is staff

2023-10-10 00:29:42 +03:00 · 2023-10-10 00:29:42 +03:00 · 4bfc6c2f22
commit 4bfc6c2f22
parent 21b338b256
3 changed files with 27 additions and 1 deletions
--- a/web/urls.py
+++ b/web/urls.py
@ -12,5 +12,6 @@ urlpatterns = [
    path(*LogoutView.as_path()),
    path(*PingView.as_path()),
    path(*VKAuthView.as_path()),
-    path(*YandexAuthView.as_path())
+    path(*YandexAuthView.as_path()),
+    path('is_staff', is_staff)
 ]
--- a/web/views/init.py
+++ b/web/views/init.py
@ -7,3 +7,4 @@ from .logout import LogoutView
 from .ping import PingView
 from .vk_auth import VKAuthView
 from .yandex_auth import YandexAuthView
+from .is_staff import is_staff
--- a/web/views/is_staff.py
+++ b/web/views/is_staff.py
@ -0,0 +1,24 @@
+from django.db.models import Q
+from django.http import HttpResponse, JsonResponse
+
+from Platform import settings
+from web.models import CustomUser
+
+
+def is_staff(request):
+    if request.headers.get("X-Security-Token") != settings.PLATFORM_SECURITY_TOKEN:
+        return HttpResponse('', status=403)
+    data = {}
+    vk_id = request.GET.get('vk_id')
+    if vk_id:
+        data['vk_id'] = vk_id
+    yandex_id = request.GET.get('yandex_id')
+    if yandex_id:
+        data['yandex_id'] = yandex_id
+    email = request.GET.get('email')
+    if email:
+        data['email'] = email
+    for key, value in data.items():
+        if len(CustomUser.objects.filter(**{key: value})) != 0:
+            return JsonResponse({'is_staff': True})
+    return JsonResponse({'is_staff': False})