rainycode 1.0.9__tar.gz → 1.1.1__tar.gz

{rainycode-1.0.9 → rainycode-1.1.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rainycode
-Version: 1.0.9
+Version: 1.1.1
 Summary: FastAPI base modules
 Requires-Python: >=3.8
 Requires-Dist: build==1.4.0

rainycode-1.1.1/common_base/consts.py

@@ -0,0 +1,9 @@
+REDIS_PREFIX_REFRESH_TOKEN: str = "auth:refresh:"
+REDIS_PREFIX_BLOCKLIST: str = "auth:blocklist:"
+REDIS_PREFIX_USER_INFO: str = "user:info:"
+REDIS_PREFIX_OAUTH_STATE: str = "oauth:state:"
+REDIS_PREFIX_WECHAT_CODE: str = "wechat:code:"
+REDIS_PREFIX_WECHAT_OAUTH_CODE: str = "wechat:oauth:code:"
+REDIS_PREFIX_TEMP_CODE: str = "oauth:temp_code:"
+REDIS_PREFIX_LOGIN_LOCK_USER: str = "auth:login_lock:user:"
+REDIS_PREFIX_LOGIN_LOCK_IP: str = "auth:login_lock:ip:"

{rainycode-1.0.9 → rainycode-1.1.1}/common_depends/auth_depend.py

@@ -4,7 +4,7 @@ from fastapi.security import OAuth2PasswordBearer, SecurityScopes
 from common_base.consts import REDIS_PREFIX_BLOCKLIST, REDIS_PREFIX_USER_INFO
 from common_base.exception import CustomException
 from common_models.user_model import User
-from common_utlis.jwt_util import JwtUtil
+from common_utils.jwt_util import JwtUtil
 from core.databases.aioredis import AioRedis
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="api/auth_center/login")
@@ -53,6 +53,7 @@ async def get_current_user(request: Request, token: str, security_scopes: Securi
 
     # 设置请求上下文
     request.state.user = user
+    request.state.token = token
     return user
 
 
@@ -71,5 +72,5 @@ async def login_or_none(request: Request, security_scopes: SecurityScopes, token
 
     try:
         return await get_current_user(request, token, security_scopes)
-    except Exception as e:
+    except CustomException:
         return None

{rainycode-1.0.9 → rainycode-1.1.1}/common_models/base_model.py

@@ -5,7 +5,7 @@ from typing import Optional, Any
 from tortoise import fields, BaseDBAsyncClient
 from tortoise.expressions import Q
 from tortoise.queryset import BulkCreateQuery, QuerySet, QuerySetSingle
-from common_utlis.snowflake_util import get_snowflake_id
+from common_utils.snowflake_util import get_snowflake_id
 from core.databases.aiodb import MySQLUtils
 
 
@@ -86,7 +86,7 @@ class BaseModel(MySQLUtils):
             force_update: bool = False,
             **kwargs: Any
     ) -> None:
-        if not getattr(self, 'id', 0) and kwargs.get('uuid', False)  and 'id' in self._meta.fields:
+        if not getattr(self, 'id', 0) and kwargs.get('id_uuid', False)  and 'id' in self._meta.fields:
             setattr(self, 'id', str(uuid.uuid4()).replace('-', ''))
         return await super().save(using_db=using_db, update_fields=update_fields, force_create=force_create,
                                   force_update=force_update)

rainycode-1.1.1/common_servers/api/auth_api.py

@@ -0,0 +1,85 @@
+from common_models.user_model import User
+from fastapi import APIRouter, Security, Body, Depends, Query, Request
+from common_base.response import SuccessReturn
+from common_depends.auth_depend import login_require, oauth2_scheme
+from common_servers.schemas.auth_schema import *
+from common_servers.service.auth_svc import AuthService
+
+router = APIRouter(prefix="/auth")
+
+@router.post("/register", summary="用户注册")
+async def register(user_in: UserRegister):
+    user = await AuthService.register(user_in)
+    return SuccessReturn(
+        data={"id": str(user.id), "username": user.username}, msg="注册成功"
+    )
+
+
+@router.post("/login", summary="用户密码登录")
+async def login(user_in: UserLogin, request: Request):
+    client_ip = request.client.host if request.client else "unknown"
+    token_data = await AuthService.login(user_in, client_ip)
+    return SuccessReturn(data=token_data, msg="登录成功")
+
+
+@router.post("/refresh", response_model=TokenResponse, summary="刷新令牌")
+async def refresh_token(refresh_token: str = Body(..., embed=True)):
+    token_data = await AuthService.refresh_token(refresh_token)
+    return SuccessReturn(data=token_data, msg="刷新成功")
+
+
+@router.post("/logout", summary="登出")
+async def logout(
+    request: Request,
+    refresh_token: str = Body(..., embed=True),
+    _: User = Security(login_require),
+):
+    token = request.state.token
+    await AuthService.logout(token, refresh_token)
+    return SuccessReturn(msg="登出成功")
+
+
+@router.get("/me", response_model=UserInfo, summary="获取当前用户信息")
+async def get_me(user: User = Security(login_require)):
+    return SuccessReturn(data=user)
+
+
+@router.post("/wechat/mini", response_model=TokenResponse, summary="微信小程序登录")
+async def login_mini(wechat_in: WechatLogin):
+    """
+    微信小程序登录
+
+    - 静默登录: 传 code + app_id
+    - 一键登录(获取手机号): 额外传 encrypted_data + iv
+    """
+    token_data = await AuthService.login_wechat_mini(wechat_in)
+    return SuccessReturn(data=token_data, msg="登录成功")
+
+
+@router.get("/wechat/oauth", summary="获取微信网页授权链接 - 回调(/oauth/callback)")
+async def get_wechat_oauth_url(
+    app_id: str = Query(..., description="微信 AppID"),
+    redirect_uri: str = Query(..., description="授权成功后跳转地址"),
+    state: str | None = Query(default=None, description="自定义状态参数"),
+):
+    """
+    获取微信网页授权链接（snsapi_base 静默授权）
+
+    - 首次请求返回 snsapi_base 授权链接
+    - 如果用户已注册，回调后直接返回 token
+    - 如果用户未注册，自动重定向到 snsapi_userinfo 授权
+    """
+    authorize_url = await AuthService.get_wechat_oauth_url(app_id, redirect_uri, state)
+    return SuccessReturn(data={"authorize_url": authorize_url})
+
+
+@router.get("/wechat/token", summary="通过临时授权码获取 token")
+async def get_token_by_temp_code(code: str = Query(..., description="临时授权码")):
+    """
+    OAuth 回调后，前端使用临时码换取 token
+
+    - 临时码有效期：120 秒
+    - 一次性使用，获取后立即失效
+    """
+    token_data = await AuthService.get_token_by_temp_code(code)
+    return SuccessReturn(data=token_data, msg="获取成功")

rainycode-1.1.1/common_servers/api/wechat_api.py

@@ -0,0 +1,98 @@
+import json
+from urllib.parse import urlencode
+from fastapi import APIRouter, Request, Query, Response
+from fastapi.responses import RedirectResponse
+from common_base.consts import REDIS_PREFIX_OAUTH_STATE
+from common_base.exception import CustomException
+from common_servers.service.auth_svc import AuthService
+from common_servers.service.wechat_svc import WechatService
+from core.databases.aioredis import AioRedis
+
+router = APIRouter(prefix="/wechat")
+
+
+@router.get("/callback/{app_pk}", summary="微信回调验证")
+async def verify_callback(
+    app_pk: int,
+    signature: str = Query(..., description="微信加密签名"),
+    timestamp: str = Query(..., description="时间戳"),
+    nonce: str = Query(..., description="随机数"),
+    echostr: str = Query(..., description="随机字符串"),
+):
+    """
+    微信服务器配置验证接口
+    """
+    is_valid = await WechatService.verify_signature(app_pk, signature, timestamp, nonce)
+    if is_valid:
+        # 必须直接返回 echostr 字符串，不能包含 json 格式
+        return Response(content=echostr, media_type="text/plain")
+    return Response(content="fail", media_type="text/plain")
+
+
+@router.post("/callback/{app_pk}", summary="微信消息回调")
+async def handle_callback(
+    app_pk: int,
+    request: Request,
+    signature: str = Query(..., description="微信加密签名"),
+    timestamp: str = Query(..., description="时间戳"),
+    nonce: str = Query(..., description="随机数"),
+    openid: str = Query(None, description="用户OpenID"),
+    encrypt_type: str = Query(None, description="加密类型"),
+    msg_signature: str = Query(None, description="消息体签名"),
+):
+    """
+    接收微信推送的消息和事件
+    """
+    # 获取原始 XML 数据
+    body = await request.body()
+    xml_data = body.decode("utf-8")
+
+    # 目前仅实现了明文模式，加密模式需要结合 msg_secret 解密
+    # 如果 encrypt_type == "aes"，需要解密 (暂未实现，TODO)
+    result = await WechatService.handle_message(
+        app_pk, xml_data, signature, timestamp, nonce
+    )
+    return Response(content=result, media_type="application/xml")
+
+
+@router.get("/oauth/callback", summary="微信网页授权回调")
+async def wechat_oauth_callback(
+    code: str | None = Query(default=None, description="微信授权码"),
+    state: str | None = Query(default=None, description="状态参数"),
+    error: str | None = Query(default=None, description="错误码"),
+    error_description: str | None = Query(default=None, description="错误描述"),
+):
+    """
+    处理微信网页授权回调
+
+    - 用户已存在：重定向到前端（带 token）
+    - 用户不存在：自动重定向到 snsapi_userinfo 授权
+    - 用户拒绝授权：重定向到前端并附带错误信息
+    """
+    # 处理用户拒绝授权的情况
+    if error:
+        # 获取 redirect_uri
+        cache_key = f"{REDIS_PREFIX_OAUTH_STATE}{state}"
+        cache_value = await AioRedis.get(cache_key)
+        if cache_value:
+            try:
+                cached_data = json.loads(cache_value)
+                redirect_uri = cached_data.get("redirect_uri")
+            except (json.JSONDecodeError, TypeError):
+                redirect_uri = None
+
+            if redirect_uri:
+                await AioRedis.delete(cache_key)
+                params = {
+                    "error": error,
+                    "error_description": error_description or "用户拒绝授权",
+                }
+                error_url = f"{redirect_uri}?{urlencode(params)}"
+                return RedirectResponse(url=error_url, status_code=302)
+
+        raise CustomException(msg="授权失败")
+
+    if not code:
+        raise CustomException(msg="缺少授权码")
+
+    return await AuthService.handle_oauth_callback(code, state)

{rainycode-1.0.9 → rainycode-1.1.1}/common_servers/schemas/auth_schema.py

@@ -36,8 +36,8 @@ class UserInfo(BaseModel):
         from_attributes = True
 
 class WechatLogin(BaseModel):
-    """微信登录模型"""
-    code: str = Field(..., description="微信授权Code")
-    app_id: str = Field(..., description="微信AppID (如 wx...)")
-    encrypted_data: str | None = Field(default=None, description="加密数据(小程序一键登录用)")
-    iv: str | None = Field(default=None, description="加密算法的初始向量")
+    """微信小程序登录模型"""
+    code: str = Field(..., description="微信登录Code (wx.login获取)")
+    app_id: str = Field(..., description="小程序AppID")
+    encrypted_data: str | None = Field(default=None, description="加密数据(一键登录手机号)")
+    iv: str | None = Field(default=None, description="加密算法初始向量")