Domů Procházet Nápověda
Registrovat se Přihlásit se
wujiaheng
/
tools-api
1
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Strom: 252698c01c
Větve Značky
tools-api
/
middleware
/
jwt_call_center_auth_middleware.py

jwt_call_center_auth_middleware.py 2.2 KB
Historie Surový

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 
  1. #!/usr/bin/env python3
    2. 

  2. # -*- coding: utf-8 -*-
    3. 

  3. from typing import Any
    4. 

  4. 

  5. from fastapi import Request, Response
    6. 

  6. from fastapi.security.utils import get_authorization_scheme_param
    7. 

  7. from starlette.authentication import AuthCredentials, AuthenticationBackend, AuthenticationError
    8. 

  8. from starlette.requests import HTTPConnection
    9. 

  9. 

  10. from app.admin.schema.intent_org import CurrentIntentOrgIns
    11. 

  11. from common.exception.errors import TokenError
    12. 

  12. from common.log import log
    13. 

  13. from common.security.jwt_call_center import jwt_call_center_authentication
    14. 

  14. from core.conf import settings
    15. 

  15. from utils.serializers import MsgSpecJSONResponse
    16. 

  16. 

  17. 

  18. class _AuthenticationError(AuthenticationError):
    19. 

  19.     """重写内部认证错误类"""
    20. 

  20. 

  21.     def __init__(self, *, code: int = None, msg: str = None, headers: dict[str, Any] | None = None):
    22. 

  22.         self.code = code
    23. 

  23.         self.msg = msg
    24. 

  24.         self.headers = headers
    25. 

  25. 

  26. 

  27. class JwtCallCenterAuthMiddleware(AuthenticationBackend):
    28. 

  28.     """JWT 认证中间件"""
    29. 

  29. 

  30.     @staticmethod
    31. 

  31.     def auth_exception_handler(conn: HTTPConnection, exc: _AuthenticationError) -> Response:
    32. 

  32.         """覆盖内部认证错误处理"""
    33. 

  33.         return MsgSpecJSONResponse(content={'code': exc.code, 'msg': exc.msg, 'data': None}, status_code=exc.code)
    34. 

  34. 

  35.     async def authenticate(self, request: Request) -> tuple[AuthCredentials, CurrentIntentOrgIns] | None:
    36. 

  36.         token = request.headers.get('Authorization')
    37. 

  37.         if not token:
    38. 

  38.             return
    39. 

  39. 

  40.         if request.url.path in settings.TOKEN_EXCLUDE:
    41. 

  41.             return
    42. 

  42.         scheme, token = get_authorization_scheme_param(token)
    43. 

  43.         if scheme.lower() != "bearer":
    44. 

  44.             return
    45. 

  45.         try:
    46. 

  46.             org = await jwt_call_center_authentication(token)
    47. 

  47.         except TokenError as exc:
    48. 

  48.             raise _AuthenticationError(code=exc.code, msg=exc.detail, headers=exc.headers)
    49. 

  49.         except Exception as e:
    50. 

  50.             log.error(f'JWT 授权异常:{e}')
    51. 

  51.             raise _AuthenticationError(code=getattr(e, 'code', 500), msg=getattr(e, 'msg', 'Internal Server Error'))
    52. 

  52. 

  53.         # 请注意,此返回使用非标准模式,所以在认证通过时,将丢失某些标准特性
    54. 

  54.         # 标准返回模式请查看:https://www.starlette.io/authentication/
    55. 

  55.         return AuthCredentials(['authenticated']), org
    56.