rag-gateway
blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
xuyonghao
2025-02-10 2ab8a0e98c782a55c69a22d4b49bf294b8cfc2d9 
 app/service/auth.py


@@ -1,6 +1,10 @@


import os.path


import re


import uuid


import base64


from datetime import datetime, timedelta


from typing import Type


from uuid import uuid4




from jwt import encode, decode, exceptions


from passlib.context import CryptContext


@@ -9,10 +13,16 @@




from Log import logger


from app.config.config import settings


from app.config.const import RAGFLOW, BISHENG, DIFY


from app.models import RoleModel, GroupModel


from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, APP_SERVICE_PATH


from app.models import RoleModel, GroupModel, TokenModel


from app.models.user_model import UserModel, UserAppModel


# from app.service.ragflow import RagflowService


# from app.service.service_token import get_new_token


from app.service.v2.app_register import AppRegisterDao




from cryptography.hazmat.backends import default_backend


from cryptography.hazmat.primitives import serialization


from cryptography.hazmat.primitives.asymmetric import padding




SECRET_KEY = settings.secret_key


ALGORITHM = "HS256"


@@ -30,7 +40,7 @@






def authenticate_user(db, username: str, password: str):


    user = db.query(UserModel).filter(UserModel.username == username).first()


    user = db.query(UserModel).filter(UserModel.username == username, UserModel.status != USER_STATSU_DELETE).first()


    if not user:


        return False


    if not verify_password(password, user.hashed_password):


@@ -58,7 +68,7 @@






def is_valid_password(password: str) -> bool:


    if len(password) <= 8:


    if len(password) < 8:


        return False


    has_digit = re.search(r'[0-9]', password)


    has_letter = re.search(r'[A-Za-z]', password)


@@ -67,30 +77,29 @@


    return has_digit is not None and has_letter is not None






async def save_register_user(db, username, password, email, register_dict):


async def save_register_user(db, username, password, email, app_password, register_dict):


    user_id = ""


    sync_flag = str(uuid.uuid4())


    try:


        hashed_password = pwd_context.hash(password)


        db_user = UserModel(username=username, hashed_password=hashed_password, email=email)


        pwd = db_user.encrypted_password(password)


        db_user.password = pwd


        db_user = UserModel(username=username, hashed_password=hashed_password, email=email, sync_flag=sync_flag)


        # pwd = db_user.encrypted_password(app_password)


        # db_user.password = pwd


        db_user.roles = [db.query(RoleModel).filter(RoleModel.role_type == 2).first()]


        db_user.groups = [db.query(GroupModel).filter(GroupModel.group_type == 2).first()]


        db.add(db_user)


        db.commit()


        db.refresh(db_user)


        '''


        user_id = db_user.id


        for k, v in register_dict.items():


            await UserAppDao(db).update_and_insert_data(v.get("name"), pwd, v.get("email"), user_id, str(v.get("id")), k)




        '''


    except Exception as e:


        logger.error(e)


        # db.roolback()


        if user_id:


            db.query(UserModel).filter(UserModel.id == user_id).delete()


            db.commit


        db.rollback()


        return False


    return True


    return sync_flag






async def update_user_token(db, user_id, token_dict):


@@ -137,7 +146,7 @@


    # db.commit()


    # db.refresh(db_user)




    is_sava = await save_register_user(db, user.username, user.password, user.email, register_dict)


    # is_sava = await save_register_user(db, user.username, user.password, user.email, register_dict)




class UserAppDao:


    def __init__(self, db: Session):


@@ -189,3 +198,27 @@




    async def get_user_datas(self, user_id: int):


        return self.db.query(UserAppModel).filter_by(user_id=user_id).all()






async def password_rsa(password):


    with open(os.path.join(APP_SERVICE_PATH, "pom/private_key.pem"), "rb") as key_file:


        private_key = serialization.load_pem_private_key(


            key_file.read(),


            password=None,  # 如果私钥加密,请提供密码


            backend=default_backend()


        )


        # Base64 解码


        try:


            # 解密消息


            ciphertext = base64.b64decode(password)


            # 使用 PKCS#1 v1.5 填充解密


            plaintext = private_key.decrypt(


                ciphertext,


                padding.PKCS1v15()  # 改为 PKCS#1 v1.5 填充


            )


            return  plaintext.decode()


        except Exception as e:


            print(e)


            return ""