v0.21.1-fastapi

2025-11-04 16:06:36 +08:00
parent 3e58c3d0e9
commit d57b5d76ae
218 changed files with 19617 additions and 72339 deletions
--- a/api/apps/user_app_fastapi.py
+++ b/api/apps/user_app_fastapi.py
@@ -21,8 +21,7 @@ from datetime import datetime
 from typing import Optional, Dict, Any

 from fastapi import APIRouter, Depends, HTTPException, Request, Response, status
-from fastapi.security import HTTPAuthorizationCredentials
-from api.utils.api_utils import security
+from api.apps.models.auth_dependencies import get_current_user
 from fastapi.responses import RedirectResponse
 from pydantic import BaseModel, EmailStr
 try:
@@ -89,63 +88,7 @@ class TenantInfoRequest(BaseModel):
    img2txt_id: str
    llm_id: str

-# 依赖项：获取当前用户
-async def get_current_user(credentials: HTTPAuthorizationCredentials = Depends(security)):
-    """获取当前用户"""
-    from api.db import StatusEnum
-    try:
-        from itsdangerous.url_safe import URLSafeTimedSerializer as Serializer
-    except ImportError:
-        # 如果没有itsdangerous，使用jwt作为替代
-        import jwt
-        Serializer = jwt
-    
-    jwt = Serializer(secret_key=settings.SECRET_KEY)
-    authorization = credentials.credentials
-    
-    if authorization:
-        try:
-            access_token = str(jwt.loads(authorization))
-            
-            if not access_token or not access_token.strip():
-                raise HTTPException(
-                    status_code=status.HTTP_401_UNAUTHORIZED,
-                    detail="Authentication attempt with empty access token"
-                )
-            
-            # Access tokens should be UUIDs (32 hex characters)
-            if len(access_token.strip()) < 32:
-                raise HTTPException(
-                    status_code=status.HTTP_401_UNAUTHORIZED,
-                    detail=f"Authentication attempt with invalid token format: {len(access_token)} chars"
-                )
-            
-            user = UserService.query(
-                access_token=access_token, status=StatusEnum.VALID.value
-            )
-            if user:
-                if not user[0].access_token or not user[0].access_token.strip():
-                    raise HTTPException(
-                        status_code=status.HTTP_401_UNAUTHORIZED,
-                        detail=f"User {user[0].email} has empty access_token in database"
-                    )
-                return user[0]
-            else:
-                raise HTTPException(
-                    status_code=status.HTTP_401_UNAUTHORIZED,
-                    detail="Invalid access token"
-                )
-        except Exception as e:
-            logging.warning(f"load_user got exception {e}")
-            raise HTTPException(
-                status_code=status.HTTP_401_UNAUTHORIZED,
-                detail="Invalid access token"
-            )
-    else:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Authorization header required"
-        )
+# 依赖项：获取当前用户 - 从 auth_dependencies 导入

@router.post("/login")
 async def login(request: LoginRequest):