yrq/----
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

upload project source code

Browse Source
This commit is contained in:
1346185973@qq.com
2026-04-30 18:49:43 +08:00
commit 9b394ba682
2277 changed files with 660945 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
后端源码/yifan.action-ai.cn/app/api/v1/module_system/auth/__init__.py Normal file
View File

@@ -0,0 +1,2 @@
# -*- coding: utf-8 -*-

139
后端源码/yifan.action-ai.cn/app/api/v1/module_system/auth/controller.py Normal file
View File

@@ -0,0 +1,139 @@
# -*- coding: utf-8 -*-
from typing import Union, Dict
from fastapi import APIRouter, Depends, Request
from fastapi.responses import JSONResponse
from sqlalchemy.ext.asyncio import AsyncSession
from redis.asyncio.client import Redis
from app.common.response import ErrorResponse, SuccessResponse
from app.core.router_class import OperationLogRoute
from app.core.security import CustomOAuth2PasswordRequestForm
from app.core.logger import log
from app.config.setting import settings
from app.core.dependencies import (
db_getter,
get_current_user,
redis_getter
)
from .service import (
LoginService,
CaptchaService
)
from .schema import (
CaptchaOutSchema,
JWTOutSchema,
RefreshTokenPayloadSchema,
LogoutPayloadSchema
)
AuthRouter = APIRouter(route_class=OperationLogRoute, prefix="/auth", tags=["认证授权"])
@AuthRouter.post("/login", summary="登录", description="登录", response_model=JWTOutSchema)
async def login_for_access_token_controller(
request: Request,
redis: Redis = Depends(redis_getter),
login_form: CustomOAuth2PasswordRequestForm = Depends(),
db: AsyncSession = Depends(db_getter),
) -> Union[JSONResponse, Dict]:
"""
用户登录
参数:
- request (Request): FastAPI请求对象
- login_form (CustomOAuth2PasswordRequestForm): 登录表单数据
- db (AsyncSession): 数据库会话对象
返回:
- JWTOutSchema: 包含访问令牌和刷新令牌的响应模型
异常:
- CustomException: 认证失败时抛出异常。
"""
login_token = await LoginService.authenticate_user_service(request=request, redis=redis, login_form=login_form, db=db)
log.info(f"用户{login_form.username}登录成功")
# 如果是文档请求,则不记录日志:http://localhost:8000/api/v1/docs
if settings.DOCS_URL in request.headers.get("referer", ""):
return login_token.model_dump()
return SuccessResponse(data=login_token.model_dump(), msg="登录成功")
@AuthRouter.post("/token/refresh", summary="刷新token", description="刷新token", response_model=JWTOutSchema, dependencies=[Depends(get_current_user)])
async def get_new_token_controller(
request: Request,
payload: RefreshTokenPayloadSchema,
db: AsyncSession = Depends(db_getter),
redis: Redis = Depends(redis_getter)
) -> JSONResponse:
"""
刷新token
参数:
- request (Request): FastAPI请求对象
- payload (RefreshTokenPayloadSchema): 刷新令牌负载模型
返回:
- JWTOutSchema: 包含新的访问令牌和刷新令牌的响应模型
异常:
- CustomException: 刷新令牌失败时抛出异常。
"""
# 解析当前的访问Token以获取用户名
new_token = await LoginService.refresh_token_service(db=db, request=request, redis=redis, refresh_token=payload)
token_dict = new_token.model_dump()
log.info(f"刷新token成功: {token_dict}")
return SuccessResponse(data=token_dict, msg="刷新成功")
@AuthRouter.get("/captcha/get", summary="获取验证码", description="获取登录验证码", response_model=CaptchaOutSchema)
async def get_captcha_for_login_controller(
redis: Redis = Depends(redis_getter)
) -> JSONResponse:
"""
获取登录验证码
参数:
- redis (Redis): Redis客户端对象
返回:
- CaptchaOutSchema: 包含验证码图片和key的响应模型
异常:
- CustomException: 获取验证码失败时抛出异常。
"""
# 获取验证码
captcha = await CaptchaService.get_captcha_service(redis=redis)
log.info(f"获取验证码成功")
return SuccessResponse(data=captcha, msg="获取验证码成功")
@AuthRouter.post('/logout', summary="退出登录", description="退出登录", dependencies=[Depends(get_current_user)])
async def logout_controller(
payload: LogoutPayloadSchema,
redis: Redis = Depends(redis_getter)
) -> JSONResponse:
"""
退出登录
参数:
- payload (LogoutPayloadSchema): 退出登录负载模型
- redis (Redis): Redis客户端对象
返回:
- JSONResponse: 包含退出登录结果的响应模型
异常:
- CustomException: 退出登录失败时抛出异常。
"""
if await LoginService.logout_service(redis=redis, token=payload):
log.info('退出成功')
return SuccessResponse(msg='退出成功')
return ErrorResponse(msg='退出失败')

61
后端源码/yifan.action-ai.cn/app/api/v1/module_system/auth/schema.py Normal file
View File

@@ -0,0 +1,61 @@
# -*- coding: utf-8 -*-
from datetime import datetime
from pydantic import ConfigDict, Field, BaseModel, model_validator
from sqlalchemy.ext.asyncio import AsyncSession
from ..user.model import UserModel
class AuthSchema(BaseModel):
"""权限认证模型"""
model_config = ConfigDict(arbitrary_types_allowed=True)
user: UserModel | None = Field(default=None, description='用户信息')
check_data_scope: bool = Field(default=True, description='是否检查数据权限')
db: AsyncSession = Field(description='数据库会话')
class JWTPayloadSchema(BaseModel):
"""JWT载荷模型"""
sub: str = Field(..., description='用户登录信息')
is_refresh: bool = Field(default=False, description='是否刷新token')
exp: datetime | int = Field(..., description='过期时间')
@model_validator(mode='after')
def validate_fields(self):
if not self.sub or len(self.sub.strip()) == 0:
raise ValueError("会话编号不能为空")
return self
class JWTOutSchema(BaseModel):
"""JWT响应模型"""
model_config = ConfigDict(from_attributes=True)
access_token: str = Field(..., min_length=1, description='访问token')
refresh_token: str = Field(..., min_length=1, description='刷新token')
token_type: str = Field(default='Bearer', description='token类型')
expires_in: int = Field(..., gt=0, description='过期时间(秒)')
class RefreshTokenPayloadSchema(BaseModel):
"""刷新Token载荷模型"""
refresh_token: str = Field(..., min_length=1, description='刷新token')
class LogoutPayloadSchema(BaseModel):
"""退出登录载荷模型"""
token: str = Field(..., min_length=1, description='token')
class CaptchaOutSchema(BaseModel):
"""验证码响应模型"""
model_config = ConfigDict(from_attributes=True)
enable: bool = Field(default=True, description='是否启用验证码')
key: str = Field(..., min_length=1, description='验证码唯一标识')
img_base: str = Field(..., min_length=1, description='Base64编码的验证码图片')

377
后端源码/yifan.action-ai.cn/app/api/v1/module_system/auth/service.py Normal file
View File

@@ -0,0 +1,377 @@
# -*- coding: utf-8 -*-
import json
import uuid
from typing import NewType
from fastapi import Request
from redis.asyncio.client import Redis
from sqlalchemy.ext.asyncio import AsyncSession
from datetime import datetime, timedelta
from user_agents import parse
from app.common.enums import RedisInitKeyConfig
from app.utils.common_util import get_random_character
from app.utils.captcha_util import CaptchaUtil
from app.utils.ip_local_util import IpLocalUtil
from app.utils.hash_bcrpy_util import PwdUtil
from app.core.redis_crud import RedisCURD
from app.core.exceptions import CustomException
from app.core.logger import log
from app.config.setting import settings
from app.core.security import (
CustomOAuth2PasswordRequestForm,
create_access_token,
decode_access_token
)
from app.api.v1.module_monitor.online.schema import OnlineOutSchema
from ..user.crud import UserCRUD
from ..user.model import UserModel
from .schema import (
JWTPayloadSchema,
JWTOutSchema,
AuthSchema,
CaptchaOutSchema,
LogoutPayloadSchema,
RefreshTokenPayloadSchema
)
CaptchaKey = NewType('CaptchaKey', str)
CaptchaBase64 = NewType('CaptchaBase64', str)
class LoginService:
"""登录认证服务"""
@classmethod
async def authenticate_user_service(cls, request: Request, redis: Redis, login_form: CustomOAuth2PasswordRequestForm, db: AsyncSession) -> JWTOutSchema:
"""
用户认证
参数:
- request (Request): FastAPI请求对象
- login_form (CustomOAuth2PasswordRequestForm): 登录表单数据
- db (AsyncSession): 数据库会话对象
返回:
- JWTOutSchema: 包含访问令牌和刷新令牌的响应模型
异常:
- CustomException: 认证失败时抛出异常。
"""
# 判断是否来自API文档
referer = request.headers.get('referer', '')
request_from_docs = referer.endswith(('docs', 'redoc'))
# 验证码校验
if settings.CAPTCHA_ENABLE and not request_from_docs:
if not login_form.captcha_key or not login_form.captcha:
raise CustomException(msg="验证码不能为空")
await CaptchaService.check_captcha_service(redis=redis, key=login_form.captcha_key, captcha=login_form.captcha)
# 用户认证
auth = AuthSchema(db=db)
user = await UserCRUD(auth).get_by_username_crud(username=login_form.username)
if not user:
raise CustomException(msg="用户不存在")
if not PwdUtil.verify_password(plain_password=login_form.password, password_hash=user.password):
raise CustomException(msg="账号或密码错误")
if not user.status:
raise CustomException(msg="用户已被停用")
# 更新最后登录时间
user = await UserCRUD(auth).update_last_login_crud(id=user.id)
if not user:
raise CustomException(msg="用户不存在")
if not login_form.login_type:
raise CustomException(msg="登录类型不能为空")
# 创建token
token = await cls.create_token_service(request=request, redis=redis, user=user, login_type=login_form.login_type)
return token
@classmethod
async def create_token_service(cls, request: Request, redis: Redis, user: UserModel, login_type: str) -> JWTOutSchema:
"""
创建访问令牌和刷新令牌
参数:
- request (Request): FastAPI请求对象
- redis (Redis): Redis客户端对象
- user (UserModel): 用户模型对象
- login_type (str): 登录类型
返回:
- JWTOutSchema: 包含访问令牌和刷新令牌的响应模型
异常:
- CustomException: 创建令牌失败时抛出异常。
"""
# 生成会话编号
session_id = str(uuid.uuid4())
request.scope["session_id"] = session_id
user_agent = parse(request.headers.get("user-agent"))
request_ip = None
x_forwarded_for = request.headers.get('X-Forwarded-For')
if x_forwarded_for:
# 取第一个 IP 地址,通常为客户端真实 IP
request_ip = x_forwarded_for.split(',')[0].strip()
else:
# 若没有 X-Forwarded-For 头,则使用 request.client.host
if request.client:
request_ip = request.client.host
else:
request_ip = "127.0.0.1"
login_location = await IpLocalUtil.get_ip_location(request_ip)
request.scope["login_location"] = login_location
# 确保在请求上下文中设置用户名和会话ID
request.scope["user_username"] = user.username
access_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
refresh_expires = timedelta(minutes=settings.REFRESH_TOKEN_EXPIRE_MINUTES)
now = datetime.now()
# 记录租户信息到日志
log.info(f"用户ID: {user.id}, 用户名: {user.username} 正在生成JWT令牌")
# 生成会话信息
session_info=OnlineOutSchema(
session_id=session_id,
user_id=user.id,
name=user.name,
user_name=user.username,
ipaddr=request_ip,
login_location=login_location,
os=user_agent.os.family,
browser = user_agent.browser.family,
login_time=user.last_login,
login_type=login_type
).model_dump_json()
access_token = create_access_token(payload=JWTPayloadSchema(
sub=session_info,
is_refresh=False,
exp=now + access_expires,
))
refresh_token = create_access_token(payload=JWTPayloadSchema(
sub=session_info,
is_refresh=True,
exp=now + refresh_expires,
))
# 设置新的token
await RedisCURD(redis).set(
key=f'{RedisInitKeyConfig.ACCESS_TOKEN.key}:{session_id}',
value=access_token,
expire=int(access_expires.total_seconds())
)
await RedisCURD(redis).set(
key=f'{RedisInitKeyConfig.REFRESH_TOKEN.key}:{session_id}',
value=refresh_token,
expire=int(refresh_expires.total_seconds())
)
return JWTOutSchema(
access_token=access_token,
refresh_token=refresh_token,
expires_in=int(access_expires.total_seconds()),
token_type=settings.TOKEN_TYPE
)
@classmethod
async def refresh_token_service(cls, db: AsyncSession, redis: Redis, request: Request, refresh_token: RefreshTokenPayloadSchema) -> JWTOutSchema:
"""
刷新访问令牌
参数:
- db (AsyncSession): 数据库会话对象
- redis (Redis): Redis客户端对象
- request (Request): FastAPI请求对象
- refresh_token (RefreshTokenPayloadSchema): 刷新令牌数据
返回:
- JWTOutSchema: 新的令牌对象
异常:
- CustomException: 刷新令牌无效时抛出异常
"""
token_payload: JWTPayloadSchema = decode_access_token(token = refresh_token.refresh_token)
if not token_payload.is_refresh:
raise CustomException(msg="非法凭证,请传入刷新令牌")
# 去 Redis 查完整信息
session_info = json.loads(token_payload.sub)
session_id = session_info.get("session_id")
user_id = session_info.get("user_id")
if not session_id or not user_id:
raise CustomException(msg="非法凭证,无法获取会话编号或用户ID")
# 用户认证
auth = AuthSchema(db=db)
user = await UserCRUD(auth).get_by_id_crud(id=user_id)
if not user:
raise CustomException(msg="刷新token失败用户不存在")
# 记录刷新令牌时的租户信息
log.info(f"用户ID: {user.id}, 用户名: {user.username} 正在刷新JWT令牌")
# 设置新的 token
access_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
refresh_expires = timedelta(minutes=settings.REFRESH_TOKEN_EXPIRE_MINUTES)
now = datetime.now()
session_info_json = json.dumps(session_info)
access_token = create_access_token(payload=JWTPayloadSchema(
sub=session_info_json,
is_refresh=False,
exp=now + access_expires
))
refresh_token_new = create_access_token(payload=JWTPayloadSchema(
sub=session_info_json,
is_refresh=True,
exp=now + refresh_expires
))
# 覆盖写入 Redis
await RedisCURD(redis).set(
key=f'{RedisInitKeyConfig.ACCESS_TOKEN.key}:{session_id}',
value=access_token,
expire=int(access_expires.total_seconds())
)
await RedisCURD(redis).set(
key=f'{RedisInitKeyConfig.REFRESH_TOKEN.key}:{session_id}',
value=refresh_token_new,
expire=int(refresh_expires.total_seconds())
)
return JWTOutSchema(
access_token=access_token,
refresh_token=refresh_token_new,
token_type=settings.TOKEN_TYPE,
expires_in=int(access_expires.total_seconds())
)
@classmethod
async def logout_service(cls, redis: Redis, token: LogoutPayloadSchema) -> bool:
"""
退出登录
参数:
- redis (Redis): Redis客户端对象
- token (LogoutPayloadSchema): 退出登录令牌数据
返回:
- bool: 退出成功返回True
异常:
- CustomException: 令牌无效时抛出异常
"""
payload: JWTPayloadSchema = decode_access_token(token=token.token)
session_info = json.loads(payload.sub)
session_id = session_info.get("session_id")
if not session_id:
raise CustomException(msg="非法凭证,无法获取会话编号")
# 删除Redis中的在线用户、访问令牌、刷新令牌
await RedisCURD(redis).delete(f"{RedisInitKeyConfig.ACCESS_TOKEN.key}:{session_id}")
await RedisCURD(redis).delete(f"{RedisInitKeyConfig.REFRESH_TOKEN.key}:{session_id}")
log.info(f"用户退出登录成功,会话编号:{session_id}")
return True
class CaptchaService:
"""验证码服务"""
@classmethod
async def get_captcha_service(cls, redis: Redis) -> dict[str, CaptchaKey | CaptchaBase64]:
"""
获取验证码
参数:
- redis (Redis): Redis客户端对象
返回:
- dict[str, CaptchaKey | CaptchaBase64]: 包含验证码key和base64图片的字典
异常:
- CustomException: 验证码服务未启用时抛出异常
"""
if not settings.CAPTCHA_ENABLE:
raise CustomException(msg="未开启验证码服务")
# 生成验证码图片和值
captcha_base64, captcha_value = CaptchaUtil.captcha_arithmetic()
captcha_key = get_random_character()
# 保存到Redis并设置过期时间
redis_key = f"{RedisInitKeyConfig.CAPTCHA_CODES.key}:{captcha_key}"
await RedisCURD(redis).set(
key=redis_key,
value=captcha_value,
expire=settings.CAPTCHA_EXPIRE_SECONDS
)
log.info(f"生成验证码成功,验证码:{captcha_value}")
# 返回验证码信息
return CaptchaOutSchema(
enable=settings.CAPTCHA_ENABLE,
key=CaptchaKey(captcha_key),
img_base=CaptchaBase64(f"data:image/png;base64,{captcha_base64}")
).model_dump()
@classmethod
async def check_captcha_service(cls, redis: Redis, key: str, captcha: str) -> bool:
"""
校验验证码
参数:
- redis (Redis): Redis客户端对象
- key (str): 验证码key
- captcha (str): 用户输入的验证码
返回:
- bool: 验证通过返回True
异常:
- CustomException: 验证码无效或错误时抛出异常
"""
if not captcha:
raise CustomException(msg="验证码不能为空")
# 获取Redis中存储的验证码
redis_key = f'{RedisInitKeyConfig.CAPTCHA_CODES.key}:{key}'
captcha_value = await RedisCURD(redis).get(redis_key)
if not captcha_value:
log.error('验证码已过期或不存在')
raise CustomException(msg="验证码已过期")
# 验证码不区分大小写比对
if captcha.lower() != captcha_value.lower():
log.error(f'验证码错误,用户输入:{captcha},正确值:{captcha_value}')
raise CustomException(msg="验证码错误")
# 验证成功后删除验证码,避免重复使用
await RedisCURD(redis).delete(redis_key)
log.info(f'验证码校验成功,key:{key}')
return True