rainycode 1.0.0__tar.gz → 1.0.1__tar.gz

{rainycode-1.0.0 → rainycode-1.0.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rainycode
-Version: 1.0.0
+Version: 1.0.1
 Summary: FastAPI base modules
 Requires-Python: >=3.8
 Requires-Dist: build==1.4.0
@@ -10,6 +10,7 @@ Requires-Dist: passlib==1.7.4
 Requires-Dist: redis==7.2.1
 Requires-Dist: pyjwt==2.11.0
 Requires-Dist: pillow==12.1.1
+Requires-Dist: pycryptodome==3.23.0
 Requires-Dist: uvicorn[standard]==0.41.0
 Requires-Dist: tortoise-orm[asyncmy]==1.1.5
 Requires-Dist: pydantic-settings==2.13.1

{rainycode-1.0.0/common → rainycode-1.0.1/common_base}/exception.py

@@ -1,6 +1,6 @@
-from common.logging import logger
+from common_base.logging import logger
 from typing import cast
-from common.response import ErrorReturn
+from common_base.response import ErrorReturn
 from fastapi import HTTPException, Request, status
 from fastapi.exceptions import RequestValidationError, ResponseValidationError
 from starlette.responses import JSONResponse

{rainycode-1.0.0/common_depend → rainycode-1.0.1/common_depends}/auth_depend.py

@@ -1,9 +1,9 @@
 import json
 from fastapi import Depends, Request
 from fastapi.security import OAuth2PasswordBearer, SecurityScopes
-from common.consts import REDIS_PREFIX_BLOCKLIST, REDIS_PREFIX_USER_INFO
-from common.exception import CustomException
-from common_model.user_model import User
+from common_base.consts import REDIS_PREFIX_BLOCKLIST, REDIS_PREFIX_USER_INFO
+from common_base.exception import CustomException
+from common_models.user_model import User
 from common_utlis.jwt_util import JwtUtil
 from core.databases.aioredis import AioRedis
 

{rainycode-1.0.0/common_model → rainycode-1.0.1/common_models}/user_model.py

@@ -1,5 +1,5 @@
 from tortoise import fields
-from common_model.base_model import UpdateModel
+from common_models.base_model import UpdateModel
 
 
 class User(UpdateModel):

{rainycode-1.0.0/common_model → rainycode-1.0.1/common_models}/wechat_model.py

@@ -1,6 +1,6 @@
 from tortoise import fields
 from enum import Enum
-from common_model.base_model import CreateModel
+from common_models.base_model import CreateModel
 
 class AppTypeEnum(str, Enum):
     MINI_PROGRAM = "mini_program"

rainycode-1.0.1/common_servers/api/auth_api.py

@@ -0,0 +1,50 @@
+from common_model.user_model import User
+from fastapi import APIRouter, Security, Body, Depends
+from common.response import SuccessReturn
+from common_depend.auth_depend import login_require, oauth2_scheme
+from common_servers.schemas.auth_schema import *
+from common_servers.service.auth_svc import AuthService
+
+router = APIRouter(prefix="/auth")
+
+@router.post("/register", summary="用户注册")
+async def register(user_in: UserRegister):
+    user = await AuthService.register(user_in)
+    return SuccessReturn(
+        data={"id": str(user.id), "username": user.username}, msg="注册成功"
+    )
+
+
+@router.post("/login", response_model=TokenResponse, summary="用户密码登录")
+async def login(user_in: UserLogin):
+    token_data = await AuthService.login(user_in)
+    return SuccessReturn(data=token_data, msg="登录成功")
+
+
+@router.post("/refresh", response_model=TokenResponse, summary="刷新令牌")
+async def refresh_token(refresh_token: str = Body(..., embed=True)):
+    token_data = await AuthService.refresh_token(refresh_token)
+    return SuccessReturn(data=token_data, msg="刷新成功")
+
+
+@router.post("/logout", summary="登出")
+async def logout(
+    token: str = Depends(oauth2_scheme),
+    refresh_token: str = Body(..., embed=True),
+    _: User = Security(login_require),
+):
+    await AuthService.logout(token, refresh_token)
+    return SuccessReturn(msg="登出成功")
+
+
+@router.get("/me", response_model=UserInfo, summary="获取当前用户信息")
+async def get_me(user: User = Security(login_require)):
+    return SuccessReturn(data=user)
+
+
+@router.post(
+    "/login/wechat", response_model=TokenResponse, summary="微信登录(小程序/公众号)"
+)
+async def login_wechat(wechat_in: WechatLogin):
+    token_data = await AuthService.login_wechat(wechat_in)
+    return SuccessReturn(data=token_data, msg="登录成功")

rainycode-1.0.1/common_servers/api/wechat_api.py

@@ -0,0 +1,48 @@
+from fastapi import APIRouter, Request, Query, Response
+from common_servers.service.wechat_svc import WechatService
+
+router = APIRouter(prefix="/wechat")
+
+
+@router.get("/callback/{app_pk}", summary="微信回调验证")
+async def verify_callback(
+    app_pk: int,
+    signature: str = Query(..., description="微信加密签名"),
+    timestamp: str = Query(..., description="时间戳"),
+    nonce: str = Query(..., description="随机数"),
+    echostr: str = Query(..., description="随机字符串"),
+):
+    """
+    微信服务器配置验证接口
+    """
+    is_valid = await WechatService.verify_signature(app_pk, signature, timestamp, nonce)
+    if is_valid:
+        # 必须直接返回 echostr 字符串，不能包含 json 格式
+        return Response(content=echostr, media_type="text/plain")
+    return Response(content="fail", media_type="text/plain")
+
+
+@router.post("/callback/{app_pk}", summary="微信消息回调")
+async def handle_callback(
+    app_pk: int,
+    request: Request,
+    signature: str = Query(..., description="微信加密签名"),
+    timestamp: str = Query(..., description="时间戳"),
+    nonce: str = Query(..., description="随机数"),
+    openid: str = Query(None, description="用户OpenID"),
+    encrypt_type: str = Query(None, description="加密类型"),
+    msg_signature: str = Query(None, description="消息体签名"),
+):
+    """
+    接收微信推送的消息和事件
+    """
+    # 获取原始 XML 数据
+    body = await request.body()
+    xml_data = body.decode("utf-8")
+
+    # 目前仅实现了明文模式，加密模式需要结合 msg_secret 解密
+    # 如果 encrypt_type == "aes"，需要解密 (暂未实现，TODO)
+    result = await WechatService.handle_message(
+        app_pk, xml_data, signature, timestamp, nonce
+    )
+    return Response(content=result, media_type="application/xml")

rainycode-1.0.1/common_servers/router.py

@@ -0,0 +1,9 @@
+from fastapi import APIRouter
+from common_servers.api.auth_api import router as auth_router
+from common_servers.api.wechat_api import router as wechat_router
+
+
+base_router = APIRouter()
+
+base_router.include_router(auth_router, tags=["认证模块"])
+base_router.include_router(wechat_router, tags=["微信回调"])

rainycode-1.0.1/common_servers/schemas/auth_schema.py

@@ -0,0 +1,43 @@
+from pydantic import BaseModel, Field, EmailStr
+
+class UserLogin(BaseModel):
+    """用户登录模型"""
+    username: str = Field(..., description="用户名")
+    password: str = Field(..., description="密码")
+
+class UserRegister(BaseModel):
+    """用户注册模型"""
+    username: str = Field(..., description="用户名")
+    password: str = Field(..., min_length=6, description="密码")
+    email: str | None = Field(None, description="邮箱")
+    phone: str | None = Field(None, description="手机号")
+    nickname: str | None = Field(None, description="昵称")
+
+class TokenResponse(BaseModel):
+    """Token响应模型"""
+    access_token: str = Field(..., description="访问令牌")
+    refresh_token: str = Field(..., description="刷新令牌")
+    token_type: str = Field("bearer", description="令牌类型")
+    expires_in: int = Field(..., description="过期时间(秒)")
+
+class UserInfo(BaseModel):
+    """用户信息模型"""
+    id: int | str = Field(..., description="用户ID")
+    username: str = Field(..., description="用户名")
+    email: str | None = Field(None, description="邮箱")
+    phone: str | None = Field(None, description="手机号")
+    nickname: str | None = Field(None, description="昵称")
+    avatar: str | None = Field(None, description="头像")
+    is_active: bool = Field(..., description="是否激活")
+    is_superuser: bool = Field(..., description="是否超级管理员")
+    create_time: str | None = Field(None, description="创建时间")
+    
+    class Config:
+        from_attributes = True
+
+class WechatLogin(BaseModel):
+    """微信登录模型"""
+    code: str = Field(..., description="微信授权Code")
+    app_id: str = Field(..., description="微信AppID (如 wx...)")
+    encrypted_data: str | None = Field(default=None, description="加密数据(小程序一键登录用)")
+    iv: str | None = Field(default=None, description="加密算法的初始向量")

rainycode-1.0.1/common_servers/service/auth_svc.py

@@ -0,0 +1,131 @@
+from datetime import datetime, timedelta
+import uuid
+from common.consts import REDIS_PREFIX_BLOCKLIST, REDIS_PREFIX_REFRESH_TOKEN
+from common.exception import CustomException
+from common_model.user_model import User
+from common_utlis.bcrypt_util import PwdUtil
+from common_utlis.jwt_util import JwtUtil
+from core.databases.aioredis import AioRedis
+from common_servers.schemas.auth_schema import UserRegister, UserLogin, WechatLogin
+from common_servers.strategies.wechat_stragegy import WechatAuthStrategy
+from common_servers.strategies.password_strategy import PasswordStrategy
+from tortoise.transactions import atomic
+from tortoise.expressions import Q
+from core.base_config import base_config
+
+class AuthService:
+    """认证服务逻辑"""
+
+    @classmethod
+    @atomic('main')
+    async def register(cls, user_in: UserRegister) -> User:
+        """
+        用户注册
+        """
+        # 合并检查用户名、邮箱、手机号是否存在
+        filters = Q(username=user_in.username)
+        if user_in.email:
+            filters = filters | Q(email=user_in.email)
+        if user_in.phone:
+            filters = filters | Q(phone=user_in.phone)
+
+        existing_user = await User.filter(filters).first()
+
+        if existing_user:
+            if existing_user.username == user_in.username:
+                raise CustomException(msg="用户名已存在",)
+            if user_in.email and existing_user.email == user_in.email:
+                raise CustomException(msg="邮箱已存在")
+            if user_in.phone and existing_user.phone == user_in.phone:
+                raise CustomException(msg="手机号已存在")
+
+        # 创建用户
+        user = await User.create(
+            username=user_in.username,
+            password=PwdUtil.set_password_hash(user_in.password),
+            email=user_in.email,
+            phone=user_in.phone,
+            nickname=user_in.nickname
+        )
+        return user
+
+    @classmethod
+    async def login(cls, user_in: UserLogin) -> dict:
+        """
+        用户密码登录
+        """
+        strategy = PasswordStrategy()
+        user = await strategy.authenticate(user_in)
+        return await cls._create_tokens(user)
+
+    @classmethod
+    async def login_wechat(cls, wechat_in: WechatLogin) -> dict:
+        """
+        微信登录
+        """
+        strategy = WechatAuthStrategy()
+        user = await strategy.authenticate(wechat_in)
+        return await cls._create_tokens(user)
+
+    @classmethod
+    async def refresh_token(cls, refresh_token: str) -> dict:
+        """
+        刷新 Token
+        """
+        user_id = await AioRedis.get(f"{REDIS_PREFIX_REFRESH_TOKEN}{refresh_token}")
+        user_id = int(user_id) if user_id else None
+        if not user_id:
+            raise CustomException(msg="无效或已过期的刷新令牌")
+
+        user = await User.get_or_none(id=user_id)
+        if not user or not user.is_active:
+            raise CustomException(msg="用户不存在或已被禁用")
+
+        # Token 轮换：删除旧的，生成新的
+        await AioRedis.delete(f"{REDIS_PREFIX_REFRESH_TOKEN}{refresh_token}")
+        return await cls._create_tokens(user)
+
+    @classmethod
+    async def logout(cls, access_token: str, refresh_token: str):
+        """
+        登出
+        1. 将 Access Token 加入黑名单
+        2. 删除 Refresh Token
+        """
+        # 1. 处理 Access Token 黑名单
+        payload = JwtUtil.decode_token(access_token)
+        if payload:
+            exp_timestamp = payload.get("exp")
+            if exp_timestamp:
+                now_timestamp = datetime.now().timestamp()
+                expire_seconds = int(exp_timestamp - now_timestamp)
+                if expire_seconds > 0:
+                    # 添加 Token 到黑名单
+                    await AioRedis.set(f"{REDIS_PREFIX_BLOCKLIST}{access_token}", "1", ex=expire_seconds)
+
+        # 2. 删除 Refresh Token
+        if refresh_token:
+            await AioRedis.delete(f"{REDIS_PREFIX_REFRESH_TOKEN}{refresh_token}")
+
+    @classmethod
+    async def _create_tokens(cls, user: User) -> dict:
+        """
+        生成双Token并缓存用户信息
+        """
+        # Access Token
+        token_data = {"sub": str(user.id), "username": user.username}
+        # 显式传递配置中的过期时间
+        expires_delta = timedelta(minutes=base_config.access_token_expire_minutes)
+        access_token = JwtUtil.create_access_token(token_data, expires_delta=expires_delta)
+
+        # Refresh Token
+        refresh_token = str(uuid.uuid4())
+        expire_seconds = base_config.refresh_token_expire_days * 24 * 60 * 60
+        await AioRedis.set(f"{REDIS_PREFIX_REFRESH_TOKEN}{refresh_token}", str(user.id), ex=expire_seconds)
+
+        return {
+            "access_token": access_token,
+            "refresh_token": refresh_token,
+            "token_type": "bearer",
+            "expires_in": base_config.access_token_expire_minutes * 60,
+        }

rainycode-1.0.1/common_servers/service/wechat_svc.py

@@ -0,0 +1,78 @@
+import time
+import hashlib
+import xml.etree.ElementTree as ET
+from common.exception import CustomException
+from common.logging import logger
+from common_model.wechat_model import WechatApp
+
+
+class WechatService:
+    @staticmethod
+    async def verify_signature(app_pk: int, signature: str, timestamp: str, nonce: str) -> bool:
+        """
+        验证微信签名
+        """
+        app = await WechatApp.get_or_none(id=app_pk)
+        if not app:
+            raise CustomException(msg="微信应用不存在")
+
+        token = app.token
+        if not token:
+            logger.error(f"App {app_pk} 未配置Callback Token")
+            # 如果未配置Token，无法验证，视为失败
+            return False
+
+        try:
+            tmp_list = [token, timestamp, nonce]
+            tmp_list.sort()
+            tmp_str = "".join(tmp_list)
+            hash_str = hashlib.sha1(tmp_str.encode("utf-8")).hexdigest()
+            return hash_str == signature
+        except Exception as e:
+            logger.error(f"签名验证异常: {e}")
+            return False
+
+    @staticmethod
+    async def handle_message(app_pk: int, xml_data: str, signature: str, timestamp: str, nonce: str) -> str:
+        """
+        处理微信回调消息
+        """
+        # 再次验证签名确保安全
+        if not await WechatService.verify_signature(app_pk, signature, timestamp, nonce):
+            logger.warning(f"消息验证签名失败：{app_pk}，签名={signature}，时间戳={timestamp}，随机数={nonce}")
+            return "fail"
+
+        try:
+            root = ET.fromstring(xml_data)
+            msg_type = root.findtext("MsgType")
+            to_user = root.findtext("ToUserName")
+            from_user = root.findtext("FromUserName")
+            if from_user is None or to_user is None:
+                logger.error(f"消息格式错误：缺少FromUserName或ToUserName")
+                return "fail"
+
+            # 简单的事件分发
+            if msg_type == "event":
+                event = root.findtext("Event")
+                if event == "subscribe":
+                    # 可以在此处添加用户关注后的业务逻辑，如保存用户，发放优惠券等
+                    logger.info(f"用户 {from_user} 关注了应用 {app_pk}")
+                    return WechatService._reply_text(from_user, to_user, "欢迎关注！")
+                elif event == "unsubscribe":
+                    logger.info(f"用户 {from_user} 取消关注应用 {app_pk}")
+
+            return "success"
+        except Exception as e:
+            logger.error(f"处理微信消息异常: {e}")
+            return "fail"
+
+    @staticmethod
+    def _reply_text(to_user: str, from_user: str, content: str) -> str:
+        create_time = int(time.time())
+        return f"""<xml>
+        <ToUserName><![CDATA[{to_user}]]></ToUserName>
+        <FromUserName><![CDATA[{from_user}]]></FromUserName>
+        <CreateTime>{create_time}</CreateTime>
+        <MsgType><![CDATA[text]]></MsgType>
+        <Content><![CDATA[{content}]]></Content>
+        </xml>"""

rainycode-1.0.1/common_servers/strategies/base_strategy.py

@@ -0,0 +1,9 @@
+from abc import ABC, abstractmethod
+from typing import Any
+from common_model.user_model import User
+
+class IAuthStrategy(ABC):
+    @abstractmethod
+    async def authenticate(self, data: Any) -> User:
+        """认证方法，成功返回 User，失败抛出异常"""
+        pass

rainycode-1.0.1/common_servers/strategies/password_strategy.py

@@ -0,0 +1,34 @@
+from datetime import datetime
+
+from common.consts import REDIS_PREFIX_USER_INFO
+from core.databases.aioredis import AioRedis
+from common_model.user_model import User
+from common_utlis.bcrypt_util import PwdUtil
+from common.exception import CustomException
+from common_servers.schemas.auth_schema import UserLogin
+from common_servers.strategies.base_strategy import IAuthStrategy
+
+
+class PasswordStrategy(IAuthStrategy):
+    """
+    用户名密码登录策略
+    """
+    async def authenticate(self, data: UserLogin) -> User:
+        user = await User.get_or_none(username=data.username)
+        if not user:
+            # 统一错误提示，防止用户名枚举
+            raise CustomException(msg="用户名或密码错误")
+
+        if not PwdUtil.verify_password(data.password, user.password):
+            raise CustomException(msg="用户名或密码错误")
+
+        if not user.is_active:
+            raise CustomException(msg="用户已被禁用")
+
+        # 更新最后登录时间
+        user.last_login = datetime.now()
+        await user.save(update_fields=['last_login'])
+
+        # 清除缓存，确保下次获取的是最新信息
+        await AioRedis.delete(f"{REDIS_PREFIX_USER_INFO}{user.id}")
+        return user

rainycode-1.0.1/common_servers/strategies/wechat_stragegy.py

@@ -0,0 +1,141 @@
+import random
+from common_model.user_model import User
+from common_model.wechat_model import WechatApp, WechatUser, AppTypeEnum
+from common_servers.schemas.auth_schema import WechatLogin
+from common_utlis.wechat_util import WechatUtil
+from common.exception import CustomException
+from common_servers.strategies.base_strategy import IAuthStrategy
+
+
+from tortoise.transactions import atomic
+
+class WechatAuthStrategy(IAuthStrategy):
+    """
+    微信登录策略 (支持小程序和公众号)
+    """
+    async def authenticate(self, data: WechatLogin) -> User:
+        # 1. 获取应用配置
+        app_config = await WechatApp.get_or_none(app_id=data.app_id)
+        if not app_config:
+            raise CustomException(msg="无效的微信应用配置")
+            
+        openid = None
+        unionid = None
+        session_key = None
+        
+        # 2. 根据类型执行不同流程
+        if app_config.app_type == AppTypeEnum.MINI_PROGRAM:
+            # 小程序流程
+            if data.encrypted_data and data.iv:
+                # 一键登录流程 (解密手机号)
+                # 前端必须传 code 来换取 session_key (或者确保 redis 中有)
+                # 这里强制要求传 code，保证 session_key 是最新的
+                wx_res = await WechatUtil.code2session(app_config.app_id, app_config.app_secret, data.code)
+                session_key = wx_res.get("session_key")
+                openid = wx_res.get("openid")
+                unionid = wx_res.get("unionid")
+                
+                if not session_key or not openid:
+                    raise CustomException(msg="微信登录异常: 缺少必要信息")
+
+                # 解密手机号
+                phone_info = WechatUtil.decrypt_data(session_key, data.encrypted_data, data.iv, app_config.app_id)
+                phone_number = phone_info.get("phoneNumber")
+                
+                # 自动注册/绑定逻辑
+                return await self._handle_bind_or_register(openid, unionid, app_config, phone=phone_number, session_key=session_key)
+                
+            else:
+                # 静默登录流程
+                wx_res = await WechatUtil.code2session(app_config.app_id, app_config.app_secret, data.code)
+                openid = wx_res.get("openid")
+                unionid = wx_res.get("unionid")
+                session_key = wx_res.get("session_key")
+
+                if not openid or not session_key:
+                    raise CustomException(msg="微信登录异常: 缺少必要信息")
+                
+                # 自动注册或登录 (不再强制要求手机号)
+                return await self._handle_bind_or_register(openid, unionid, app_config, session_key=session_key)
+
+        elif app_config.app_type == AppTypeEnum.OFFICIAL_ACCOUNT:
+            # 公众号流程
+            # 假设 code 是 oauth code
+            wx_res = await WechatUtil.get_oauth_access_token(app_config.app_id, app_config.app_secret, data.code)
+            openid = wx_res.get("openid")
+            unionid = wx_res.get("unionid")
+            access_token = wx_res.get("access_token")
+
+            if not openid or not access_token:
+                raise CustomException(msg="微信授权异常: 缺少必要信息")
+            
+            # 检查是否已绑定
+            wechat_user = await WechatUser.get_or_none(openid=openid, wechat_app=app_config).select_related("user")
+            if wechat_user:
+                return wechat_user.user
+            
+            # 未绑定，获取用户信息并自动注册/绑定
+            # 如果是 snsapi_base，可能没有 access_token (获取不到 userinfo)，这里假设 snsapi_userinfo
+            # 如果 scope 是 snsapi_base，这里只能拿到 openid。
+            # 策略：如果是 snsapi_base 且未绑定，返回 428，前端再次请求(scope=snsapi_userinfo)
+            scope = wx_res.get("scope", "")
+            if "snsapi_userinfo" not in scope and not wechat_user:
+                raise CustomException(msg="需授权获取信息", data={"openid": openid})
+            
+            user_info = await WechatUtil.get_user_info(access_token, openid)
+            return await self._handle_bind_or_register(openid, unionid, app_config, nickname=user_info.get("nickname"), avatar=user_info.get("headimgurl"))
+            
+        else:
+            raise CustomException(msg="不支持的应用类型")
+
+    @atomic('main')
+    async def _handle_bind_or_register(self, openid, unionid, app_config, phone=None, session_key=None, nickname=None, avatar=None) -> User:
+        # 1. 检查是否已有 WechatUser
+        wechat_user = await WechatUser.get_or_none(openid=openid, wechat_app=app_config).select_related("user")
+        if wechat_user:
+            # 已存在关联，更新信息
+            if session_key: wechat_user.session_key = session_key
+            if nickname: wechat_user.nickname = nickname
+            if avatar: wechat_user.avatar = avatar
+            await wechat_user.save()
+            return wechat_user.user
+        
+        # 2. 检查 User 是否存在 (通过 phone 或 unionid)
+        user = None
+        if phone:
+            user = await User.get_or_none(phone=phone)
+        
+        # 如果有 UnionID，检查其他应用下的 WechatUser 是否关联了 User
+        if not user and unionid:
+            other_wechat_user = await WechatUser.filter(unionid=unionid).exclude(wechat_app=app_config).first().select_related("user")
+            if other_wechat_user:
+                user = other_wechat_user.user
+        
+        # 3. 创建 User
+        if not user:
+            # 创建新用户
+            username = phone if phone else f"wx_{openid[:8]}"
+            # 避免用户名冲突
+            while await User.exists(username=username):
+                username = f"{username}_{random.randint(1000,9999)}"
+                
+            user = await User.create(
+                username=username,
+                password="", # 无密码
+                phone=phone,
+                nickname=nickname or f"用户{username[-4:]}",
+                avatar=avatar
+            )
+            
+        # 4. 创建 WechatUser 关联
+        await WechatUser.create(
+            user=user,
+            wechat_app=app_config,
+            openid=openid,
+            unionid=unionid,
+            session_key=session_key,
+            nickname=nickname,
+            avatar=avatar
+        )
+        
+        return user

{rainycode-1.0.0 → rainycode-1.0.1}/common_utlis/ip_util.py

@@ -1,6 +1,5 @@
 import re
-
-from common import aiorequests
+from common_base import aiorequests
 
 
 class IpUtil:

rainycode-1.0.1/common_utlis/wechat_util.py

@@ -0,0 +1,95 @@
+from common import aiorequests
+from common.exception import CustomException
+from common.logging import logger
+from Crypto.Cipher import AES
+import base64
+import json
+
+class WechatUtil:
+
+    @classmethod
+    async def code2session(cls, appid: str, secret: str, code: str) -> dict:
+        """
+        小程序登录凭证校验
+        https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/login/auth.code2Session.html
+        """
+        url = "https://api.weixin.qq.com/sns/jscode2session"
+        params = {
+            "appid": appid,
+            "secret": secret,
+            "js_code": code,
+            "grant_type": "authorization_code"
+        }
+        try:
+            data = await aiorequests.get(url, params=params)
+            if "errcode" in data and data["errcode"] != 0:
+                logger.error(f"Wechat code2session error: {data}")
+                raise CustomException(msg=f"微信登录失败: {data.get('errmsg')}")
+            return data
+        except Exception as e:
+            if isinstance(e, CustomException):
+                raise e
+            logger.error(f"Wechat API request error: {e}")
+            raise CustomException(msg="微信服务暂时不可用")
+
+    @classmethod
+    async def get_oauth_access_token(cls, appid: str, secret: str, code: str) -> dict:
+        """
+        公众号通过code获取access_token
+        """
+        url = "https://api.weixin.qq.com/sns/oauth2/access_token"
+        params = {
+            "appid": appid,
+            "secret": secret,
+            "code": code,
+            "grant_type": "authorization_code"
+        }
+        data = await aiorequests.get(url, params=params)
+        if "errcode" in data and data["errcode"] != 0:
+            raise CustomException(msg=f"微信授权失败: {data.get('errmsg')}")
+        return data
+
+    @classmethod
+    async def get_user_info(cls, access_token: str, openid: str) -> dict:
+        """
+        公众号获取用户信息
+        """
+        url = "https://api.weixin.qq.com/sns/userinfo"
+        params = {
+            "access_token": access_token,
+            "openid": openid,
+            "lang": "zh_CN"
+        }
+        data = await aiorequests.get(url, params=params)
+        if "errcode" in data and data["errcode"] != 0:
+            raise CustomException(msg=f"获取微信用户信息失败: {data.get('errmsg')}")
+        return data
+
+    @classmethod
+    def decrypt_data(
+        cls, session_key: str, encrypted_data: str, iv: str, appid: str
+    ) -> dict:
+        """
+        小程序解密用户信息/手机号
+        """
+        try:
+            session_key_b = base64.b64decode(session_key)
+            encrypted_data_b = base64.b64decode(encrypted_data)
+            iv_b = base64.b64decode(iv)
+
+            cipher = AES.new(session_key_b, AES.MODE_CBC, iv_b)
+            decrypted = cipher.decrypt(encrypted_data_b)
+
+            # 去除PKCS#7填充
+            unpad = lambda s: s[:-ord(s[len(s)-1:])]
+            decrypted_json = unpad(decrypted)
+
+            data = json.loads(decrypted_json)
+
+            if data['watermark']['appid'] != appid:
+                raise CustomException(msg="Invalid Buffer")
+
+            return data
+        except Exception as e:
+            logger.error(f"Decrypt wechat data failed: {e}")
+            raise CustomException(msg="微信数据解密失败")

{rainycode-1.0.0 → rainycode-1.0.1}/core/base_config.py

@@ -6,6 +6,7 @@ class BaseConfig(BaseSettings):
     app_title: str = ''
     app_name: str = ''
 
+    # 数据库
     redis_url: str = ''
     mysql_url: str = ''
 
@@ -18,6 +19,11 @@ class BaseConfig(BaseSettings):
     # jwt密钥
     jwt_secret_key: str = "bgb0tnl9d58+6n-6h-ea&u^1#s0ccp!794=krylacjq75vzps$"
 
+    # Access Token 有效期
+    access_token_expire_minutes: int = 30
+    # Refresh Token 有效期
+    refresh_token_expire_days: int = 30
+
     model_config = SettingsConfigDict(
         env_file=('envs/dev.env', 'envs/pro.env'),
         env_file_encoding="utf-8",

{rainycode-1.0.0 → rainycode-1.0.1}/core/databases/aiodb.py

@@ -7,11 +7,11 @@ from tortoise.models import Model
 from tortoise.contrib.fastapi import RegisterTortoise
 from tortoise.queryset import QuerySetSingle, QuerySet
 from contextlib import asynccontextmanager
-
 from core.base_config import base_config
 
 db_models = [
     'aerich.models',
+    'common_models',
     'models'
 ]
 

{rainycode-1.0.0 → rainycode-1.0.1}/core/databases/aioredis.py

@@ -5,7 +5,7 @@ from typing import Optional, Union, Callable, Mapping
 from redis.asyncio import Redis
 from redis import asyncio as aioredis
 from redis.typing import KeyT, EncodableT, ExpiryT, ZScoreBoundT, AnyKeyT
-from common.logging import log_exc
+from common_base.logging import log_exc
 from core.base_config import base_config
 
 

{rainycode-1.0.0 → rainycode-1.0.1}/core/middleware/http_middleware.py

@@ -3,7 +3,7 @@ from fastapi import Request
 from starlette.middleware.base import BaseHTTPMiddleware, RequestResponseEndpoint
 from starlette.types import ASGIApp
 from starlette.responses import Response
-from common.logging import logger
+from common_base.logging import logger
 
 class RequestHttpMiddleware(BaseHTTPMiddleware):
     def __init__(self, app: ASGIApp) -> None:

{rainycode-1.0.0 → rainycode-1.0.1}/core/start.py

@@ -5,8 +5,8 @@ from fastapi import FastAPI, HTTPException
 from fastapi.exceptions import RequestValidationError, ResponseValidationError
 from starlette.middleware.cors import CORSMiddleware
 from starlette.staticfiles import StaticFiles
-from common.exception import AllExceptionHandler, CustomException, CustomExceptionHandler, HttpExceptionHandler, RequestValidationHandle, ResponseValidationHandle, ValueExceptionHandler
-from common.logging import logger
+from common_base.exception import AllExceptionHandler, CustomException, CustomExceptionHandler, HttpExceptionHandler, RequestValidationHandle, ResponseValidationHandle, ValueExceptionHandler
+from common_base.logging import logger
 from core.base_config import BaseConfig, base_config
 from core.databases.aiodb import AioDb
 from core.middleware.http_middleware import RequestHttpMiddleware

{rainycode-1.0.0 → rainycode-1.0.1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "rainycode"
-version = "1.0.0"
+version = "1.0.1"
 description = "FastAPI base modules"
 requires-python = ">=3.8"
 
@@ -16,6 +16,7 @@ dependencies = [
     "redis == 7.2.1",
     "pyjwt == 2.11.0",
     "pillow == 12.1.1",
+    "pycryptodome == 3.23.0",
     "uvicorn[standard] == 0.41.0",
     "tortoise-orm[asyncmy] == 1.1.5",
     "pydantic-settings == 2.13.1",

{rainycode-1.0.0 → rainycode-1.0.1}/rainycode.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rainycode
-Version: 1.0.0
+Version: 1.0.1
 Summary: FastAPI base modules
 Requires-Python: >=3.8
 Requires-Dist: build==1.4.0
@@ -10,6 +10,7 @@ Requires-Dist: passlib==1.7.4
 Requires-Dist: redis==7.2.1
 Requires-Dist: pyjwt==2.11.0
 Requires-Dist: pillow==12.1.1
+Requires-Dist: pycryptodome==3.23.0
 Requires-Dist: uvicorn[standard]==0.41.0
 Requires-Dist: tortoise-orm[asyncmy]==1.1.5
 Requires-Dist: pydantic-settings==2.13.1

rainycode-1.0.1/rainycode.egg-info/SOURCES.txt

@@ -0,0 +1,36 @@
+pyproject.toml
+common_base/aiorequests.py
+common_base/consts.py
+common_base/exception.py
+common_base/logging.py
+common_base/response.py
+common_depends/auth_depend.py
+common_models/base_model.py
+common_models/user_model.py
+common_models/wechat_model.py
+common_servers/router.py
+common_servers/api/auth_api.py
+common_servers/api/wechat_api.py
+common_servers/schemas/__init__.py
+common_servers/schemas/auth_schema.py
+common_servers/service/auth_svc.py
+common_servers/service/wechat_svc.py
+common_servers/strategies/base_strategy.py
+common_servers/strategies/password_strategy.py
+common_servers/strategies/wechat_stragegy.py
+common_utlis/bcrypt_util.py
+common_utlis/captcha_util.py
+common_utlis/ip_util.py
+common_utlis/jwt_util.py
+common_utlis/snowflake_util.py
+common_utlis/wechat_util.py
+core/base_config.py
+core/start.py
+core/databases/aiodb.py
+core/databases/aioredis.py
+core/middleware/http_middleware.py
+rainycode.egg-info/PKG-INFO
+rainycode.egg-info/SOURCES.txt
+rainycode.egg-info/dependency_links.txt
+rainycode.egg-info/requires.txt
+rainycode.egg-info/top_level.txt

{rainycode-1.0.0 → rainycode-1.0.1}/rainycode.egg-info/requires.txt

@@ -5,6 +5,7 @@ passlib==1.7.4
 redis==7.2.1
 pyjwt==2.11.0
 pillow==12.1.1
+pycryptodome==3.23.0
 uvicorn[standard]==0.41.0
 tortoise-orm[asyncmy]==1.1.5
 pydantic-settings==2.13.1

rainycode-1.0.1/rainycode.egg-info/top_level.txt

@@ -0,0 +1,6 @@
+common_base
+common_depends
+common_models
+common_servers
+common_utlis
+core

rainycode-1.0.0/README.md

@@ -1,2 +0,0 @@
-pip uninstall ../fastapi_base/fastapi_base-1.0-py3-none-any.whl -y
-pip install ../fastapi_base/fastapi_base-1.0-py3-none-any.whl

rainycode-1.0.0/rainycode.egg-info/SOURCES.txt

@@ -1,26 +0,0 @@
-README.md
-pyproject.toml
-common/aiorequests.py
-common/consts.py
-common/exception.py
-common/logging.py
-common/response.py
-common_depend/auth_depend.py
-common_model/base_model.py
-common_model/user_model.py
-common_model/wechat_model.py
-common_utlis/bcrypt_util.py
-common_utlis/captcha_util.py
-common_utlis/ip_util.py
-common_utlis/jwt_util.py
-common_utlis/snowflake_util.py
-core/base_config.py
-core/start.py
-core/databases/aiodb.py
-core/databases/aioredis.py
-core/middleware/http_middleware.py
-rainycode.egg-info/PKG-INFO
-rainycode.egg-info/SOURCES.txt
-rainycode.egg-info/dependency_links.txt
-rainycode.egg-info/requires.txt
-rainycode.egg-info/top_level.txt

rainycode-1.0.0/rainycode.egg-info/top_level.txt

@@ -1,5 +0,0 @@
-common
-common_depend
-common_model
-common_utlis
-core

{rainycode-1.0.0/common → rainycode-1.0.1/common_base}/consts.py

@@ -1,3 +1,3 @@
 REDIS_PREFIX_REFRESH_TOKEN: str = "auth:refresh:"
-REDIS_PREFIX_USER_INFO: str = "user:info:"
 REDIS_PREFIX_BLOCKLIST: str = "auth:blocklist:"
+REDIS_PREFIX_USER_INFO: str = "user:info:"