools.wraps(view)
    def sensitive_post_parameters_wrapper(request, *args, **kwargs):
        assert isinstance(request, HttpRequest), (
            "sensitive_post_parameters didn't receive an HttpRequest. "
            "If you are decorating a classmethod, be sure to use "
            "@method_decorator."
        )
        if parameters:
            request.sensitive_post_parameters = parameters
        else:
            request.sensitive_post_parameters = '__ALL__'
        return view(request, *args, **kwargs)
    return sensitive_post_parameters_wrapper
return decorator


隐藏参数调用示例
sensitive_post_parameters_m = method_decorator(
    sensitive_post_parameters(
        'password', 'old_password', 'new_password1', 'new_password2'
    )
)

class RegisterView(CreateAPIView):
    """
    注册
    """
    serializer_class = RegisterSerializer
    permission_classes = (AllowAny,)
    token_model = Token
    token = None

    @sensitive_post_parameters_m
    def dispatch(self, request, *args, **kwargs):
        return super(RegisterView, self).dispatch(request, *args, **kwargs)
下面为隐藏本地变量(日志异常抓取), 已下为django源代码.
def sensitive_variables(*variables):
"""
Indicates which variables used in the decorated function are sensitive, so
that those variables can later be treated in a special way, for example
by hiding them when logging unhandled exceptions.

Two forms are accepted:

* with specified variable names:

    @sensitive_variables('user', 'password', 'credit_card')
    def my_function(user):
        password = user.pass_word
        credit_card = user.credit_card_number
        ...

* without any specified variable names, in which case it is assumed that
  all variables are considered sensitive:

    @sensitive_variables()
    def my_function()
        ...
"""
def decorator(func):
    @functools.wraps(func)
    def sensitive_variables_wrapper(*func_args, **func_kwargs):
        if variables:
            sensitive_variables_wrapper.sensitive_variables = variables
        else:
            sensitive_variables_wrapper.sensitive_variables = '__ALL__'
        return func(*func_args, **func_kwargs)
    return sensitive_variables_wrapper
return decorator

 

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值