huace-aigc-auth-client 1.1.13__py3-none-any.whl → 1.1.20__py3-none-any.whl

huace_aigc_auth_client/__init__.py

@@ -54,6 +54,8 @@ from .sdk import (
     create_fastapi_auth_dependency
 )
 
+from .user_context import get_current_user
+
 from .legacy_adapter import (
     LegacySystemAdapter,
     LegacyUserData,
@@ -167,5 +169,7 @@ __all__ = [
     "register_flask_webhook_routes",
     # Logger 设置
     "setLogger",
+    # 用户上下文
+    "get_current_user",
 ]
-__version__ = "1.1.13"
+__version__ = "1.1.20"

huace_aigc_auth_client/api_stats_collector.py

@@ -0,0 +1,300 @@
+"""
+SDK 客户端接口监控模块
+提供异步队列提交接口统计数据到服务端
+"""
+import time
+import queue
+import threading
+import requests
+from typing import Optional, Dict, Any, List
+from datetime import datetime
+
+
+class ApiStatsCollector:
+    """接口统计收集器（异步队列方式）"""
+    
+    def __init__(
+        self,
+        api_url: str,
+        app_secret: str,
+        token: str,
+        batch_size: int = 10,
+        flush_interval: float = 5.0,
+        enabled: bool = True
+    ):
+        """
+        初始化统计收集器
+        
+        Args:
+            api_url: 统计接口 URL（如：http://auth.example.com/api/sdk/stats/report/batch）
+            app_secret: 应用密钥
+            token: 用户访问令牌
+            batch_size: 批量提交大小
+            flush_interval: 刷新间隔（秒）
+            enabled: 是否启用
+        """
+        self.api_url = api_url.rstrip('/')
+        self.app_secret = app_secret
+        self.token = token
+        self.batch_size = batch_size
+        self.flush_interval = flush_interval
+        self.enabled = enabled
+        
+        self.queue = queue.Queue()
+        self.running = True
+        self.worker_thread = None
+        
+        if self.enabled:
+            self.start()
+    
+    def start(self):
+        """启动工作线程"""
+        if self.worker_thread is None or not self.worker_thread.is_alive():
+            self.running = True
+            self.worker_thread = threading.Thread(target=self._worker, daemon=True)
+            self.worker_thread.start()
+    
+    def stop(self):
+        """停止工作线程"""
+        self.running = False
+        if self.worker_thread:
+            self.worker_thread.join(timeout=10)
+    
+    def collect(
+        self,
+        api_path: str,
+        api_method: str,
+        status_code: int,
+        response_time: float,
+        error_message: Optional[str] = None,
+        request_params: Optional[Dict[str, Any]] = None
+    ):
+        """
+        收集接口统计数据
+        
+        Args:
+            api_path: 接口路径
+            api_method: 请求方法
+            status_code: 状态码
+            response_time: 响应时间（秒）
+            error_message: 错误信息
+            request_params: 请求参数（包含 headers, query_params, view_params, request_body, form_params）
+        """
+        if not self.enabled:
+            return
+        
+        try:
+            stat_data = {
+                'api_path': api_path,
+                'api_method': api_method,
+                'status_code': status_code,
+                'response_time': response_time,
+                'error_message': error_message,
+                'request_params': request_params,
+                'timestamp': datetime.utcnow().isoformat()
+            }
+            self.queue.put_nowait(stat_data)
+        except queue.Full:
+            pass  # 队列满了，丢弃数据
+        except Exception:
+            pass  # 静默失败，不影响主流程
+    
+    def _worker(self):
+        """后台工作线程：批量提交统计数据"""
+        buffer = []
+        last_flush_time = time.time()
+        
+        while self.running:
+            try:
+                # 尝试从队列获取数据
+                try:
+                    stat_data = self.queue.get(timeout=1.0)
+                    buffer.append(stat_data)
+                except queue.Empty:
+                    pass
+                
+                current_time = time.time()
+                should_flush = (
+                    len(buffer) >= self.batch_size or
+                    (buffer and (current_time - last_flush_time) >= self.flush_interval)
+                )
+                
+                if should_flush:
+                    self._flush_buffer(buffer)
+                    buffer = []
+                    last_flush_time = current_time
+                    
+            except Exception:
+                pass  # 静默失败
+        
+        # 停止前刷新剩余数据
+        if buffer:
+            self._flush_buffer(buffer)
+    
+    def _flush_buffer(self, buffer: List[Dict[str, Any]]):
+        """刷新缓冲区：批量提交统计数据"""
+        if not buffer:
+            return
+        
+        try:
+            headers = {
+                'X-App-Secret': self.app_secret,
+                'Authorization': f'Bearer {self.token}',
+                'Content-Type': 'application/json'
+            }
+            
+            payload = {'stats': buffer}
+            
+            response = requests.post(
+                f'{self.api_url}/stats/report/batch',
+                json=payload,
+                headers=headers,
+                timeout=5
+            )
+            
+            # 静默失败，不抛出异常
+            if response.status_code != 200:
+                pass
+                
+        except Exception:
+            pass  # 静默失败，不影响主流程
+
+
+# ============ 全局实例 ============
+
+_global_collector: Optional[ApiStatsCollector] = None
+
+
+def init_api_stats_collector(
+    api_url: str,
+    app_secret: str,
+    token: str,
+    batch_size: int = 10,
+    flush_interval: float = 5.0,
+    enabled: bool = True
+) -> ApiStatsCollector:
+    """
+    初始化全局统计收集器
+    
+    Args:
+        api_url: 统计接口 URL
+        app_secret: 应用密钥
+        token: 用户访问令牌
+        batch_size: 批量提交大小
+        flush_interval: 刷新间隔（秒）
+        enabled: 是否启用
+    
+    Returns:
+        统计收集器实例
+    """
+    global _global_collector
+    _global_collector = ApiStatsCollector(
+        api_url=api_url,
+        app_secret=app_secret,
+        token=token,
+        batch_size=batch_size,
+        flush_interval=flush_interval,
+        enabled=enabled
+    )
+    return _global_collector
+
+
+def get_api_stats_collector() -> Optional[ApiStatsCollector]:
+    """获取全局统计收集器实例"""
+    return _global_collector
+
+
+def stop_api_stats_collector():
+    """停止全局统计收集器"""
+    global _global_collector
+    if _global_collector:
+        _global_collector.stop()
+        _global_collector = None
+
+
+def collect_api_stat(
+    api_path: str,
+    api_method: str,
+    status_code: int,
+    response_time: float,
+    error_message: Optional[str] = None,
+    request_params: Optional[Dict[str, Any]] = None
+):
+    """
+    快捷方法：收集接口统计数据
+    
+    使用全局收集器实例
+    """
+    collector = get_api_stats_collector()
+    if collector:
+        collector.collect(
+            api_path=api_path,
+            api_method=api_method,
+            status_code=status_code,
+            response_time=response_time,
+            error_message=error_message,
+            request_params=request_params
+        )
+
+
+# ============ 使用示例 ============
+"""
+使用示例：
+
+1. 应用启动时初始化：
+    
+    from huace_aigc_auth_client.api_stats_collector import init_api_stats_collector
+    
+    # 在应用启动时初始化
+    init_api_stats_collector(
+        api_url='http://auth.example.com/api/sdk',
+        app_secret='your-app-secret',
+        token='user-access-token',
+        batch_size=10,
+        flush_interval=5.0,
+        enabled=True
+    )
+
+
+2. 在拦截器中使用：
+    
+    from huace_aigc_auth_client.api_stats_collector import collect_api_stat
+    import time
+    
+    @app.middleware("http")
+    async def monitor_middleware(request: Request, call_next):
+        start_time = time.time()
+        
+        try:
+            response = await call_next(request)
+            response_time = time.time() - start_time
+            
+            # 收集统计
+            collect_api_stat(
+                api_path=request.url.path,
+                api_method=request.method,
+                status_code=response.status_code,
+                response_time=response_time
+            )
+            
+            return response
+        except Exception as e:
+            response_time = time.time() - start_time
+            collect_api_stat(
+                api_path=request.url.path,
+                api_method=request.method,
+                status_code=500,
+                response_time=response_time,
+                error_message=str(e)
+            )
+            raise
+
+
+3. 应用关闭时停止：
+    
+    from huace_aigc_auth_client.api_stats_collector import stop_api_stats_collector
+    
+    @app.on_event("shutdown")
+    async def shutdown_event():
+        stop_api_stats_collector()
+"""

huace_aigc_auth_client/legacy_adapter.py

@@ -246,7 +246,7 @@ class LegacySystemAdapter(ABC):
         else:
             auth_data["password"] = password
         
-        result = await self.auth_client.sync_user_to_auth(auth_data)
+        result = self.auth_client.sync_user_to_auth(auth_data)
         logger.info(f"Sync result for user {legacy_user.get('username')}: {result}")
         
         return result
@@ -276,7 +276,13 @@ class LegacySystemAdapter(ABC):
         
         for user in users:
             try:
-                result = await self.sync_user_to_auth(user)
+                # 将 dict 转换为 LegacyUserData 对象
+                if isinstance(user, dict):
+                    legacy_user = LegacyUserData(data=user)
+                else:
+                    legacy_user = user
+                    
+                result = await self.sync_user_to_auth(legacy_user)
                 logger.info(f"Sync result for user {user.get('username')}: {result}")
                 
                 if result.get("success"):
@@ -291,7 +297,8 @@ class LegacySystemAdapter(ABC):
                         "error": result.get("message")
                     })
             except Exception as e:
-                logger.error(f"Error syncing user {user.get('username')}: {e}")
+                import traceback
+                logger.error(f"Error syncing user {user.get('username')}: {e}\n{traceback.format_exc()}")
                 results["failed"] += 1
                 results["errors"].append({
                     "user": user.get("username"),
@@ -331,7 +338,7 @@ class LegacySystemAdapter(ABC):
             
             # 创建或更新用户
             logger.info(f"Handling {event} event for user: {legacy_data}")
-            result = await self.upsert_user_async(legacy_data)
+            result = await self.upsert_user_async(legacy_data, data)
             
             return {
                 "success": True,
@@ -561,7 +568,7 @@ class UserSyncService:
         legacy_data["password"] = password
         
         # 使用 upsert 方法（存在则更新，不存在则创建）
-        result = await self.adapter.upsert_user_async(legacy_data)
+        result = await self.adapter.upsert_user_async(legacy_data, auth_data)
         
         return {
             "success": True,

huace_aigc_auth_client/sdk.py

@@ -14,9 +14,11 @@ import time
 import hashlib
 import requests
 import logging
+import dataclasses
 from functools import wraps
 from typing import Optional, List, Dict, Any, Callable, Tuple
 from dataclasses import dataclass
+from .user_context import set_current_user, clear_current_user
 
 logger = logging.getLogger(__name__)
 def setLogger(log):
@@ -95,7 +97,7 @@ class AigcAuthClient:
         client = AigcAuthClient(
             app_id="your_app_id",
             app_secret="your_app_secret",
-            base_url="https://aigc-auth.huacemedia.com/aigc-auth/api/v1"
+            base_url="后端 API 鉴权地址"
         )
 
         # 验证 token
@@ -130,8 +132,7 @@ class AigcAuthClient:
         self.app_secret = app_secret or os.getenv("AIGC_AUTH_APP_SECRET")
         self.base_url = (
             base_url or
-            os.getenv("AIGC_AUTH_BASE_URL") or
-            "https://aigc-auth.huacemedia.com/aigc-auth/api/v1"
+            os.getenv("AIGC_AUTH_BASE_URL")
         )
         self.timeout = timeout
         self.cache_ttl = cache_ttl
@@ -551,7 +552,9 @@ class AuthMiddleware:
         self,
         client: AigcAuthClient,
         exclude_paths: List[str] = None,
-        exclude_prefixes: List[str] = None
+        exclude_prefixes: List[str] = None,
+        enable_stats: bool = True,
+        stats_api_url: Optional[str] = None
     ):
         """
         初始化中间件
@@ -560,10 +563,150 @@ class AuthMiddleware:
             client: AigcAuthClient 实例
             exclude_paths: 排除的路径列表（精确匹配）
             exclude_prefixes: 排除的路径前缀列表
+            enable_stats: 是否启用接口统计（默认启用）
+            stats_api_url: 统计接口 URL（可选，默认使用 client.base_url/sdk）
         """
         self.client = client
         self.exclude_paths = exclude_paths or []
         self.exclude_prefixes = exclude_prefixes or []
+        self.enable_stats = enable_stats
+        self.stats_collector = None
+        
+        # 如果启用统计，设置统计接口 URL（默认使用 client 的 base_url）
+        if self.enable_stats:
+            self.stats_api_url = stats_api_url or f"{self.client.base_url}/sdk"
+    
+    def _init_stats_collector(self, token: str):
+        """初始化统计收集器（延迟初始化）"""
+        if not self.enable_stats or self.stats_collector is not None:
+            return
+        
+        try:
+            from .api_stats_collector import init_api_stats_collector
+            self.stats_collector = init_api_stats_collector(
+                api_url=self.stats_api_url,
+                app_secret=self.client.app_secret,
+                token=token,
+                batch_size=10,
+                flush_interval=5.0,
+                enabled=True
+            )
+        except Exception as e:
+            logger.warning(f"初始化统计收集器失败: {e}")
+    
+    @staticmethod
+    def _collect_flask_request_params(request) -> Dict[str, Any]:
+        """
+        收集 Flask 请求的所有参数
+        
+        Args:
+            request: Flask request 对象
+            
+        Returns:
+            包含 headers, query_params, view_params, request_body, form_params 的字典
+        """
+        try:
+            params = {
+                "headers": dict(request.headers),
+                "query_params": request.args.to_dict(flat=False),
+                "view_params": request.view_args or {},
+                "request_body": None,
+                "form_params": None
+            }
+            
+            # 获取请求体（JSON 或文本）
+            if request.is_json:
+                try:
+                    params["request_body"] = request.get_json(silent=True)
+                except Exception:
+                    pass
+            elif request.data:
+                try:
+                    params["request_body"] = request.data.decode('utf-8')
+                except Exception:
+                    params["request_body"] = str(request.data)
+            
+            # 获取表单数据
+            if request.form:
+                params["form_params"] = request.form.to_dict(flat=False)
+            
+            return params
+        except Exception as e:
+            logger.warning(f"收集Flask请求参数失败: {e}")
+            return {}
+    
+    @staticmethod
+    async def _collect_fastapi_request_params(request) -> Dict[str, Any]:
+        """
+        收集 FastAPI 请求的所有参数
+        
+        Args:
+            request: FastAPI Request 对象
+            
+        Returns:
+            包含 headers, query_params, view_params, request_body, form_params 的字典
+        """
+        try:
+            params = {
+                "headers": dict(request.headers),
+                "query_params": dict(request.query_params),
+                "view_params": dict(request.path_params),
+                "request_body": None,
+                "form_params": None
+            }
+            
+            # 获取请求体
+            content_type = request.headers.get("content-type", "")
+            
+            if "application/json" in content_type:
+                try:
+                    params["request_body"] = await request.json()
+                except Exception:
+                    pass
+            elif "application/x-www-form-urlencoded" in content_type or "multipart/form-data" in content_type:
+                try:
+                    form = await request.form()
+                    params["form_params"] = {k: v for k, v in form.items()}
+                except Exception:
+                    pass
+            else:
+                # 尝试读取原始body
+                try:
+                    body = await request.body()
+                    if body:
+                        params["request_body"] = body.decode('utf-8')
+                except Exception:
+                    pass
+            
+            return params
+        except Exception as e:
+            logger.warning(f"收集FastAPI请求参数失败: {e}")
+            return {}
+    
+    def _collect_stats(
+        self,
+        api_path: str,
+        api_method: str,
+        status_code: int,
+        response_time: float,
+        error_message: Optional[str] = None,
+        request_params: Optional[Dict[str, Any]] = None
+    ):
+        """收集接口统计"""
+        if not self.enable_stats or not self.stats_collector:
+            return
+        
+        try:
+            self.stats_collector.collect(
+                api_path=api_path,
+                api_method=api_method,
+                status_code=status_code,
+                response_time=response_time,
+                error_message=error_message,
+                request_params=request_params
+            )
+        except Exception:
+            pass  # 静默失败
 
     def _should_skip(self, path: str) -> bool:
         """检查是否应该跳过验证"""
@@ -594,6 +737,10 @@ class AuthMiddleware:
         from fastapi.responses import JSONResponse
 
         path = request.url.path
+        start_time = time.time()
+        
+        # 收集请求参数
+        request_params = await self._collect_fastapi_request_params(request) if self.enable_stats else None
 
         # 检查是否跳过
         if self._should_skip(path):
@@ -605,6 +752,8 @@ class AuthMiddleware:
 
         if not token:
             logger.warning("AuthMiddleware未提供认证信息")
+            response_time = time.time() - start_time
+            self._collect_stats(path, request.method, 401, response_time, "未提供认证信息", request_params)
             return JSONResponse(
                 status_code=401,
                 content={"code": 401, "message": "未提供认证信息", "data": None}
@@ -613,8 +762,14 @@ class AuthMiddleware:
         # 验证 token
         try:
             user_info = self.client.get_user_info(token)
+            # 初始化统计收集器（第一次有token时）
+            if self.enable_stats and self.stats_collector is None:
+                self._init_stats_collector(token)
             # 将用户信息存储到 request.state
             request.state.user_info = user_info
+            # 设置上下文
+            set_current_user(dataclasses.asdict(user_info))
+
             # 处理代理头部，确保重定向（如果有）使用正确的协议
             forwarded_proto = request.headers.get("x-forwarded-proto")
             if forwarded_proto:
@@ -623,11 +778,25 @@ class AuthMiddleware:
                 await user_info_callback(request, user_info)
         except AigcAuthError as e:
             logger.error(f"AuthMiddleware认证失败: {e.message}")
+            response_time = time.time() - start_time
+            self._collect_stats(path, request.method, 401, response_time, e.message, request_params)
             return JSONResponse(
                 status_code=401,
                 content={"code": e.code, "message": e.message, "data": None}
             )
-        return await call_next(request)
+        
+        # 处理请求
+        try:
+            response = await call_next(request)
+            response_time = time.time() - start_time
+            self._collect_stats(path, request.method, response.status_code, response_time, None, request_params)
+            return response
+        except Exception as e:
+            response_time = time.time() - start_time
+            self._collect_stats(path, request.method, 500, response_time, str(e), request_params)
+            raise
+        finally:
+            clear_current_user()
 
     def flask_before_request(self, user_info_callback: Callable = None):
         """
@@ -641,6 +810,11 @@ class AuthMiddleware:
         from flask import request, jsonify, g
 
         path = request.path
+        # 记录开始时间到 g 对象
+        g.start_time = time.time()
+        
+        # 收集请求参数
+        g.request_params = self._collect_flask_request_params(request) if self.enable_stats else None
 
         # 检查是否跳过
         if self._should_skip(path):
@@ -652,6 +826,8 @@ class AuthMiddleware:
 
         if not token:
             logger.warning("AuthMiddleware未提供认证信息")
+            response_time = time.time() - g.start_time
+            self._collect_stats(path, request.method, 401, response_time, "未提供认证信息", g.request_params)
             return jsonify({
                 "code": 401,
                 "message": "未提供认证信息",
@@ -661,12 +837,19 @@ class AuthMiddleware:
         # 验证 token
         try:
             user_info = self.client.get_user_info(token)
+            # 初始化统计收集器（第一次有token时）
+            if self.enable_stats and self.stats_collector is None:
+                self._init_stats_collector(token)
             # 将用户信息存储到 flask.g
             g.user_info = user_info
+            # 设置上下文
+            set_current_user(dataclasses.asdict(user_info))
             if user_info_callback:
                 user_info_callback(request, user_info)
         except AigcAuthError as e:
             logger.error(f"AuthMiddleware认证失败: {e.message}")
+            response_time = time.time() - g.start_time
+            self._collect_stats(path, request.method, 401, response_time, e.message, g.request_params)
             return jsonify({
                 "code": e.code,
                 "message": e.message,
@@ -674,6 +857,34 @@ class AuthMiddleware:
             }), 401
 
         return None
+    
+    def flask_after_request(self, response):
+        """
+        Flask after_request 处理器（用于收集响应统计）
+
+        使用方法:
+            @app.after_request
+            def after_request(response):
+                return auth_middleware.flask_after_request(response)
+        """
+        from flask import request, g
+        
+        # 清除上下文
+        clear_current_user()
+        
+        if hasattr(g, 'start_time'):
+            response_time = time.time() - g.start_time
+            request_params = getattr(g, 'request_params', None)
+            self._collect_stats(
+                request.path,
+                request.method,
+                response.status_code,
+                response_time,
+                None,
+                request_params
+            )
+        
+        return response
 
     def get_current_user_fastapi(self, request) -> Optional[UserInfo]:
         """

huace_aigc_auth_client/user_context.py

@@ -0,0 +1,189 @@
+"""
+用户上下文管理模块
+使用 threading.local() 和 contextvars.ContextVar 统一管理用户信息
+兼容同步和异步场景
+"""
+import threading
+from contextvars import ContextVar
+from typing import Optional, Dict, Any
+
+
+# 使用 threading.local() 存储同步上下文的用户信息（兼容多线程）
+_local = threading.local()
+
+# 使用 contextvars.ContextVar 存储异步上下文的用户信息（兼容异步任务）
+_async_user_info: ContextVar[Optional[Dict[str, Any]]] = ContextVar('user_info', default=None)
+
+
+def set_current_user(user_info: Dict[str, Any]):
+    """
+    设置当前上下文的用户信息（同时支持同步和异步）
+    
+    Args:
+        user_info: 用户信息字典，包含以下字段：
+            - user_id: 用户ID
+            - username: 用户名
+            - app_id: 应用ID
+            - app_code: 应用代码
+            - token: 访问令牌（可选）
+            - roles: 角色列表（可选）
+            - permissions: 权限列表（可选）
+            - is_admin: 是否管理员（可选）
+    """
+    # 同时设置两个上下文，确保兼容性
+    _local.user_info = user_info
+    _async_user_info.set(user_info)
+
+
+def get_current_user() -> Optional[Dict[str, Any]]:
+    """
+    获取当前上下文的用户信息（同时支持同步和异步）
+    
+    Returns:
+        用户信息字典，如果未设置则返回 None
+    """
+    # 优先从 async context 获取（异步场景）
+    async_info = _async_user_info.get(None)
+    if async_info is not None:
+        return async_info
+    
+    # 从 threading.local 获取（同步场景）
+    return getattr(_local, 'user_info', None)
+
+
+def get_current_user_id() -> Optional[int]:
+    """获取当前用户ID"""
+    user_info = get_current_user()
+    return user_info.get('user_id') if user_info else None
+
+
+def get_current_username() -> Optional[str]:
+    """获取当前用户名"""
+    user_info = get_current_user()
+    return user_info.get('username') if user_info else None
+
+
+def get_current_app_id() -> Optional[int]:
+    """获取当前应用ID"""
+    user_info = get_current_user()
+    return user_info.get('app_id') if user_info else None
+
+
+def get_current_app_code() -> Optional[str]:
+    """获取当前应用代码"""
+    user_info = get_current_user()
+    return user_info.get('app_code') if user_info else None
+
+
+def is_current_user_admin() -> bool:
+    """判断当前用户是否为管理员"""
+    user_info = get_current_user()
+    return user_info.get('is_admin', False) if user_info else False
+
+
+def clear_current_user():
+    """清理当前上下文的用户信息"""
+    if hasattr(_local, 'user_info'):
+        delattr(_local, 'user_info')
+    # ContextVar 不需要手动清理，会自动管理
+
+
+# ============ 请求上下文管理（可选的额外信息） ============
+
+_async_request_context: ContextVar[Optional[Dict[str, Any]]] = ContextVar('request_context', default=None)
+
+
+def set_request_context(**kwargs):
+    """
+    设置请求上下文信息
+    
+    可以存储以下信息：
+        - ip_address: 客户端IP
+        - user_agent: User Agent
+        - request_id: 请求ID
+        - trace_id: 追踪ID
+    """
+    # 同时设置两个上下文
+    _local.request_context = kwargs
+    _async_request_context.set(kwargs)
+
+
+def get_request_context() -> Optional[Dict[str, Any]]:
+    """获取请求上下文信息"""
+    # 优先从 async context 获取
+    async_ctx = _async_request_context.get(None)
+    if async_ctx is not None:
+        return async_ctx
+    
+    return getattr(_local, 'request_context', None)
+
+
+def get_client_ip() -> Optional[str]:
+    """获取客户端IP"""
+    ctx = get_request_context()
+    return ctx.get('ip_address') if ctx else None
+
+
+def clear_request_context():
+    """清理请求上下文"""
+    if hasattr(_local, 'request_context'):
+        delattr(_local, 'request_context')
+
+
+# ============ 使用示例 ============
+"""
+使用示例：
+
+1. 在 FastAPI 中间件中设置用户信息：
+    
+    from app.utils.user_context import set_current_user, clear_current_user
+    
+    @app.middleware("http")
+    async def auth_middleware(request: Request, call_next):
+        # 验证 token 并获取用户信息
+        user_info = await verify_token_and_get_user(request)
+        if user_info:
+            set_current_user({
+                'user_id': user_info.id,
+                'username': user_info.username,
+                'app_id': user_info.app_id,
+                'app_code': user_info.app.code,
+                'is_admin': user_info.is_admin
+            })
+        
+        try:
+            response = await call_next(request)
+            return response
+        finally:
+            clear_current_user()
+
+
+2. 在业务代码中使用：
+    
+    from app.utils.user_context import get_current_user_id, get_current_username
+    
+    async def some_business_logic():
+        user_id = get_current_user_id()
+        username = get_current_username()
+        
+        if user_id:
+            logger.info(f"用户 {username}({user_id}) 执行了操作")
+
+
+3. 在装饰器中使用：
+    
+    from functools import wraps
+    from app.utils.user_context import is_current_user_admin
+    
+    def require_admin(func):
+        @wraps(func)
+        async def wrapper(*args, **kwargs):
+            if not is_current_user_admin():
+                raise HTTPException(status_code=403, detail="需要管理员权限")
+            return await func(*args, **kwargs)
+        return wrapper
+    
+    @require_admin
+    async def admin_only_endpoint():
+        pass
+"""

{huace_aigc_auth_client-1.1.13.dist-info → huace_aigc_auth_client-1.1.20.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: huace-aigc-auth-client
-Version: 1.1.13
+Version: 1.1.20
 Summary: 华策AIGC Auth Client - 提供 Token 验证、用户信息获取、权限检查、旧系统接入等功能
 Author-email: Huace <support@huace.com>
 License: MIT
@@ -44,8 +44,8 @@ pip install huace-aigc-auth-client
 # 必填：应用 ID 和密钥（在鉴权中心创建应用后获取）
 AIGC_AUTH_APP_ID=your_app_id
 AIGC_AUTH_APP_SECRET=your_app_secret
-# 鉴权服务地址（默认为生产环境）- 测试环境鉴权地址：http://auth.aigc-test.huacemedia.com/aigc-auth/api/v1
-AIGC_AUTH_BASE_URL=https://aigc-auth.huacemedia.com/aigc-auth/api/v1
+# 鉴权服务地址（默认为生产环境）
+AIGC_AUTH_BASE_URL=your-auth-api-url-prefix
 ```
 
 如需通过 Nginx 代理：
@@ -74,7 +74,7 @@ client = AigcAuthClient()
 client = AigcAuthClient(
     app_id="your_app_id",
     app_secret="your_app_secret",
-    base_url="https://aigc-auth.huacemedia.com/aigc-auth/api/v1"
+    base_url="your-auth-api-url-prefix"
 )
 ```
 
@@ -272,6 +272,31 @@ def admin_only():
     return jsonify({"message": "欢迎管理员"})
 ```
 
+## 上下文管理
+
+SDK 提供了上下文管理功能，可以在任意位置（Service、Utility 等）获取当前请求的用户信息，无需层层传递参数。
+支持 Flask 和 FastAPI，兼容同步和异步环境。
+
+注意：使用此功能前必须先注册 `AuthMiddleware`。
+
+```python
+from huace_aigc_auth_client import get_current_user
+
+def do_something_logic():
+    # 获取当前用户信息（返回字典，非 UserInfo 对象）
+    user = get_current_user()
+    
+    if user:
+        print(f"当前操作用户ID: {user['id']}")
+        print(f"当前操作用户名: {user['username']}")
+        
+        # 也可以获取 app_id 等信息（如果未过滤）
+        if 'app_id' in user:
+            print(f"应用ID: {user['app_id']}")
+    else:
+        print("无用户上下文")
+```
+
 ## API 参考
 
 ### UserInfo 对象
@@ -352,7 +377,7 @@ except AigcAuthError as e:
 # .env 文件
 AIGC_AUTH_APP_ID=your_app_id
 AIGC_AUTH_APP_SECRET=your_app_secret
-AIGC_AUTH_BASE_URL=https://aigc-auth.huacemedia.com/aigc-auth/api/v1
+AIGC_AUTH_BASE_URL=your-auth-api-url-prefix
 
 # 同步配置
 AIGC_AUTH_SYNC_ENABLED=true

huace_aigc_auth_client-1.1.20.dist-info/RECORD

@@ -0,0 +1,12 @@
+huace_aigc_auth_client/__init__.py,sha256=e-Y0M75DKW4t-hhipxgH_UDhoVSdH1uKFmJKyacyRJo,4630
+huace_aigc_auth_client/api_stats_collector.py,sha256=VL_z-3WUWhEkAKDhGnKX0H-nNUn3x2IO_1FASsFA-Ss,8511
+huace_aigc_auth_client/legacy_adapter.py,sha256=TVCBAKejE2z2HQFsEwDW8LMiaIkXNfz3Mxv6_E-UJFY,24102
+huace_aigc_auth_client/sdk.py,sha256=0E0EmfLVxpOI5rOiVdAGcFzajdNZnDgjwrmOX7aYzGc,31303
+huace_aigc_auth_client/user_context.py,sha256=KzevYLsLv1hv8rlvRw83FT-HugeoBJSJ1Pi56iLWyTE,5592
+huace_aigc_auth_client/webhook.py,sha256=XQZYEbMoqIdqZWCGSTcedeDKJpDbUVSq5g08g-6Qucg,4124
+huace_aigc_auth_client/webhook_flask.py,sha256=Iosu4dBtRhQZM_ytn-bn82MpVsyOiV28FBnt7Tfh31U,7225
+huace_aigc_auth_client-1.1.20.dist-info/licenses/LICENSE,sha256=z7dgC7KljhBLNvKjN15391nMj3aLt0gbud8-Yf1F8EQ,1063
+huace_aigc_auth_client-1.1.20.dist-info/METADATA,sha256=NkVUBXJLpANzcTh_VpBm2Lm1UquzxgjCK_2l-Xj6Kfo,23629
+huace_aigc_auth_client-1.1.20.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+huace_aigc_auth_client-1.1.20.dist-info/top_level.txt,sha256=kbv0nQ6PQ0JVneWPH7O2AbtlJnP7AjvFJ6JjM6ZEBxo,23
+huace_aigc_auth_client-1.1.20.dist-info/RECORD,,

{huace_aigc_auth_client-1.1.13.dist-info → huace_aigc_auth_client-1.1.20.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (80.9.0)
+Generator: setuptools (80.10.2)
 Root-Is-Purelib: true
 Tag: py3-none-any
 

huace_aigc_auth_client-1.1.13.dist-info/RECORD

@@ -1,10 +0,0 @@
-huace_aigc_auth_client/__init__.py,sha256=Pjau66hZz0MeL7WWf-G4nGWkjw-4UazjSy2f8n5jdGM,4540
-huace_aigc_auth_client/legacy_adapter.py,sha256=t-1QekRecn0B_gQ5r-ksX0hhuqUTBB2lvIUiNT4SowI,23781
-huace_aigc_auth_client/sdk.py,sha256=ypClZfQm4Ux4db8XDP51I5Cuk1Uc9F2VPgECpXXphkQ,23272
-huace_aigc_auth_client/webhook.py,sha256=XQZYEbMoqIdqZWCGSTcedeDKJpDbUVSq5g08g-6Qucg,4124
-huace_aigc_auth_client/webhook_flask.py,sha256=Iosu4dBtRhQZM_ytn-bn82MpVsyOiV28FBnt7Tfh31U,7225
-huace_aigc_auth_client-1.1.13.dist-info/licenses/LICENSE,sha256=z7dgC7KljhBLNvKjN15391nMj3aLt0gbud8-Yf1F8EQ,1063
-huace_aigc_auth_client-1.1.13.dist-info/METADATA,sha256=XspgJA5ZklRRqN7zRy37eXffkcWINrLMT31mmVtEzmo,22971
-huace_aigc_auth_client-1.1.13.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-huace_aigc_auth_client-1.1.13.dist-info/top_level.txt,sha256=kbv0nQ6PQ0JVneWPH7O2AbtlJnP7AjvFJ6JjM6ZEBxo,23
-huace_aigc_auth_client-1.1.13.dist-info/RECORD,,