From ff9d4bcf9b20ee952d6164aabb61cb06f5a55e58 Mon Sep 17 00:00:00 2001
From: Ziqian Wang <2779671262@qq.com>
Date: Fri, 22 Oct 2021 23:53:36 +0800
Subject: [PATCH] fix:add a shortcut for authing in development mode without
 openid

---
 src/pkuphysu_wechat/api/random_draw/views.py | 4 +++-
 src/pkuphysu_wechat/auth/utils.py            | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/pkuphysu_wechat/api/random_draw/views.py b/src/pkuphysu_wechat/api/random_draw/views.py
index 0ea8214..458a3b8 100644
--- a/src/pkuphysu_wechat/api/random_draw/views.py
+++ b/src/pkuphysu_wechat/api/random_draw/views.py
@@ -24,6 +24,8 @@ def join():
 @bp.route("/all", methods=["GET"])
 def get_all():
     openid = token_required()
-    if openid not in settings.wechat.MASTER_IDS:
+    if openid not in settings.WECHAT.MASTER_IDS and not (
+        openid == "developmentopenid" and not settings.PRODUCTION
+    ):
         abort(404)
     return respond_success(data=[record.name for record in RandomDraw.query.all()])
diff --git a/src/pkuphysu_wechat/auth/utils.py b/src/pkuphysu_wechat/auth/utils.py
index b4fc99e..53b1791 100644
--- a/src/pkuphysu_wechat/auth/utils.py
+++ b/src/pkuphysu_wechat/auth/utils.py
@@ -31,7 +31,9 @@ def token_required() -> str:
 
 def master_required():
     openid = token_required()
-    if openid not in settings.WECHAT.MASTER_IDS:
+    if openid not in settings.WECHAT.MASTER_IDS and not (
+        openid == "developmentopenid" and not settings.PRODUCTION
+    ):
         logger.info("%s tried to access admin resouces", openid)
         abort(respond_error(403, "NoHackMaster"))