rag-gateway.git

parent: 9191081e | 补丁 | 提交 | ignore whitespace

zhaoqingang

2024-12-26 ac9dc50f6b8403c4f4b0918432e11d7268fcadf1

登录过程密码加密

4个文件已修改

3个文件已添加

	app/api/auth.py	6 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	app/config/const.py	1 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	app/models/resource_model.py	1 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	app/service/__init__.py	补丁 \| 查看 \| 原始文档 \| blame \| 历史
	app/service/auth.py	29 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	app/service/pom/__init__.py	补丁 \| 查看 \| 原始文档 \| blame \| 历史
	app/service/pom/private_key.pem	27 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 app/api/auth.py

@@ -7,6 +7,7 @@

from Log import logger
from app.api import Response, pwd_context, get_current_user
from app.api.user import reset_user_pwd
from app.config.config import settings
from app.config.const import RAGFLOW, BISHENG, DIFY
from app.models.app_token_model import AppToken
@@ -16,7 +17,7 @@
from app.models.user import UserCreate, LoginData
from app.models.user_model import UserModel, UserAppModel
from app.service.auth import authenticate_user, create_access_token, is_valid_password, save_register_user, \
    update_user_token, UserAppDao, update_user_info
    update_user_token, UserAppDao, update_user_info, password_rsa
from app.service.bisheng import BishengService
from app.service.service_token import get_new_token, get_token, update_user_group
from app.service.v2.app_register import AppRegisterDao
@@ -106,7 +107,8 @@

@router.post("/v2/login", response_model=Response)
async def login_v2(login_data: LoginData, db: Session = Depends(get_db), pdb: AsyncSession = Depends(get_pdb)):
    user = authenticate_user(db, login_data.username, login_data.password)
    password = await password_rsa(login_data.password)
    user = authenticate_user(db, login_data.username, password)
    if not user:
        return Response(code=400, msg="Incorrect username or password")
    app_register = AppRegisterDao(db).get_apps()

 app/config/const.py

@@ -5,6 +5,7 @@
IMAGE_TO_TEXT = "image_and_text_conversion"
DOCUMENT_IA_QUESTIONS = "document_ia_questions"
ENV_CONF_PATH = "app/config/env_conf"
APP_SERVICE_PATH = "app/service/"

### -----------app register --------------
RAGFLOW = "ragflow_app"

 app/models/resource_model.py

@@ -58,6 +58,7 @@
            'menuName': self.name,
            'menuType': self.resource_type_id,
            'parentId': self.get_pid(),
            'status': self.status,
            'parentName': self.get_pName(),
            'children': [res.to_tree_select_json() for res in self.children if res if res.status != RESOURCE_STATUS_DELETE]
        }

 app/service/__init__.py


 app/service/auth.py

@@ -1,5 +1,7 @@
import os.path
import re
import uuid
import base64
from datetime import datetime, timedelta
from typing import Type
from uuid import uuid4
@@ -11,12 +13,16 @@

from Log import logger
from app.config.config import settings
from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE
from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, APP_SERVICE_PATH
from app.models import RoleModel, GroupModel, TokenModel
from app.models.user_model import UserModel, UserAppModel
# from app.service.ragflow import RagflowService
# from app.service.service_token import get_new_token
from app.service.v2.app_register import AppRegisterDao

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import padding

SECRET_KEY = settings.secret_key
ALGORITHM = "HS256"
@@ -196,6 +202,25 @@
        return self.db.query(UserAppModel).filter_by(user_id=user_id).all()



async def password_rsa(password):
    with open(os.path.join(APP_SERVICE_PATH, "pom/private_key.pem"), "rb") as key_file:
        private_key = serialization.load_pem_private_key(
            key_file.read(),
            password=None,  # 如果私钥加密，请提供密码
            backend=default_backend()
        )
        # Base64 解码
        try:
            # 解密消息
            ciphertext = base64.b64decode(password)
            # 使用 PKCS#1 v1.5 填充解密
            plaintext = private_key.decrypt(
                ciphertext,
                padding.PKCS1v15()  # 改为 PKCS#1 v1.5 填充
            )
            return  plaintext.decode()
        except Exception as e:
            print(e)
            return ""



 app/service/pom/__init__.py


 app/service/pom/private_key.pem

New file
@@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAwJ0feodpQYfSPeeBRlyqlqfs5dtP38LL19kKO3wwdP+vdckt
xXR9Inje9Jcq+nIUJ+Comh3bEh1nsWUDBgtlz4vEqecho9KFaDqkFp3tR/emWJYT
0KLEcBidKUImkumJk0cVBKleww/4R1HDorwE9J2a1Rp9z0DUEU7YuudoaUy5Es1v
ORjDplIZv9bzip7/LANv6GmdtXwk5IpdbfNrkoJgGXlE063uIMkqRyiOo04ofeYp
SjZbP4bvnboxYi23wpIe81uLIsM+4JcFoU6uN0cYs03oYkfjXQdlKTpBpM6lcm+7
xhEz9Y/OR7YorRWB1Qdt7nr3cRmx0uIs/h/T9QIDAQABAoIBAAN62JBwyMuQUYp9
RfDU2iY/0UHVTKXEBWHxPhXjiiOUU4yATo5OnJrtamQ4z4Biq4TUlf1wXyWo8RBY
C1Gif7EjCUdN/CzoqNuHkwZL6hOs60Jr9iWhHy/sts5lRLKHZhtfwz/dj5ncwBVQ
qmGIJQXGdmLnhKYyuZzG/pdZozbNxuPzOHP0LdkETLAqVbROL/lDVNMxlQoicKAK
ir38bxH4ck2IjogJTJKyfl7UzFyxb0fjujYJX4ZsVoJzawdV7jJAbdKilOX/4bl/
WITRyjm5AKTckFsuKbniWhlrgN/ji2J+u0RP5LEIq+VBt2Akdz2E2d2OzLUowxtS
i6MXIbkCgYEA+HIZR1fvtMZCu2Z1NBl9GCuCm2TlaOnHB0jLvan2R062Icih/BRG
wzc/AAhExqWS69r9NA1M/09kwybFOzPY/A3UidrqTx6QkXIIUkk1CRBKrdDqISss
Kzo7lkS9HS46ADkPFGqG9ZnPHEmKvxvWC6vMXI/S2VQIiK0QrdhRkGkCgYEAxnht
rg4OQsP+KNOSe8qkqvKyJK48+vRV6JlDnFqsiWsUHdck+VqhlkkxVe2bH1w92JYt
ACvtQW+mTJsORlixdPWnpqF5i5m/3nKk6zLw8hc4KBq+8rwqAOF6O+yd2MVDUiYB
7Tn05Rvl3/WRq28oKP64MGK/Piz9Njjj3YfPta0CgYACl85DvFs4G8megxc+D/YK
Ron6bTcnvSjinpPhyuBTJjMobxuhseR7LRxvN6bgG+JIq+RwoqLnF0EJ+GGemI/v
MYXCWpKPeNYxbms/0JvJGG5vGfsXlYfEe7sbemQu5cidL/tET0hRT+Wlee8Ex5mY
TZa4cJfWxNXB92xxJAzV4QKBgQDER+nAz2nPIeJEIimmf9ymq+r+V8s7LVWg+aJi
CVLFfL6iXFnWuYlBBhXis2BMfX80qiDLIKY9ptvCuz482A54a1Joex2nsGCO8Lal
XPXplokVMI5TpT+tK1El3nalIUHZBnm1UTIfO532BfkQoJgJIxCp2Z7lML0jWNQS
DPSg6QKBgAR7IMz5wCkdS//PbIS8UOmxXHwwkZgrtAf56+xyvyQiOdcZj/xFolY4
X86xznY0cuDr9o5sWdNXDqcZFOGS4txwCOEyI3VntYReO005nS6vsfDiGqyutlZh
9gAMVA6Hm3UFKvxrjgmpMOAMYqugRx5hFxhjiiaDRScoewx5abHN
-----END RSA PRIVATE KEY-----

			@@ -7,6 +7,7 @@

			from Log import logger
			from app.api import Response, pwd_context, get_current_user
			from app.api.user import reset_user_pwd
			from app.config.config import settings
			from app.config.const import RAGFLOW, BISHENG, DIFY
			from app.models.app_token_model import AppToken
			@@ -16,7 +17,7 @@
			from app.models.user import UserCreate, LoginData
			from app.models.user_model import UserModel, UserAppModel
			from app.service.auth import authenticate_user, create_access_token, is_valid_password, save_register_user, \
			update_user_token, UserAppDao, update_user_info
			update_user_token, UserAppDao, update_user_info, password_rsa
			from app.service.bisheng import BishengService
			from app.service.service_token import get_new_token, get_token, update_user_group
			from app.service.v2.app_register import AppRegisterDao
			@@ -106,7 +107,8 @@

			@router.post("/v2/login", response_model=Response)
			async def login_v2(login_data: LoginData, db: Session = Depends(get_db), pdb: AsyncSession = Depends(get_pdb)):
			user = authenticate_user(db, login_data.username, login_data.password)
			password = await password_rsa(login_data.password)
			user = authenticate_user(db, login_data.username, password)
			if not user:
			return Response(code=400, msg="Incorrect username or password")
			app_register = AppRegisterDao(db).get_apps()

			@@ -5,6 +5,7 @@
			IMAGE_TO_TEXT = "image_and_text_conversion"
			DOCUMENT_IA_QUESTIONS = "document_ia_questions"
			ENV_CONF_PATH = "app/config/env_conf"
			APP_SERVICE_PATH = "app/service/"

			### -----------app register --------------
			RAGFLOW = "ragflow_app"

			@@ -58,6 +58,7 @@
			'menuName': self.name,
			'menuType': self.resource_type_id,
			'parentId': self.get_pid(),
			'status': self.status,
			'parentName': self.get_pName(),
			'children': [res.to_tree_select_json() for res in self.children if res if res.status != RESOURCE_STATUS_DELETE]
			}

			@@ -1,5 +1,7 @@
			import os.path
			import re
			import uuid
			import base64
			from datetime import datetime, timedelta
			from typing import Type
			from uuid import uuid4
			@@ -11,12 +13,16 @@

			from Log import logger
			from app.config.config import settings
			from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE
			from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, APP_SERVICE_PATH
			from app.models import RoleModel, GroupModel, TokenModel
			from app.models.user_model import UserModel, UserAppModel
			# from app.service.ragflow import RagflowService
			# from app.service.service_token import get_new_token
			from app.service.v2.app_register import AppRegisterDao

			from cryptography.hazmat.backends import default_backend
			from cryptography.hazmat.primitives import serialization
			from cryptography.hazmat.primitives.asymmetric import padding

			SECRET_KEY = settings.secret_key
			ALGORITHM = "HS256"
			@@ -196,6 +202,25 @@
			return self.db.query(UserAppModel).filter_by(user_id=user_id).all()



			async def password_rsa(password):
			with open(os.path.join(APP_SERVICE_PATH, "pom/private_key.pem"), "rb") as key_file:
			private_key = serialization.load_pem_private_key(
			key_file.read(),
			password=None, # 如果私钥加密，请提供密码
			backend=default_backend()
			)
			# Base64 解码
			try:
			# 解密消息
			ciphertext = base64.b64decode(password)
			# 使用 PKCS#1 v1.5 填充解密
			plaintext = private_key.decrypt(
			ciphertext,
			padding.PKCS1v15() # 改为 PKCS#1 v1.5 填充
			)
			return plaintext.decode()
			except Exception as e:
			print(e)
			return ""

New file
			@@ -0,0 +1,27 @@
			-----BEGIN RSA PRIVATE KEY-----
			MIIEowIBAAKCAQEAwJ0feodpQYfSPeeBRlyqlqfs5dtP38LL19kKO3wwdP+vdckt
			xXR9Inje9Jcq+nIUJ+Comh3bEh1nsWUDBgtlz4vEqecho9KFaDqkFp3tR/emWJYT
			0KLEcBidKUImkumJk0cVBKleww/4R1HDorwE9J2a1Rp9z0DUEU7YuudoaUy5Es1v
			ORjDplIZv9bzip7/LANv6GmdtXwk5IpdbfNrkoJgGXlE063uIMkqRyiOo04ofeYp
			SjZbP4bvnboxYi23wpIe81uLIsM+4JcFoU6uN0cYs03oYkfjXQdlKTpBpM6lcm+7
			xhEz9Y/OR7YorRWB1Qdt7nr3cRmx0uIs/h/T9QIDAQABAoIBAAN62JBwyMuQUYp9
			RfDU2iY/0UHVTKXEBWHxPhXjiiOUU4yATo5OnJrtamQ4z4Biq4TUlf1wXyWo8RBY
			C1Gif7EjCUdN/CzoqNuHkwZL6hOs60Jr9iWhHy/sts5lRLKHZhtfwz/dj5ncwBVQ
			qmGIJQXGdmLnhKYyuZzG/pdZozbNxuPzOHP0LdkETLAqVbROL/lDVNMxlQoicKAK
			ir38bxH4ck2IjogJTJKyfl7UzFyxb0fjujYJX4ZsVoJzawdV7jJAbdKilOX/4bl/
			WITRyjm5AKTckFsuKbniWhlrgN/ji2J+u0RP5LEIq+VBt2Akdz2E2d2OzLUowxtS
			i6MXIbkCgYEA+HIZR1fvtMZCu2Z1NBl9GCuCm2TlaOnHB0jLvan2R062Icih/BRG
			wzc/AAhExqWS69r9NA1M/09kwybFOzPY/A3UidrqTx6QkXIIUkk1CRBKrdDqISss
			Kzo7lkS9HS46ADkPFGqG9ZnPHEmKvxvWC6vMXI/S2VQIiK0QrdhRkGkCgYEAxnht
			rg4OQsP+KNOSe8qkqvKyJK48+vRV6JlDnFqsiWsUHdck+VqhlkkxVe2bH1w92JYt
			ACvtQW+mTJsORlixdPWnpqF5i5m/3nKk6zLw8hc4KBq+8rwqAOF6O+yd2MVDUiYB
			7Tn05Rvl3/WRq28oKP64MGK/Piz9Njjj3YfPta0CgYACl85DvFs4G8megxc+D/YK
			Ron6bTcnvSjinpPhyuBTJjMobxuhseR7LRxvN6bgG+JIq+RwoqLnF0EJ+GGemI/v
			MYXCWpKPeNYxbms/0JvJGG5vGfsXlYfEe7sbemQu5cidL/tET0hRT+Wlee8Ex5mY
			TZa4cJfWxNXB92xxJAzV4QKBgQDER+nAz2nPIeJEIimmf9ymq+r+V8s7LVWg+aJi
			CVLFfL6iXFnWuYlBBhXis2BMfX80qiDLIKY9ptvCuz482A54a1Joex2nsGCO8Lal
			XPXplokVMI5TpT+tK1El3nalIUHZBnm1UTIfO532BfkQoJgJIxCp2Z7lML0jWNQS
			DPSg6QKBgAR7IMz5wCkdS//PbIS8UOmxXHwwkZgrtAf56+xyvyQiOdcZj/xFolY4
			X86xznY0cuDr9o5sWdNXDqcZFOGS4txwCOEyI3VntYReO005nS6vsfDiGqyutlZh
			9gAMVA6Hm3UFKvxrjgmpMOAMYqugRx5hFxhjiiaDRScoewx5abHN
			-----END RSA PRIVATE KEY-----