From 05592050e0f6e87b63952fc58117cb2f112d31ae Mon Sep 17 00:00:00 2001
From: zhaoqingang <zhaoqg0118@163.com>
Date: 星期五, 27 十二月 2024 10:47:44 +0800
Subject: [PATCH] 注册密码 加密
---
app/api/auth.py | 88 +++++++++++++++++++++++++------------------
1 files changed, 51 insertions(+), 37 deletions(-)
diff --git a/app/api/auth.py b/app/api/auth.py
index f850882..c028ad1 100644
--- a/app/api/auth.py
+++ b/app/api/auth.py
@@ -7,22 +7,25 @@
from Log import logger
from app.api import Response, pwd_context, get_current_user
+from app.api.user import reset_user_pwd
from app.config.config import settings
from app.config.const import RAGFLOW, BISHENG, DIFY
from app.models.app_token_model import AppToken
from app.models.base_model import get_db
from app.models.postgresql_base_model import get_pdb
-from app.models.token_model import upsert_token, get_token, update_token
+from app.models.token_model import upsert_token, update_token
from app.models.user import UserCreate, LoginData
-from app.models.user_model import UserModel
+from app.models.user_model import UserModel, UserAppModel
from app.service.auth import authenticate_user, create_access_token, is_valid_password, save_register_user, \
- update_user_token, UserAppDao
+ update_user_token, UserAppDao, update_user_info, password_rsa
from app.service.bisheng import BishengService
+from app.service.service_token import get_new_token, get_token, update_user_group
from app.service.v2.app_register import AppRegisterDao
from app.service.difyService import DifyService
from app.service.ragflow import RagflowService
from sqlalchemy.future import select
+from app.utils.password_handle import generate_password
router = APIRouter()
@@ -33,14 +36,14 @@
if db_user:
return Response(code=200, msg="Username already registered")
- bisheng_service = BishengService(settings.sgb_base_url)
+ # bisheng_service = BishengService(settings.sgb_base_url)
ragflow_service = RagflowService(settings.fwr_base_url)
# 娉ㄥ唽鍒版瘯鏄�
- try:
- bisheng_info = await bisheng_service.register(user.username, user.password)
- except Exception as e:
- return Response(code=500, msg=f"Failed to register with Bisheng: {str(e)}")
+ # try:
+ # bisheng_info = await bisheng_service.register(user.username, user.password)
+ # except Exception as e:
+ # return Response(code=500, msg=f"Failed to register with Bisheng: {str(e)}")
# 娉ㄥ唽鍒皉agflow
try:
@@ -50,7 +53,7 @@
# 瀛樺偍鐢ㄦ埛淇℃伅
hashed_password = pwd_context.hash(user.password)
- db_user = UserModel(username=user.username, hashed_password=hashed_password, email=ragflow_info.get("email", f"{user.username}@example.com"),ragflow_id=ragflow_info.get("id"),bisheng_id=bisheng_info.get("user_id"))
+ db_user = UserModel(username=user.username, hashed_password=hashed_password, email=ragflow_info.get("email", f"{user.username}@example.com"),ragflow_id=ragflow_info.get("id"),bisheng_id="")
db_user.password = db_user.encrypted_password(user.password)
db.add(db_user)
db.commit()
@@ -64,14 +67,14 @@
if not user:
return Response(code=400, msg="Incorrect username or password")
- bisheng_service = BishengService(settings.sgb_base_url)
+ # bisheng_service = BishengService(settings.sgb_base_url)
ragflow_service = RagflowService(settings.fwr_base_url)
# 鐧诲綍鍒版瘯鏄�
- try:
- bisheng_token = await bisheng_service.login(login_data.username, login_data.password)
- except Exception as e:
- return Response(code=500, msg=f"Failed to login with Bisheng: {str(e)}")
+ # try:
+ # bisheng_token = await bisheng_service.login(login_data.username, login_data.password)
+ # except Exception as e:
+ # return Response(code=500, msg=f"Failed to login with Bisheng: {str(e)}")
# 鐧诲綍鍒皉agflow
try:
@@ -82,14 +85,14 @@
# 鍒涘缓鏈湴token
access_token = create_access_token(data={"sub": user.username, "user_id": user.id})
- upsert_token(db, user.id, access_token, bisheng_token, ragflow_token)
-
+ upsert_token(db, user.id, access_token, "bisheng_token", ragflow_token)
+ # print(111)
return Response(code=200, msg="Login successful", data={
"access_token": access_token,
"token_type": "bearer",
"username": user.username,
"nickname": "",
- "user": user.to_login_json()
+ # "user": user.to_login_json()
})
@@ -104,7 +107,8 @@
@router.post("/v2/login", response_model=Response)
async def login_v2(login_data: LoginData, db: Session = Depends(get_db), pdb: AsyncSession = Depends(get_pdb)):
- user = authenticate_user(db, login_data.username, login_data.password)
+ password = await password_rsa(login_data.password)
+ user = authenticate_user(db, login_data.username, password)
if not user:
return Response(code=400, msg="Incorrect username or password")
app_register = AppRegisterDao(db).get_apps()
@@ -115,15 +119,20 @@
elif app["id"] == BISHENG:
service = BishengService(settings.sgb_base_url)
elif app["id"] == DIFY:
- continue
+ service = DifyService(settings.dify_base_url)
else:
logger.error("鏈煡娉ㄥ唽搴旂敤---")
continue
try:
+ name = login_data.username
+ app_password = login_data.password
user_app = await UserAppDao(db).get_data_by_id(user.id, app["id"])
if user_app:
name = user_app.username
- token = await service.login(name, login_data.password)
+ app_password = user_app.decrypted_password(user_app.password)
+ else:
+ await update_user_info(db, user.id)
+ token = await service.login(name, app_password)
token_dict[app["id"]] = token
except Exception as e:
return Response(code=500, msg=f"Failed to login with {app['id']}: {str(e)}")
@@ -131,7 +140,7 @@
# 鍒涘缓鏈湴token
access_token = create_access_token(data={"sub": user.username, "user_id": user.id})
- # await update_token(db, user.id, access_token, token_dict)
+ await update_token(db, user.id, access_token, token_dict)
await update_user_token(db, user.id, token_dict)
result = await pdb.execute(select(AppToken).where(AppToken.id == user.id))
db_app_token = result.scalars().first()
@@ -161,42 +170,47 @@
@router.post("/v2/register", response_model=Response)
async def register_v2(user: UserCreate, db=Depends(get_db)):
- if not is_valid_password(user.password):
+ password = await password_rsa(user.password)
+ if not is_valid_password(password):
return Response(code=400, msg="The password must be at least 8 and contain both numbers and letters")
db_user = db.query(UserModel).filter(UserModel.username == user.username).first()
if db_user:
return Response(code=200, msg="Username already registered")
app_register = AppRegisterDao(db).get_apps()
register_dict = {}
+ token = ""
+ app_password = await generate_password(10)
for app in app_register:
if app["id"] == RAGFLOW:
service = RagflowService(settings.fwr_base_url)
elif app["id"] == BISHENG:
service = BishengService(settings.sgb_base_url)
elif app["id"] == DIFY:
+ admin_user = db.query(UserModel).filter(UserModel.permission == "admin").first()
+ token = await get_new_token(db, admin_user.id, DIFY)
+ if not token:
+ logger.error("鐢ㄦ埛娉ㄥ唽鑾峰彇dftoken澶辫触锛�")
+ return Response(code=500, msg=f"Failed to register with app")
service = DifyService(settings.dify_base_url)
else:
logger.error("鏈煡娉ㄥ唽搴旂敤---")
continue
try:
name = app["id"] + str(int(time.time()))
- register_info = await service.register(name, user.password)
+ register_info = await service.register(name, app_password, token)
# print(register_info)
register_dict[app['id']] = {"id":register_info.get("id"), "name": name, "email": register_info.get("email")}
except Exception as e:
return Response(code=500, msg=f"Failed to register with {app['id']}: {str(e)}")
-
- # 瀛樺偍鐢ㄦ埛淇℃伅
- # hashed_password = pwd_context.hash(user.password)
- # db_user = UserModel(username=user.username, hashed_password=hashed_password, email=user.email)
- # db_user.password = db_user.encrypted_password(user.password)
- # for k, v in register_dict.items():
- # setattr(db_user, k.replace("app", "id"), v)
- # db.add(db_user)
- # db.commit()
- # db.refresh(db_user)
-
- is_sava = await save_register_user(db, user.username, user.password, user.email, register_dict)
- if not is_sava:
+ user_id = await save_register_user(db, user.username, password, user.email, app_password, register_dict)
+ if not user_id:
return Response(code=500, msg=f"Failed to register with app")
- return Response(code=200, msg="User registered successfully",data={"username": user.username})
\ No newline at end of file
+ return Response(code=200, msg="User registered successfully",data={"userFlag": user_id})
+
+
+@router.get("/v2/sync", response_model=Response)
+async def sync_user_tenant(userFlag: str, db=Depends(get_db)):
+ app_register = AppRegisterDao(db).get_app_by_id(RAGFLOW)
+ if app_register:
+ is_update = await update_user_group(db, userFlag)
+ return Response(code=200, msg="success", data={})
\ No newline at end of file
--
Gitblit v1.8.0