admin/meijiaka-zy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8fd68fc25edc4e7ecfb7787a5f03a894fa7481e6
meijiaka-zy/python-api/app/api/deps.py
T
小鱼开发 b597d715c8 fix: 认证流程修复 + alembic 迁移补全 + 前端僵尸代码清理 
后端:
- 修复 get_current_user 未校验 is_active,被封禁用户仍可用旧 Token
- auth.py 捕获 ValueError 转 HTTPException(验证码错误、账号被封、Token 无效等不再返回 500)
- 修正 SMS 每日上限注释(3次 → 10次)
- 修复迁移脚本外键引用错误:users.id → mjk_users.id
- 新建积分系统 4 张表的迁移(mjk_user_points/batches/transactions/recharge_orders)
- pyproject.toml 补充 alembic + psycopg2-binary 依赖
- ruff 格式修复(import 排序等)

前端:
- 修复 doRefreshToken 成功后不持久化新 Token 的严重 bug
- 修复应用重启后 SSE 不自动重连(收不到踢人通知)
- 修复 App.tsx handleLogout 未 await
- client.ts 统一从 utils/env 导入 isTauri,默认 base URL 兜底 localhost:8000
- 清理 ~20 个未使用的 hooks/utils/api 模块/组件导出
- 修复所有 ESLint 警告(206 → 0)和 TSC 错误
- 测试通过(5/5)

其他:
- 更新 requirements.lock 和 uv.lock
2026-05-08 11:10:48 +08:00

109 lines
3.2 KiB
Python
Raw Blame History

"""
依赖注入工具
============
"""
from __future__ import annotations
from fastapi import Depends, HTTPException, status
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from sqlalchemy import select
from sqlalchemy.ext.asyncio import AsyncSession
from app.config import get_settings
from app.core.security import verify_access_token
from app.crud.user import user as user_crud
from app.db.session import get_db as db_session
from app.models.user import User
settings = get_settings()
security = HTTPBearer(auto_error=False)
# 数据库依赖
async def get_db() -> AsyncSession:
"""获取数据库 Session"""
async for session in db_session():
yield session
async def get_current_user(
credentials: HTTPAuthorizationCredentials | None = Depends(security),
db: AsyncSession = Depends(get_db),
) -> User:
"""
获取当前登录用户
从 Authorization Header 中提取 JWT Access Token 并验证。
【测试环境特殊处理】
当 settings.AUTH_BYPASS = True 时,直接短路返回测试用户,跳过一切 token 校验。
AUTH_BYPASS 独立于 DEBUG,专门用于测试环境绕过认证。
"""
# ========== 测试环境:直接短路返回测试用户 ==========
if settings.AUTH_BYPASS:
result = await db.execute(select(User).limit(1))
user = result.scalar_one_or_none()
# 数据库为空时自动创建测试用户,确保始终有用户可返回
if user is None:
user = await user_crud.get_or_create_by_mobile(
db,
mobile="13800138000",
nickname="测试用户",
)
return user
# ========== 生产环境:正常 JWT 认证 ==========
if credentials is None:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="缺少认证信息",
headers={"WWW-Authenticate": "Bearer"},
)
token = credentials.credentials
payload = verify_access_token(token)
if not payload or not payload.get("sub"):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Token 无效或已过期",
headers={"WWW-Authenticate": "Bearer"},
)
user_id = payload.get("sub")
result = await db.execute(select(User).where(User.id == user_id))
user = result.scalar_one_or_none()
if user is None:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="用户不存在",
headers={"WWW-Authenticate": "Bearer"},
)
if not user.is_active:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="账号已被封禁",
headers={"WWW-Authenticate": "Bearer"},
)
return user
async def get_current_user_optional(
credentials: HTTPAuthorizationCredentials | None = Depends(security),
db=Depends(get_db),
) -> User | None:
"""
获取当前登录用户(可选,未登录返回 None)
"""
if credentials is None:
return None
try:
return await get_current_user(credentials, db)
except HTTPException:
return None
Reference in New Issue View Git Blame Copy Permalink