AI_POC/TERES_fastapi_backend
12
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

支持 标准Bearer格式和直接token格式(

Browse Source
This commit is contained in:
dangzerong
2025-10-27 16:31:17 +08:00
parent 8086a73f9f
commit 4b95be9762
6 changed files with 40 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/apps/document_app.py
View File

@@ -23,7 +23,8 @@ from typing import List, Optional
from fastapi import APIRouter, Depends, File, Form, HTTPException, UploadFile, Query from fastapi import APIRouter, Depends, File, Form, HTTPException, UploadFile, Query
from fastapi.responses import StreamingResponse from fastapi.responses import StreamingResponse
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials from fastapi.security import HTTPAuthorizationCredentials
from api.utils.api_utils import security
from api import settings from api import settings
from api.common.check_team_permission import check_kb_team_permission from api.common.check_team_permission import check_kb_team_permission
@@ -53,7 +54,6 @@ from pydantic import BaseModel
from api.db.db_models import User from api.db.db_models import User
# Security # Security
security = HTTPBearer()
# Pydantic models for request/response # Pydantic models for request/response
class WebCrawlRequest(BaseModel): class WebCrawlRequest(BaseModel):

4
api/apps/file2document_app.py
View File

@@ -18,7 +18,8 @@ from pathlib import Path
from typing import List from typing import List
from fastapi import APIRouter, Depends from fastapi import APIRouter, Depends
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials from fastapi.security import HTTPAuthorizationCredentials
from api.utils.api_utils import security
from api.db.services.file2document_service import File2DocumentService from api.db.services.file2document_service import File2DocumentService
from api.db.services.file_service import FileService from api.db.services.file_service import FileService
@@ -33,7 +34,6 @@ from api.utils.api_utils import get_json_result
from pydantic import BaseModel from pydantic import BaseModel
# Security # Security
security = HTTPBearer()
# Pydantic models for request/response # Pydantic models for request/response
class ConvertRequest(BaseModel): class ConvertRequest(BaseModel):

4
api/apps/file_app.py
View File

@@ -20,7 +20,8 @@ from typing import List, Optional
from fastapi import APIRouter, Depends, File, Form, HTTPException, UploadFile, Query from fastapi import APIRouter, Depends, File, Form, HTTPException, UploadFile, Query
from fastapi.responses import StreamingResponse from fastapi.responses import StreamingResponse
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials from fastapi.security import HTTPAuthorizationCredentials
from api.utils.api_utils import security
from api.common.check_team_permission import check_file_team_permission from api.common.check_team_permission import check_file_team_permission
from api.db.services.document_service import DocumentService from api.db.services.document_service import DocumentService
@@ -38,7 +39,6 @@ from rag.utils.storage_factory import STORAGE_IMPL
from pydantic import BaseModel from pydantic import BaseModel
# Security # Security
security = HTTPBearer()
# Pydantic models for request/response # Pydantic models for request/response
class CreateFileRequest(BaseModel): class CreateFileRequest(BaseModel):

4
api/apps/mcp_server_app.py
View File

@@ -15,7 +15,8 @@
# #
from typing import List, Optional, Dict, Any from typing import List, Optional, Dict, Any
from fastapi import APIRouter, Depends, HTTPException, Query from fastapi import APIRouter, Depends, HTTPException, Query
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials from fastapi.security import HTTPAuthorizationCredentials
from api.utils.api_utils import security
from api import settings from api import settings
from api.db import VALID_MCP_SERVER_TYPES from api.db import VALID_MCP_SERVER_TYPES
@@ -31,7 +32,6 @@ from rag.utils.mcp_tool_call_conn import MCPToolCallSession, close_multiple_mcp_
from pydantic import BaseModel from pydantic import BaseModel
# Security # Security
security = HTTPBearer()
# Pydantic models for request/response # Pydantic models for request/response
class ListMCPRequest(BaseModel): class ListMCPRequest(BaseModel):

4
api/apps/user_app_fastapi.py
View File

@@ -21,7 +21,8 @@ from datetime import datetime
from typing import Optional, Dict, Any from typing import Optional, Dict, Any
from fastapi import APIRouter, Depends, HTTPException, Request, Response, status from fastapi import APIRouter, Depends, HTTPException, Request, Response, status
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials from fastapi.security import HTTPAuthorizationCredentials
from api.utils.api_utils import security
from fastapi.responses import RedirectResponse from fastapi.responses import RedirectResponse
from pydantic import BaseModel, EmailStr from pydantic import BaseModel, EmailStr
try: try:
@@ -65,7 +66,6 @@ from api.utils.crypt import decrypt
router = APIRouter() router = APIRouter()
# 安全方案 # 安全方案
security = HTTPBearer()
# Pydantic模型 # Pydantic模型
class LoginRequest(BaseModel): class LoginRequest(BaseModel):

31
api/utils/api_utils.py
View File

@@ -38,6 +38,8 @@ from fastapi import Request, Response as FastAPIResponse, HTTPException, status
from fastapi.responses import JSONResponse, FileResponse, StreamingResponse from fastapi.responses import JSONResponse, FileResponse, StreamingResponse
from fastapi import Depends from fastapi import Depends
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from fastapi.security.base import SecurityBase
from fastapi.openapi.models import OAuthFlows as OAuthFlowsModel
from itsdangerous import URLSafeTimedSerializer from itsdangerous import URLSafeTimedSerializer
from peewee import OperationalError from peewee import OperationalError
from werkzeug.http import HTTP_STATUS_CODES from werkzeug.http import HTTP_STATUS_CODES
@@ -51,8 +53,35 @@ from api.db.services.llm_service import LLMService
from api.db.services.tenant_llm_service import TenantLLMService from api.db.services.tenant_llm_service import TenantLLMService
from api.utils.json import CustomJSONEncoder, json_dumps from api.utils.json import CustomJSONEncoder, json_dumps
# 自定义认证方案支持不传Bearer格式
class CustomHTTPBearer(SecurityBase):
def __init__(self, *, scheme_name: str = None, auto_error: bool = True):
self.scheme_name = scheme_name or self.__class__.__name__
self.auto_error = auto_error
# 添加 model 属性用于 OpenAPI 文档生成
self.model = HTTPBearer()
async def __call__(self, request: Request) -> HTTPAuthorizationCredentials:
authorization: str = request.headers.get("Authorization")
if not authorization:
if self.auto_error:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Not authenticated"
)
else:
return None
# 支持Bearer格式和直接token格式
if authorization.startswith("Bearer "):
token = authorization[7:] # 移除"Bearer "前缀
else:
token = authorization # 直接使用token
return HTTPAuthorizationCredentials(scheme="Bearer", credentials=token)
# FastAPI 安全方案 # FastAPI 安全方案
security = HTTPBearer() security = CustomHTTPBearer()
from api.utils import get_uuid from api.utils import get_uuid
from rag.utils.mcp_tool_call_conn import MCPToolCallSession, close_multiple_mcp_toolcall_sessions from rag.utils.mcp_tool_call_conn import MCPToolCallSession, close_multiple_mcp_toolcall_sessions