rag-gateway
blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
tmp
zhaoqingang
2025-01-15 9f116ea7e8f7d53a22b4dce10de942d564818a01 
 app/service/auth.py


@@ -1,6 +1,10 @@


import os.path


import re


import uuid


import base64


from datetime import datetime, timedelta


from typing import Type


from uuid import uuid4




from jwt import encode, decode, exceptions


from passlib.context import CryptContext


@@ -9,8 +13,16 @@




from Log import logger


from app.config.config import settings


from app.models import RoleModel, GroupModel


from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, APP_SERVICE_PATH


from app.models import RoleModel, GroupModel, TokenModel


from app.models.user_model import UserModel, UserAppModel


# from app.service.ragflow import RagflowService


# from app.service.service_token import get_new_token


from app.service.v2.app_register import AppRegisterDao




from cryptography.hazmat.backends import default_backend


from cryptography.hazmat.primitives import serialization


from cryptography.hazmat.primitives.asymmetric import padding




SECRET_KEY = settings.secret_key


ALGORITHM = "HS256"


@@ -28,7 +40,7 @@






def authenticate_user(db, username: str, password: str):


    user = db.query(UserModel).filter(UserModel.username == username).first()


    user = db.query(UserModel).filter(UserModel.username == username, UserModel.status != USER_STATSU_DELETE).first()


    if not user:


        return False


    if not verify_password(password, user.hashed_password):


@@ -56,7 +68,7 @@






def is_valid_password(password: str) -> bool:


    if len(password) <= 8:


    if len(password) < 8:


        return False


    has_digit = re.search(r'[0-9]', password)


    has_letter = re.search(r'[A-Za-z]', password)


@@ -65,30 +77,29 @@


    return has_digit is not None and has_letter is not None






async def save_register_user(db, username, password, email, register_dict):


async def save_register_user(db, username, password, email, app_password, register_dict):


    user_id = ""


    sync_flag = str(uuid.uuid4())


    try:


        hashed_password = pwd_context.hash(password)


        db_user = UserModel(username=username, hashed_password=hashed_password, email=email)


        pwd = db_user.encrypted_password(password)


        db_user.password = pwd


        db_user = UserModel(username=username, hashed_password=hashed_password, email=email, sync_flag=sync_flag)


        # pwd = db_user.encrypted_password(app_password)


        # db_user.password = pwd


        db_user.roles = [db.query(RoleModel).filter(RoleModel.role_type == 2).first()]


        db_user.groups = [db.query(GroupModel).filter(GroupModel.group_type == 2).first()]


        db.add(db_user)


        db.commit()


        db.refresh(db_user)


        '''


        user_id = db_user.id


        for k, v in register_dict.items():


            await UserAppDao(db).update_and_insert_data(v.get("name"), pwd, v.get("email"), user_id, str(v.get("id")), k)




        '''


    except Exception as e:


        logger.error(e)


        # db.roolback()


        if user_id:


            db.query(UserModel).filter(UserModel.id == user_id).delete()


            db.commit


        db.rollback()


        return False


    return True


    return sync_flag






async def update_user_token(db, user_id, token_dict):


@@ -102,6 +113,40 @@


        return False


    return True






async def update_user_info(db, user_id):


    app_register = AppRegisterDao(db).get_apps()


    register_dict = {}


    user = db.query(UserModel).filter(UserModel.id==user_id).first()


    for app in app_register:


        if app["id"] == RAGFLOW:


            register_dict[app['id']] = {"id": user.ragflow_id, "name": user.username, "email": f"{user.username}@example.com"}


        elif app["id"] == BISHENG:


            register_dict[app['id']] = {"id": user.bisheng_id, "name": user.username, "email": ""}


        elif app["id"] == DIFY:


            register_dict[app['id']] = {"id": "", "name": user.username, "email": ""}


        else:


            logger.error("未知注册应用---")


            continue




        try:


            for k, v in register_dict.items():


                await UserAppDao(db).update_and_insert_data(v.get("name"), user.password, v.get("email"), user_id,


                                                            str(v.get("id")), k)


        except Exception as e:


            logger.error(e)




    # 存储用户信息


    # hashed_password = pwd_context.hash(user.password)


    # db_user = UserModel(username=user.username, hashed_password=hashed_password, email=user.email)


    # db_user.password = db_user.encrypted_password(user.password)


    # for k, v in register_dict.items():


    #     setattr(db_user, k.replace("app", "id"), v)


    # db.add(db_user)


    # db.commit()


    # db.refresh(db_user)




    # is_sava = await save_register_user(db, user.username, user.password, user.email, register_dict)




class UserAppDao:


    def __init__(self, db: Session):


@@ -153,3 +198,27 @@




    async def get_user_datas(self, user_id: int):


        return self.db.query(UserAppModel).filter_by(user_id=user_id).all()






async def password_rsa(password):


    with open(os.path.join(APP_SERVICE_PATH, "pom/private_key.pem"), "rb") as key_file:


        private_key = serialization.load_pem_private_key(


            key_file.read(),


            password=None,  # 如果私钥加密,请提供密码


            backend=default_backend()


        )


        # Base64 解码


        try:


            # 解密消息


            ciphertext = base64.b64decode(password)


            # 使用 PKCS#1 v1.5 填充解密


            plaintext = private_key.decrypt(


                ciphertext,


                padding.PKCS1v15()  # 改为 PKCS#1 v1.5 填充


            )


            return  plaintext.decode()


        except Exception as e:


            print(e)


            return ""