Spaces:
Paused
Paused
| """ | |
| 认证依赖 | |
| 用于保护需要认证的路由 | |
| """ | |
| import logging | |
| from fastapi import Request, HTTPException, status | |
| from fastapi.responses import RedirectResponse | |
| logger = logging.getLogger(__name__) | |
| def get_current_user(request: Request) -> dict: | |
| """ | |
| 获取当前登录用户 | |
| 从 Session 中获取用户信息 | |
| Args: | |
| request: FastAPI Request 对象 | |
| Returns: | |
| 用户信息字典 | |
| Raises: | |
| HTTPException: 如果未登录 | |
| """ | |
| user = request.session.get("user") | |
| if not user: | |
| logger.warning("未登录用户尝试访问受保护资源") | |
| raise HTTPException( | |
| status_code=status.HTTP_401_UNAUTHORIZED, | |
| detail="未登录" | |
| ) | |
| return user | |
| async def require_admin(request: Request) -> dict: | |
| """ | |
| 要求管理员权限 | |
| 检查用户是否已登录且具有管理员权限, 或者提供有效的 X-API-Key | |
| """ | |
| # 1. 首先尝试 Session 认证 | |
| user = request.session.get("user") | |
| if user and user.get("is_admin"): | |
| return user | |
| # 2. 如果 Session 不行,尝试 Header 认证 (X-API-Key) | |
| api_key_header = request.headers.get("X-API-Key") | |
| if api_key_header: | |
| from app.database import AsyncSessionLocal | |
| from app.services.settings import settings_service | |
| async with AsyncSessionLocal() as db: | |
| api_key = await settings_service.get_setting(db, "api_key") | |
| if api_key and api_key_header == api_key: | |
| return {"username": "api_user", "is_admin": True} | |
| # 3. 都没有权限 | |
| logger.warning("认证失败: 未登录或 API Key 错误") | |
| raise HTTPException( | |
| status_code=status.HTTP_401_UNAUTHORIZED, | |
| detail="未登录或 API Key 无效" | |
| ) | |
| def optional_user(request: Request) -> dict | None: | |
| """ | |
| 可选的用户信息 | |
| 如果已登录则返回用户信息,否则返回 None | |
| Args: | |
| request: FastAPI Request 对象 | |
| Returns: | |
| 用户信息字典或 None | |
| """ | |
| return request.session.get("user") | |