audex 1.0.7a3__py3-none-any.whl

audex/lib/server/auth.py

@@ -0,0 +1,98 @@
+from __future__ import annotations
+
+import base64
+import json
+import typing as t
+
+from starlette.middleware.base import BaseHTTPMiddleware
+from starlette.requests import Request
+from starlette.responses import RedirectResponse
+from starlette.responses import Response
+
+from audex.helper.mixin import LoggingMixin
+from audex.lib.repos.doctor import DoctorRepository
+from audex.lib.server.types import DoctorSessionData
+
+if t.TYPE_CHECKING:
+    from starlette.types import ASGIApp
+
+
+class AuthMiddleware(BaseHTTPMiddleware, LoggingMixin):
+    """Authentication middleware using cookie-based sessions."""
+
+    __logtag__ = "audex.lib.http.auth"
+
+    COOKIE_NAME: t.ClassVar[str] = "audex_session"
+    COOKIE_MAX_AGE: t.ClassVar[int] = 86400 * 7  # 7 days
+
+    # Public routes that don't require auth
+    PUBLIC_ROUTES: t.ClassVar[set[str]] = {"/login", "/api/login", "/static"}
+
+    def __init__(self, app: ASGIApp, doctor_repo: DoctorRepository):
+        super().__init__(app)
+        self.doctor_repo = doctor_repo
+
+    async def dispatch(
+        self, request: Request, call_next: t.Callable[[Request], t.Awaitable[Response]]
+    ) -> Response:
+        """Process request with authentication check."""
+        # Check if route is public
+        if self._is_public_route(request.url.path):
+            return await call_next(request)
+
+        # Get session from cookie
+        session_data = self._get_session_from_cookie(request)
+
+        if not session_data:
+            # Not authenticated, redirect to login
+            if request.url.path.startswith("/api/"):
+                return Response(
+                    content=json.dumps({"error": "Unauthorized"}),
+                    status_code=401,
+                    media_type="application/json",
+                )
+            return RedirectResponse(url="/login", status_code=303)
+
+        # Verify doctor still exists and is active
+        doctor = await self.doctor_repo.read(session_data["doctor_id"])
+        if not doctor or not doctor.is_active:
+            # Session invalid, clear cookie
+            response = RedirectResponse(url="/login", status_code=303)
+            response.delete_cookie(self.COOKIE_NAME)
+            return response
+
+        # Attach session data to request state
+        request.state.doctor_session = session_data
+
+        return await call_next(request)
+
+    def _is_public_route(self, path: str) -> bool:
+        """Check if route is public."""
+        return any(path.startswith(public) for public in self.PUBLIC_ROUTES)
+
+    def _get_session_from_cookie(self, request: Request) -> DoctorSessionData | None:
+        """Extract and decode session from cookie."""
+        cookie_value = request.cookies.get(self.COOKIE_NAME)
+        if not cookie_value:
+            return None
+
+        try:
+            # Decode base64
+            decoded = base64.b64decode(cookie_value).decode("utf-8")
+            session_dict = json.loads(decoded)
+
+            # Validate required fields
+            if not all(k in session_dict for k in ["doctor_id", "eid", "doctor_name"]):
+                return None
+
+            return t.cast(DoctorSessionData, session_dict)
+
+        except Exception as e:
+            self.logger.warning(f"Failed to decode session cookie: {e}")
+            return None
+
+    @staticmethod
+    def create_session_cookie(session_data: DoctorSessionData) -> str:
+        """Create encoded session cookie value."""
+        json_str = json.dumps(session_data)
+        return base64.b64encode(json_str.encode("utf-8")).decode("utf-8")

audex/lib/server/handlers.py

@@ -0,0 +1,248 @@
+from __future__ import annotations
+
+import json
+import typing as t
+
+from starlette.requests import Request
+from starlette.responses import Response
+from starlette.templating import Jinja2Templates
+
+from audex.filters.generated import doctor_filter
+from audex.filters.generated import session_filter
+from audex.helper.mixin import LoggingMixin
+from audex.lib.server.auth import AuthMiddleware
+from audex.lib.server.types import DoctorSessionData
+from audex.lib.server.types import ErrorResponse
+from audex.lib.server.types import ExportMultipleRequest
+from audex.lib.server.types import LoginRequest
+from audex.lib.server.types import LoginResponse
+from audex.lib.server.types import SessionListResponse
+from audex.valueobj.common.auth import Password
+
+if t.TYPE_CHECKING:
+    from audex.lib.exporter import Exporter
+    from audex.lib.repos.doctor import DoctorRepository
+
+
+class RequestHandlers(LoggingMixin):
+    """HTTP request handlers."""
+
+    __logtag__ = "audex.lib.http.handlers"
+
+    def __init__(
+        self,
+        templates: Jinja2Templates,
+        doctor_repo: DoctorRepository,
+        exporter: Exporter,
+    ):
+        super().__init__()
+        self.templates = templates
+        self.doctor_repo = doctor_repo
+        self.exporter = exporter
+
+    async def login_page(self, request: Request) -> Response:
+        """Render login page."""
+        return self.templates.TemplateResponse("login.html.j2", {"request": request})
+
+    async def index_page(self, request: Request) -> Response:
+        """Render main export page."""
+        session_data: DoctorSessionData = request.state.doctor_session
+        return self.templates.TemplateResponse(
+            "index.html.j2",
+            {
+                "request": request,
+                "doctor_name": session_data["doctor_name"],
+            },
+        )
+
+    async def api_login(self, request: Request) -> Response:
+        """Handle login request."""
+        try:
+            body = await request.json()
+            login_req = t.cast(LoginRequest, body)
+
+            eid = login_req.get("eid")
+            password = login_req.get("password")
+
+            if not eid or not password:
+                return self._error_response("Missing eid or password", 400)
+
+            # Find doctor
+            f = doctor_filter().eid.eq(eid)
+            doctor = await self.doctor_repo.first(f.build())
+
+            if not doctor:
+                return self._error_response("Invalid credentials", 401)
+
+            if not doctor.is_active:
+                return self._error_response("Account inactive", 401)
+
+            # Verify password
+            if not doctor.verify_password(Password.parse(password)):
+                return self._error_response("Invalid credentials", 401)
+
+            # Create session
+            session_data = DoctorSessionData(
+                doctor_id=doctor.id,
+                eid=doctor.eid,
+                doctor_name=doctor.name,
+            )
+
+            login_response = LoginResponse(
+                success=True,
+                doctor_id=doctor.id,
+                doctor_name=doctor.name,
+            )
+
+            response = Response(
+                content=json.dumps(login_response, ensure_ascii=False),
+                media_type="application/json",
+            )
+
+            # Set cookie
+            response.set_cookie(
+                key=AuthMiddleware.COOKIE_NAME,
+                value=AuthMiddleware.create_session_cookie(session_data),
+                max_age=AuthMiddleware.COOKIE_MAX_AGE,
+                httponly=True,
+                samesite="lax",
+            )
+
+            self.logger.info(f"Doctor {eid} logged in")
+            return response
+
+        except Exception as e:
+            self.logger.error(f"Login failed: {e}")
+            return self._error_response(str(e), 500)
+
+    async def api_logout(self, _: Request) -> Response:
+        """Handle logout request."""
+        response = Response(
+            content=json.dumps({"success": True}),
+            media_type="application/json",
+        )
+        response.delete_cookie(AuthMiddleware.COOKIE_NAME)
+        return response
+
+    async def api_list_sessions(self, request: Request) -> Response:
+        """List sessions for current doctor."""
+        try:
+            session_data: DoctorSessionData = request.state.doctor_session
+            doctor_id = session_data["doctor_id"]
+
+            # Get query params
+            page = int(request.query_params.get("page", "0"))
+            page_size = int(request.query_params.get("page_size", "50"))
+
+            # Build filter
+            f = session_filter().doctor_id.eq(doctor_id).created_at.desc()
+
+            # Get sessions
+            sessions = await self.exporter.session_repo.list(
+                f.build(),
+                page_index=page,
+                page_size=page_size,
+            )
+
+            # Get total count
+            total = await self.exporter.session_repo.count(
+                session_filter().doctor_id.eq(doctor_id).build()
+            )
+
+            # Convert to response
+            list_response = SessionListResponse(
+                sessions=[self.exporter._session_to_dict(s) for s in sessions],
+                total=total,
+                page=page,
+                page_size=page_size,
+            )
+
+            return Response(
+                content=json.dumps(list_response, ensure_ascii=False),
+                media_type="application/json",
+            )
+
+        except Exception as e:
+            self.logger.error(f"Failed to list sessions: {e}")
+            return self._error_response(str(e), 500)
+
+    async def api_export_session(self, request: Request) -> Response:
+        """Export single session."""
+        try:
+            session_data: DoctorSessionData = request.state.doctor_session
+            doctor_id = session_data["doctor_id"]
+            session_id = request.path_params["session_id"]
+
+            # Verify ownership
+            session = await self.exporter.session_repo.read(session_id)
+            if not session:
+                return self._error_response("Session not found", 404)
+
+            if session.doctor_id != doctor_id:
+                return self._error_response("Access denied", 403)
+
+            # Generate ZIP
+            zip_data = await self.exporter.export_session_zip(session_id)
+
+            # Generate filename
+            filename = f"{session_id}"
+            if session.patient_name:
+                filename = f"{session.patient_name}_{session_id}"
+            filename += ".zip"
+
+            self.logger.info(f"Exported session {session_id} for doctor {doctor_id}")
+
+            return Response(
+                content=zip_data,
+                media_type="application/zip",
+                headers={"Content-Disposition": f'attachment; filename="{filename}"'},
+            )
+
+        except Exception as e:
+            self.logger.error(f"Failed to export session: {e}")
+            return self._error_response(str(e), 500)
+
+    async def api_export_multiple(self, request: Request) -> Response:
+        """Export multiple sessions."""
+        try:
+            session_data: DoctorSessionData = request.state.doctor_session
+            doctor_id = session_data["doctor_id"]
+
+            body = await request.json()
+            export_req = t.cast(ExportMultipleRequest, body)
+            session_ids = export_req.get("session_ids", [])
+
+            if not session_ids:
+                return self._error_response("No session IDs provided", 400)
+
+            # Verify all sessions belong to doctor
+            for session_id in session_ids:
+                session = await self.exporter.session_repo.read(session_id)
+                if not session or session.doctor_id != doctor_id:
+                    return self._error_response(f"Access denied for session {session_id}", 403)
+
+            # Generate ZIP
+            zip_data = await self.exporter.export_multiple_sessions_zip(session_ids)
+
+            filename = f"sessions_export_{len(session_ids)}.zip"
+
+            self.logger.info(f"Exported {len(session_ids)} sessions for doctor {doctor_id}")
+
+            return Response(
+                content=zip_data,
+                media_type="application/zip",
+                headers={"Content-Disposition": f'attachment; filename="{filename}"'},
+            )
+
+        except Exception as e:
+            self.logger.error(f"Failed to export multiple sessions: {e}")
+            return self._error_response(str(e), 500)
+
+    def _error_response(self, message: str, status_code: int = 500) -> Response:
+        """Create error response."""
+        error: ErrorResponse = {"error": message, "details": None}
+        return Response(
+            content=json.dumps(error, ensure_ascii=False),
+            status_code=status_code,
+            media_type="application/json",
+        )

audex/lib/server/templates/index.html.j2

@@ -0,0 +1,226 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>会话导出系统</title>
+    <link rel="stylesheet" href="/static/style.css">
+</head>
+<body>
+    <div class="container">
+        <header class="page-header">
+            <div class="header-content">
+                <div class="header-left">
+                    <h1>会话导出系统</h1>
+                </div>
+                <div class="header-right">
+                    <span class="doctor-name">{{ doctor_name }}</span>
+                    <button id="logoutBtn" class="btn btn-ghost">退出</button>
+                </div>
+            </div>
+            <div class="session-count" id="sessionCount">正在加载...</div>
+        </header>
+
+        <div class="actions-bar">
+            <button id="exportSelected" class="btn btn-primary" disabled>
+                <span>导出选中</span>
+                <span id="selectedCount" class="count-badge" style="display: none;">0</span>
+            </button>
+            <button id="selectAll" class="btn btn-secondary">全选</button>
+            <button id="deselectAll" class="btn btn-secondary">取消全选</button>
+        </div>
+
+        <div id="sessionsGrid" class="sessions-grid">
+            <div class="loading">
+                <div class="spinner"></div>
+                <p>加载中</p>
+            </div>
+        </div>
+    </div>
+
+    <script src="/static/script.js"></script>
+    <script>
+        let sessions = [];
+        let selectedSessions = new Set();
+
+        window.addEventListener('DOMContentLoaded', () => {
+            loadSessions();
+            setupEventListeners();
+        });
+
+        function setupEventListeners() {
+            document.getElementById('exportSelected').addEventListener('click', exportMultiple);
+            document.getElementById('selectAll').addEventListener('click', selectAll);
+            document.getElementById('deselectAll').addEventListener('click', deselectAll);
+            document.getElementById('logoutBtn').addEventListener('click', logout);
+        }
+
+        async function loadSessions() {
+            try {
+                const response = await fetch('/api/sessions? page_size=100');
+
+                if (response.status === 401) {
+                    window.location.href = '/login';
+                    return;
+                }
+
+                const data = await response.json();
+                sessions = data.sessions;
+
+                // Update count
+                const countText = sessions.length === 0 ? '暂无会话' : `共 ${sessions.length} 个会话`;
+                document.getElementById('sessionCount').textContent = countText;
+
+                renderSessions();
+            } catch (error) {
+                console.error('Failed to load sessions:', error);
+                document.getElementById('sessionCount').textContent = '加载失败';
+                document.getElementById('sessionsGrid').innerHTML =
+                    '<div class="error-state"><p>加载失败</p></div>';
+            }
+        }
+
+        function renderSessions() {
+            const grid = document.getElementById('sessionsGrid');
+
+            if (sessions.length === 0) {
+                grid.innerHTML = '<div class="empty-state"><p>暂无会话记录</p></div>';
+                return;
+            }
+
+            grid.innerHTML = sessions.map((session, index) => `
+                <div class="session-card" style="animation-delay: ${index * 0.03}s">
+                    <div class="session-header">
+                        <div class="checkbox-wrapper">
+                            <input
+                                type="checkbox"
+                                class="checkbox session-checkbox"
+                                data-session-id="${session.id}"
+                                id="checkbox-${session.id}"
+                                onchange="toggleSession('${session.id}')">
+                            <label for="checkbox-${session.id}" class="checkbox-custom"></label>
+                        </div>
+                        <div class="session-info">
+                            <h3>${escapeHtml(session.patient_name || '未知患者')}</h3>
+                            ${session.clinic_number ?
+                                `<div class="session-meta">门诊号: ${escapeHtml(session.clinic_number)}</div>` : ''}
+                            ${session.medical_record_number ?
+                                `<div class="session-meta">病历号: ${escapeHtml(session.medical_record_number)}</div>` : ''}
+                            ${session.diagnosis ?
+                                `<div class="session-meta">诊断: ${escapeHtml(session.diagnosis)}</div>` : ''}
+                            <div class="session-meta">${formatDate(session.created_at)}</div>
+                            <span class="status-badge status-${session.status.toLowerCase().replace('_', '-')}">
+                                ${getStatusText(session.status)}
+                            </span>
+                        </div>
+                    </div>
+                    <button class="export-btn" onclick="exportSingle('${session.id}')">
+                        导出
+                    </button>
+                </div>
+            `).join('');
+        }
+
+        function toggleSession(sessionId) {
+            if (selectedSessions.has(sessionId)) {
+                selectedSessions.delete(sessionId);
+            } else {
+                selectedSessions.add(sessionId);
+            }
+            updateSelectedCount();
+        }
+
+        function selectAll() {
+            sessions.forEach(session => {
+                selectedSessions.add(session.id);
+                const checkbox = document.querySelector(`[data-session-id="${session.id}"]`);
+                if (checkbox) checkbox.checked = true;
+            });
+            updateSelectedCount();
+        }
+
+        function deselectAll() {
+            selectedSessions.clear();
+            document.querySelectorAll('.session-checkbox').forEach(cb => cb.checked = false);
+            updateSelectedCount();
+        }
+
+        function updateSelectedCount() {
+            const count = selectedSessions.size;
+            const countBadge = document.getElementById('selectedCount');
+            const exportBtn = document.getElementById('exportSelected');
+
+            if (! countBadge || !exportBtn) return;
+
+            if (count > 0) {
+                countBadge.textContent = count;
+                countBadge.style.display = 'flex';
+                exportBtn.disabled = false;
+            } else {
+                countBadge.style.display = 'none';
+                exportBtn.disabled = true;
+            }
+        }
+
+        async function exportSingle(sessionId) {
+            window.location.href = `/api/sessions/${sessionId}/export`;
+        }
+
+        async function exportMultiple() {
+            if (selectedSessions.size === 0) return;
+
+            const btn = document.getElementById('exportSelected');
+            const originalHTML = btn.innerHTML;
+            btn.disabled = true;
+            btn.innerHTML = '<span>导出中...</span>';
+
+            try {
+                const response = await fetch('/api/sessions/export-multiple', {
+                    method: 'POST',
+                    headers: { 'Content-Type': 'application/json' },
+                    body: JSON.stringify({
+                        session_ids: Array.from(selectedSessions)
+                    })
+                });
+
+                if (! response.ok) {
+                    const error = await response.json();
+                    throw new Error(error.error || 'Export failed');
+                }
+
+                const blob = await response.blob();
+                downloadBlob(blob, `sessions_export_${selectedSessions.size}.zip`);
+
+                deselectAll();
+            } catch (error) {
+                console.error('Export failed:', error);
+                alert('导出失败: ' + error.message);
+            } finally {
+                btn.disabled = false;
+                btn.innerHTML = originalHTML;
+                updateSelectedCount();
+            }
+        }
+
+        async function logout() {
+            try {
+                await fetch('/api/logout', { method: 'POST' });
+            } catch (error) {
+                console.error('Logout failed:', error);
+            } finally {
+                window.location.href = '/login';
+            }
+        }
+
+        function getStatusText(status) {
+            const map = {
+                'COMPLETED': 'completed',
+                'IN_PROGRESS': 'in_progress',
+                'DRAFT': 'draft',
+                'CANCELLED': 'cancelled'
+            };
+            return map[status] || status.toLowerCase();
+        }
+    </script>
+</body>
+</html>

audex/lib/server/templates/login.html.j2

@@ -0,0 +1,111 @@
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>登录 - 会话导出系统</title>
+    <link rel="stylesheet" href="/static/style.css">
+</head>
+<body class="login-body">
+    <div class="login-container">
+        <div class="login-card">
+            <div class="login-header">
+                <h1>会话导出系统</h1>
+                <p>登录以访问导出功能</p>
+            </div>
+
+            <form id="loginForm" class="login-form">
+                <div class="form-group">
+                    <label for="eid">工号</label>
+                    <input
+                        type="text"
+                        id="eid"
+                        name="eid"
+                        required
+                        autocomplete="username"
+                        placeholder="请输入工号">
+                </div>
+
+                <div class="form-group">
+                    <label for="password">密码</label>
+                    <input
+                        type="password"
+                        id="password"
+                        name="password"
+                        required
+                        autocomplete="current-password"
+                        placeholder="请输入密码">
+                </div>
+
+                <div id="errorMessage" class="error-message" style="display: none;"></div>
+
+                <button type="submit" class="btn btn-primary btn-block" id="loginBtn">
+                    登录
+                </button>
+            </form>
+        </div>
+    </div>
+
+    <script src="/static/script.js"></script>
+    <script>
+        const form = document.getElementById('loginForm');
+        const eidInput = document.getElementById('eid');
+        const passwordInput = document.getElementById('password');
+        const errorMessage = document.getElementById('errorMessage');
+        const loginBtn = document.getElementById('loginBtn');
+
+        form.addEventListener('submit', async (e) => {
+            e.preventDefault();
+
+            const eid = eidInput.value.trim();
+            const password = passwordInput.value;
+
+            if (!eid || ! password) {
+                showError('请输入工号和密码');
+                return;
+            }
+
+            hideError();
+            loginBtn.disabled = true;
+            loginBtn.textContent = '登录中...';
+
+            try {
+                const response = await fetch('/api/login', {
+                    method: 'POST',
+                    headers: { 'Content-Type': 'application/json' },
+                    body: JSON.stringify({ eid, password }),
+                });
+
+                const data = await response.json();
+
+                if (response.ok && data.success) {
+                    loginBtn.textContent = '登录成功';
+                    setTimeout(() => {
+                        window.location.href = '/';
+                    }, 200);
+                } else {
+                    showError(data.error || '登录失败，请检查工号和密码');
+                }
+            } catch (error) {
+                showError('网络错误，请稍后重试');
+            } finally {
+                if (! errorMessage.style.display || errorMessage.style.display === 'none') {
+                    loginBtn.disabled = false;
+                    loginBtn.textContent = '登录';
+                }
+            }
+        });
+
+        function showError(message) {
+            errorMessage.textContent = message;
+            errorMessage.style.display = 'block';
+        }
+
+        function hideError() {
+            errorMessage.style.display = 'none';
+        }
+
+        eidInput.focus();
+    </script>
+</body>
+</html>