rag-gateway
blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
tmp
zhaoqingang
2025-01-15 9f116ea7e8f7d53a22b4dce10de942d564818a01 
 app/service/auth.py


@@ -1,10 +1,28 @@


import os.path


import re


import uuid


import base64


from datetime import datetime, timedelta


from typing import Type


from uuid import uuid4




from jwt import encode, decode, exceptions


from passlib.context import CryptContext


from fastapi import HTTPException, status


from sqlalchemy.orm import Session




from Log import logger


from app.config.config import settings


from app.models.user_model import UserModel


from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, APP_SERVICE_PATH


from app.models import RoleModel, GroupModel, TokenModel


from app.models.user_model import UserModel, UserAppModel


# from app.service.ragflow import RagflowService


# from app.service.service_token import get_new_token


from app.service.v2.app_register import AppRegisterDao




from cryptography.hazmat.backends import default_backend


from cryptography.hazmat.primitives import serialization


from cryptography.hazmat.primitives.asymmetric import padding




SECRET_KEY = settings.secret_key


ALGORITHM = "HS256"


@@ -22,7 +40,7 @@






def authenticate_user(db, username: str, password: str):


    user = db.query(UserModel).filter(UserModel.username == username).first()


    user = db.query(UserModel).filter(UserModel.username == username, UserModel.status != USER_STATSU_DELETE).first()


    if not user:


        return False


    if not verify_password(password, user.hashed_password):


@@ -47,3 +65,160 @@


        return payload


    except exceptions.DecodeError:


        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials")






def is_valid_password(password: str) -> bool:


    if len(password) < 8:


        return False


    has_digit = re.search(r'[0-9]', password)


    has_letter = re.search(r'[A-Za-z]', password)




    # 如果密码包含数字和字母,则返回True,否则返回None


    return has_digit is not None and has_letter is not None






async def save_register_user(db, username, password, email, app_password, register_dict):


    user_id = ""


    sync_flag = str(uuid.uuid4())


    try:


        hashed_password = pwd_context.hash(password)


        db_user = UserModel(username=username, hashed_password=hashed_password, email=email, sync_flag=sync_flag)


        # pwd = db_user.encrypted_password(app_password)


        # db_user.password = pwd


        db_user.roles = [db.query(RoleModel).filter(RoleModel.role_type == 2).first()]


        db_user.groups = [db.query(GroupModel).filter(GroupModel.group_type == 2).first()]


        db.add(db_user)


        db.commit()


        db.refresh(db_user)


        '''


        user_id = db_user.id


        for k, v in register_dict.items():


            await UserAppDao(db).update_and_insert_data(v.get("name"), pwd, v.get("email"), user_id, str(v.get("id")), k)


        '''


    except Exception as e:


        logger.error(e)


        db.rollback()


        return False


    return sync_flag






async def update_user_token(db, user_id, token_dict):


    try:


        for k, v in token_dict.items():


            await UserAppDao(db).update_user_app_data({"user_id": user_id, "app_type": k},


                                                      {"access_token": v, "token_at": datetime.now()})




    except Exception as e:


        logger.error(e)


        return False


    return True






async def update_user_info(db, user_id):


    app_register = AppRegisterDao(db).get_apps()


    register_dict = {}


    user = db.query(UserModel).filter(UserModel.id==user_id).first()


    for app in app_register:


        if app["id"] == RAGFLOW:


            register_dict[app['id']] = {"id": user.ragflow_id, "name": user.username, "email": f"{user.username}@example.com"}


        elif app["id"] == BISHENG:


            register_dict[app['id']] = {"id": user.bisheng_id, "name": user.username, "email": ""}


        elif app["id"] == DIFY:


            register_dict[app['id']] = {"id": "", "name": user.username, "email": ""}


        else:


            logger.error("未知注册应用---")


            continue




        try:


            for k, v in register_dict.items():


                await UserAppDao(db).update_and_insert_data(v.get("name"), user.password, v.get("email"), user_id,


                                                            str(v.get("id")), k)


        except Exception as e:


            logger.error(e)




    # 存储用户信息


    # hashed_password = pwd_context.hash(user.password)


    # db_user = UserModel(username=user.username, hashed_password=hashed_password, email=user.email)


    # db_user.password = db_user.encrypted_password(user.password)


    # for k, v in register_dict.items():


    #     setattr(db_user, k.replace("app", "id"), v)


    # db.add(db_user)


    # db.commit()


    # db.refresh(db_user)




    # is_sava = await save_register_user(db, user.username, user.password, user.email, register_dict)




class UserAppDao:


    def __init__(self, db: Session):


        self.db = db




    async def get_data_by_id(self, user_id: int, app_type: int) -> Type[UserAppModel] | None:


        session = self.db.query(UserAppModel).filter_by(user_id=user_id, app_type=app_type).first()


        return session




    async def update_user_app_data(self, query: dict, update_data: dict):




        logger.error("更新数据df update_app_data---------------------------")


        try:


            self.db.query(UserAppModel).filter_by(**query).update(update_data)


            self.db.commit()


        except Exception as e:


            logger.error(e)


            self.db.rollback()


            raise Exception("更新失败!")




    async def insert_user_app_data(self, username: str, password: str, email: str, user_id: int, app_id: str,


                                   app_type: int):


        logger.error("新增数据df insert_user_app_data---------------------------")


        new_session = UserAppModel(


            username=username,


            password=password,


            email=email,


            user_id=user_id,


            app_id=app_id,


            app_type=app_type,


        )


        self.db.add(new_session)


        self.db.commit()


        self.db.refresh(new_session)


        return new_session




    async def update_and_insert_data(self, username: str, password: str, email: str, user_id: int, app_id: str,


                                     app_type: int):




        logger.error("更新或者添加数据 update_and_insert_token---------------------------")


        token_boj = await self.get_data_by_id(user_id, app_type)


        if token_boj:


            await self.update_user_app_data({"id": token_boj.id}, {"username": username,


                                                                   "password": password, "email": email,


                                                                   "updated_at": datetime.now(),


                                                                   })


        else:


            await self.insert_user_app_data(username, password, email, user_id, app_id, app_type)




    async def get_user_datas(self, user_id: int):


        return self.db.query(UserAppModel).filter_by(user_id=user_id).all()






async def password_rsa(password):


    with open(os.path.join(APP_SERVICE_PATH, "pom/private_key.pem"), "rb") as key_file:


        private_key = serialization.load_pem_private_key(


            key_file.read(),


            password=None,  # 如果私钥加密,请提供密码


            backend=default_backend()


        )


        # Base64 解码


        try:


            # 解密消息


            ciphertext = base64.b64decode(password)


            # 使用 PKCS#1 v1.5 填充解密


            plaintext = private_key.decrypt(


                ciphertext,


                padding.PKCS1v15()  # 改为 PKCS#1 v1.5 填充


            )


            return  plaintext.decode()


        except Exception as e:


            print(e)


            return ""