rag-gateway
blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
zhaoqingang
2025-04-01 b2e47e75a231baf5a7beca476256ab3d94e76c46 
 app/service/auth.py


@@ -1,14 +1,28 @@


import os.path


import re


import uuid


import base64


from datetime import datetime, timedelta


from typing import Type




from jwt import encode, decode, exceptions


from passlib.context import CryptContext


from fastapi import HTTPException, status


from sqlalchemy.orm import Session




from Log import logger


from app.config.config import settings


from app.models.user_model import UserModel


from app.config.const import USER_STATSU_DELETE, APP_SERVICE_PATH


from app.models import RoleModel, GroupModel, TokenModel


from app.models.user_model import UserModel, UserAppModel




from cryptography.hazmat.backends import default_backend


from cryptography.hazmat.primitives import serialization


from cryptography.hazmat.primitives.asymmetric import padding




SECRET_KEY = settings.secret_key


ALGORITHM = "HS256"


ACCESS_TOKEN_EXPIRE_MINUTES = 3000


ACCESS_TOKEN_EXPIRE_MINUTES = 24*60




pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")




@@ -22,7 +36,7 @@






def authenticate_user(db, username: str, password: str):


    user = db.query(UserModel).filter(UserModel.username == username).first()


    user = db.query(UserModel).filter(UserModel.username == username, UserModel.status != USER_STATSU_DELETE).first()


    if not user:


        return False


    if not verify_password(password, user.hashed_password):


@@ -47,3 +61,162 @@


        return payload


    except exceptions.DecodeError:


        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials")






def is_valid_password(password: str) -> bool:


    if len(password) < 8:


        return False


    has_digit = re.search(r'[0-9]', password)


    has_letter = re.search(r'[A-Za-z]', password)




    # 如果密码包含数字和字母,则返回True,否则返回None


    return has_digit is not None and has_letter is not None






async def save_register_user(db, username, password, email, app_password, register_dict):


    user_id = ""


    sync_flag = str(uuid.uuid4())


    try:


        hashed_password = pwd_context.hash(password)


        db_user = UserModel(username=username, hashed_password=hashed_password, email=email, sync_flag=sync_flag)


        # pwd = db_user.encrypted_password(app_password)


        # db_user.password = pwd


        db_user.roles = [db.query(RoleModel).filter(RoleModel.role_type == 2).first()]


        db_user.groups = [db.query(GroupModel).filter(GroupModel.group_type == 2).first()]


        db.add(db_user)


        db.commit()


        db.refresh(db_user)


        '''


        user_id = db_user.id


        for k, v in register_dict.items():


            await UserAppDao(db).update_and_insert_data(v.get("name"), pwd, v.get("email"), user_id, str(v.get("id")), k)


        '''


    except Exception as e:


        logger.error(e)


        db.rollback()


        return False


    return sync_flag






async def update_user_token(db, user_id, token_dict):


    try:


        for k, v in token_dict.items():


            await UserAppDao(db).update_user_app_data({"user_id": user_id, "app_type": k},


                                                      {"access_token": v, "token_at": datetime.now()})




    except Exception as e:


        logger.error(e)


        return False


    return True




"""


async def update_user_info(db, user_id):


    app_register = AppRegisterDao(db).get_apps()


    register_dict = {}


    user = db.query(UserModel).filter(UserModel.id==user_id).first()


    for app in app_register:


        if app["id"] == RAGFLOW:


            register_dict[app['id']] = {"id": user.ragflow_id, "name": user.username, "email": f"{user.username}@example.com"}


        elif app["id"] == BISHENG:


            register_dict[app['id']] = {"id": user.bisheng_id, "name": user.username, "email": ""}


        elif app["id"] == DIFY:


            register_dict[app['id']] = {"id": "", "name": user.username, "email": ""}


        else:


            logger.error("未知注册应用---")


            continue




        try:


            for k, v in register_dict.items():


                await UserAppDao(db).update_and_insert_data(v.get("name"), user.password, v.get("email"), user_id,


                                                            str(v.get("id")), k)


        except Exception as e:


            logger.error(e)




    # 存储用户信息


    # hashed_password = pwd_context.hash(user.password)


    # db_user = UserModel(username=user.username, hashed_password=hashed_password, email=user.email)


    # db_user.password = db_user.encrypted_password(user.password)


    # for k, v in register_dict.items():


    #     setattr(db_user, k.replace("app", "id"), v)


    # db.add(db_user)


    # db.commit()


    # db.refresh(db_user)




    # is_sava = await save_register_user(db, user.username, user.password, user.email, register_dict)


"""






class UserAppDao:


    def __init__(self, db: Session):


        self.db = db




    async def get_data_by_id(self, user_id: int, app_type: int) -> Type[UserAppModel] | None:


        session = self.db.query(UserAppModel).filter_by(user_id=user_id, app_type=app_type).first()


        return session




    async def update_user_app_data(self, query: dict, update_data: dict):




        logger.error("更新数据df update_app_data---------------------------")


        try:


            self.db.query(UserAppModel).filter_by(**query).update(update_data)


            self.db.commit()


        except Exception as e:


            logger.error(e)


            self.db.rollback()


            raise Exception("更新失败!")




    async def insert_user_app_data(self, username: str, password: str, email: str, user_id: int, app_id: str,


                                   app_type: int):


        logger.error("新增数据df insert_user_app_data---------------------------")


        new_session = UserAppModel(


            username=username,


            password=password,


            email=email,


            user_id=user_id,


            app_id=app_id,


            app_type=app_type,


        )


        self.db.add(new_session)


        self.db.commit()


        self.db.refresh(new_session)


        return new_session




    async def update_and_insert_data(self, username: str, password: str, email: str, user_id: int, app_id: str,


                                     app_type: int):




        logger.error("更新或者添加数据 update_and_insert_token---------------------------")


        token_boj = await self.get_data_by_id(user_id, app_type)


        if token_boj:


            await self.update_user_app_data({"id": token_boj.id}, {"username": username,


                                                                   "password": password, "email": email,


                                                                   "updated_at": datetime.now(),


                                                                   })


        else:


            await self.insert_user_app_data(username, password, email, user_id, app_id, app_type)




    async def get_user_datas(self, user_id: int):


        return self.db.query(UserAppModel).filter_by(user_id=user_id).all()






async def password_rsa(password):


    with open(os.path.join(APP_SERVICE_PATH, "pom/private_key.pem"), "rb") as key_file:


        private_key = serialization.load_pem_private_key(


            key_file.read(),


            password=None,  # 如果私钥加密,请提供密码


            backend=default_backend()


        )


        # Base64 解码


        try:


            # 解密消息


            ciphertext = base64.b64decode(password)


            # 使用 PKCS#1 v1.5 填充解密


            plaintext = private_key.decrypt(


                ciphertext,


                padding.PKCS1v15()  # 改为 PKCS#1 v1.5 填充


            )


            return  plaintext.decode()


        except Exception as e:


            print(e)


            return ""