meijiaka-zy/python-api/app/api/deps.py

"""
依赖注入工具
============
"""

from __future__ import annotations

from fastapi import Depends, HTTPException, status
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from sqlalchemy import select
from sqlalchemy.ext.asyncio import AsyncSession

from app.config import get_settings
from app.core.security import verify_token
from app.db.session import get_db as db_session
from app.models.user import User

settings = get_settings()
security = HTTPBearer(auto_error=False)


# 数据库依赖
async def get_db() -> AsyncSession:
    """获取数据库 Session"""
    async for session in db_session():
        yield session


async def get_current_user(
    credentials: HTTPAuthorizationCredentials | None = Depends(security),
    db: AsyncSession = Depends(get_db),
) -> User:
    """
    获取当前登录用户

    从 Authorization Header 中提取 JWT Token 并验证。
    开发模式下认证失败时自动兜底，返回数据库中的第一个用户，方便流程测试。
    """
    # 开发模式：尝试正常认证，失败则兜底
    user: User | None = None

    if credentials is not None:
        token = credentials.credentials
        payload = verify_token(token)
        if payload and payload.get("sub"):
            user_id = payload.get("sub")
            result = await db.execute(select(User).where(User.id == user_id))
            user = result.scalar_one_or_none()

    # 开发模式兜底：认证失败或用户不存在时，自动返回第一个用户
    if user is None and settings.DEBUG:
        result = await db.execute(select(User).limit(1))
        user = result.scalar_one_or_none()

    if user is None:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="缺少认证信息",
            headers={"WWW-Authenticate": "Bearer"},
        )

    return user


async def get_current_user_optional(
    credentials: HTTPAuthorizationCredentials | None = Depends(security),
    db=Depends(get_db),
) -> User | None:
    """
    获取当前登录用户（可选，未登录返回 None）
    """
    if credentials is None:
        return None

    try:
        return await get_current_user(credentials, db)
    except HTTPException:
        return None