PyPI - rainycode - Versions diffs - 1.1.0__tar.gz → 1.1.1__tar.gz - Mend

rainycode 1.1.0tar.gz → 1.1.1tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

{rainycode-1.1.0 → rainycode-1.1.1}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rainycode
-Version: 1.1.0
+Version: 1.1.1
 Summary: FastAPI base modules
 Requires-Python: >=3.8
 Requires-Dist: build==1.4.0

{rainycode-1.1.0 → rainycode-1.1.1}/common_depends/auth_depend.py RENAMED Viewed

@@ -53,6 +53,7 @@ async def get_current_user(request: Request, token: str, security_scopes: Securi
     # 设置请求上下文
     request.state.user = user
+    request.state.token = token
     return user

{rainycode-1.1.0 → rainycode-1.1.1}/common_servers/api/auth_api.py RENAMED Viewed

@@ -30,10 +30,11 @@ async def refresh_token(refresh_token: str = Body(..., embed=True)):
 @router.post("/logout", summary="登出")
 async def logout(
-    token: str = Depends(oauth2_scheme),
+    request: Request,
     refresh_token: str = Body(..., embed=True),
     _: User = Security(login_require),
 ):
+    token = request.state.token
     await AuthService.logout(token, refresh_token)
     return SuccessReturn(msg="登出成功")

{rainycode-1.1.0 → rainycode-1.1.1}/common_servers/service/auth_svc.py RENAMED Viewed

@@ -16,6 +16,7 @@ from common_base.consts import (
     REDIS_PREFIX_LOGIN_LOCK_IP,
 )
 from common_base.exception import CustomException
+from common_base.logging import logger
 from common_models.user_model import User
 from common_models.wechat_model import WechatApp, WechatUser, AppTypeEnum
 from common_utils.bcrypt_util import PwdUtil
@@ -23,7 +24,6 @@ from common_utils.jwt_util import JwtUtil
 from common_utils.wechat_util import WechatUtil
 from core.databases.aioredis import AioRedis
 from common_servers.schemas.auth_schema import UserRegister, UserLogin, WechatLogin
-from common_servers.managers.wechat_user_manager import WechatUserManager
 from tortoise.transactions import atomic
 from tortoise.expressions import Q
 from core.base_config import base_config
@@ -75,6 +75,7 @@ class AuthService:
             phone=user_in.phone,
             nickname=user_in.nickname
         )
+        logger.info(f"用户注册成功: username={user.username}, user_id={user.id}")
         return user
     @classmethod
@@ -83,7 +84,9 @@ class AuthService:
         用户密码登录
         """
         user = await cls._authenticate_password(user_in, client_ip)
-        return await cls._create_tokens(user)
+        token_data = await cls._create_tokens(user)
+        logger.info(f"用户登录成功: username={user.username}, user_id={user.id}, ip={client_ip}")
+        return token_data
     @classmethod
     async def login_wechat_mini(cls, wechat_in: WechatLogin) -> dict:
@@ -99,9 +102,12 @@ class AuthService:
         刷新 Token
         """
         user_id = await AioRedis.get(f"{REDIS_PREFIX_REFRESH_TOKEN}{refresh_token}")
-        user_id = int(user_id) if user_id else None
         if not user_id:
             raise CustomException(msg="无效或已过期的刷新令牌")
+        try:
+            user_id = int(user_id)
+        except (ValueError, TypeError):
+            raise CustomException(msg="无效的刷新令牌")
         user = await User.get_or_none(id=user_id)
         if not user or not user.is_active:
@@ -109,7 +115,9 @@ class AuthService:
         # Token 轮换：删除旧的，生成新的
         await AioRedis.delete(f"{REDIS_PREFIX_REFRESH_TOKEN}{refresh_token}")
-        return await cls._create_tokens(user)
+        token_data = await cls._create_tokens(user)
+        logger.info(f"Token刷新成功: username={user.username}, user_id={user.id}")
+        return token_data
     @classmethod
     async def logout(cls, access_token: str, refresh_token: str):
@@ -133,6 +141,12 @@ class AuthService:
         if refresh_token:
             await AioRedis.delete(f"{REDIS_PREFIX_REFRESH_TOKEN}{refresh_token}")
+        # 记录登出日志
+        if payload:
+            user_id = payload.get("sub")
+            username = payload.get("username")
+            logger.info(f"用户登出: user_id={user_id}, username={username}")
     @classmethod
     async def get_wechat_oauth_url(cls, app_id: str, redirect_uri: str, state: str | None = None) -> str:
         """
@@ -241,8 +255,8 @@ class AuthService:
             user_info = await WechatUtil.get_user_info(access_token, openid)
-            # 使用 WechatUserManager 创建或绑定用户
-            user = await WechatUserManager.bind_or_register(
+            # 使用 _bind_or_register_wechat_user 创建或绑定用户
+            user = await cls._bind_or_register_wechat_user(
                 openid=openid,
                 app_config=app_config,
                 unionid=wx_res.get("unionid"),
@@ -255,7 +269,7 @@ class AuthService:
         # 新用户，需要 snsapi_userinfo 授权
         # 缓存 state 信息供二次回调使用
-        new_state = f"{state}_userinfo"
+        new_state = str(uuid.uuid4())
         await AioRedis.set(f"{REDIS_PREFIX_OAUTH_STATE}{new_state}", cache_value, ex=300)
         # 构建 snsapi_userinfo 授权链接
@@ -296,17 +310,19 @@ class AuthService:
         user = await User.get_or_none(username=data.username)
         if not user:
             await cls._record_login_fail(data.username, client_ip)
+            logger.warning(f"登录失败: 用户名不存在, username={data.username}, ip={client_ip}")
             raise CustomException(msg="用户名或密码错误")
         if not PwdUtil.verify_password(data.password, user.password):
             await cls._record_login_fail(data.username, client_ip)
+            logger.warning(f"登录失败: 密码错误, username={data.username}, ip={client_ip}")
             raise CustomException(msg="用户名或密码错误")
         if not user.is_active:
             raise CustomException(msg="用户已被禁用")
         # 清除失败记录
-        await cls._clear_login_fail(data.username)
+        await cls._clear_login_fail(data.username, client_ip)
         # 更新最后登录时间
         user.last_login = datetime.now()
@@ -357,8 +373,8 @@ class AuthService:
             if phone and not re.match(r'^1[3-9]\d{9}$', phone):
                 raise CustomException(msg="手机号格式不正确")
-        # 6. 使用 WechatUserManager 处理用户绑定/注册
-        return await WechatUserManager.bind_or_register(
+        # 6. 使用 _bind_or_register_wechat_user 处理用户绑定/注册
+        return await cls._bind_or_register_wechat_user(
             openid=openid,
             app_config=app_config,
             unionid=unionid,
@@ -397,9 +413,10 @@ class AuthService:
             await AioRedis.expire(ip_key, LOGIN_LOCK_SECONDS)
     @classmethod
-    async def _clear_login_fail(cls, username: str):
+    async def _clear_login_fail(cls, username: str, client_ip: str):
         """清除登录失败记录"""
         await AioRedis.delete(f"{REDIS_PREFIX_LOGIN_LOCK_USER}{username}")
+        await AioRedis.delete(f"{REDIS_PREFIX_LOGIN_LOCK_IP}{client_ip}")
     @classmethod
     async def _create_tokens(cls, user: User) -> dict:
@@ -424,6 +441,93 @@ class AuthService:
             "expires_in": base_config.access_token_expire_minutes * 60,
         }
+    @classmethod
+    @atomic("main")
+    async def _bind_or_register_wechat_user(
+        cls,
+        openid: str,
+        app_config: WechatApp,
+        unionid: str | None = None,
+        phone: str | None = None,
+        nickname: str | None = None,
+        avatar: str | None = None,
+        session_key: str | None = None,
+    ) -> User:
+        """
+        绑定已有用户或创建新用户（微信登录专用）
+        Args:
+            openid: 微信 OpenID
+            app_config: 微信应用配置
+            unionid: 微信 UnionID（可选，用于跨应用关联）
+            phone: 手机号（可选，小程序一键登录获取）
+            nickname: 微信昵称
+            avatar: 微信头像
+            session_key: 会话密钥（仅小程序）
+        Returns:
+            User: 用户对象
+        """
+        # 1. 检查 WechatUser 是否已存在
+        wechat_user = await WechatUser.get_or_none(
+            openid=openid, wechat_app=app_config
+        ).select_related("user")
+        if wechat_user:
+            # 已存在关联，更新信息
+            if session_key:
+                wechat_user.session_key = session_key
+            if nickname:
+                wechat_user.nickname = nickname
+            if avatar:
+                wechat_user.avatar = avatar
+            if phone and not wechat_user.user.phone:
+                wechat_user.user.phone = phone
+                await wechat_user.user.save()
+            await wechat_user.save()
+            return wechat_user.user
+        # 2. 检查 User 是否存在（通过 phone 或 unionid）
+        user = None
+        if phone:
+            user = await User.get_or_none(phone=phone)
+        # 如果有 UnionID，检查其他应用下的 WechatUser 是否关联了 User
+        if not user and unionid:
+            other_wechat_user = (
+                await WechatUser.filter(unionid=unionid)
+                .exclude(wechat_app=app_config)
+                .first()
+                .select_related("user")
+            )
+            if other_wechat_user:
+                user = other_wechat_user.user
+        # 3. 创建 User（如不存在）
+        if not user:
+            # 使用 UUID 避免并发冲突
+            username = f"wx_{uuid.uuid4().hex[:8]}"
+            user = await User.create(
+                username=username,
+                password="",  # 微信用户无密码
+                phone=phone,
+                nickname=nickname or f"用户{username[-4:]}",
+                avatar=avatar,
+            )
+        # 4. 创建 WechatUser 关联
+        await WechatUser.create(
+            user=user,
+            wechat_app=app_config,
+            openid=openid,
+            unionid=unionid,
+            session_key=session_key,
+            nickname=nickname,
+            avatar=avatar,
+        )
+        return user
     @classmethod
     async def _build_redirect_response(cls, redirect_uri: str, token_data: dict, state: str | None = None) -> RedirectResponse:
         """构建带临时码的重定向响应"""

{rainycode-1.1.0 → rainycode-1.1.1}/common_utils/bcrypt_util.py RENAMED Viewed

@@ -44,7 +44,7 @@ class PwdUtil:
     @classmethod
     def check_password_strength(cls, password: str) -> str | None:
         """
-        检查密码强度
+        检查密码强度（不含长度检查，由 Schema min_length 处理）
         Args:
             password: 明文密码
@@ -52,12 +52,10 @@ class PwdUtil:
         Returns:
             str: 如果密码强度不够返回提示信息,否则返回None
         """
-        if len(password) < 6:
-            return "密码长度至少6位"
         if not any(c.isupper() for c in password):
             return "密码需要包含大写字母"
         if not any(c.islower() for c in password):
-            return "密码需要包含小写字母"
+            return "密码需要包含小写字母"
         if not any(c.isdigit() for c in password):
             return "密码需要包含数字"
         return None

{rainycode-1.1.0 → rainycode-1.1.1}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "rainycode"
-version = "1.1.0"
+version = "1.1.1"
 description = "FastAPI base modules"
 requires-python = ">=3.8"

{rainycode-1.1.0 → rainycode-1.1.1}/rainycode.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rainycode
-Version: 1.1.0
+Version: 1.1.1
 Summary: FastAPI base modules
 Requires-Python: >=3.8
 Requires-Dist: build==1.4.0

{rainycode-1.1.0 → rainycode-1.1.1}/rainycode.egg-info/SOURCES.txt RENAMED Viewed

@@ -12,7 +12,6 @@ common_models/wechat_model.py
 common_servers/router.py
 common_servers/api/auth_api.py
 common_servers/api/wechat_api.py
-common_servers/managers/wechat_user_manager.py
 common_servers/schemas/__init__.py
 common_servers/schemas/auth_schema.py
 common_servers/service/auth_svc.py

rainycode-1.1.0/common_servers/managers/wechat_user_manager.py DELETED Viewed

@@ -1,98 +0,0 @@
-import uuid
-from tortoise.transactions import atomic
-from common_models.user_model import User
-from common_models.wechat_model import WechatApp, WechatUser
-class WechatUserManager:
-    """
-    微信用户绑定/注册统一处理
-    合并小程序和公众号的用户处理逻辑
-    """
-    @classmethod
-    @atomic("main")
-    async def bind_or_register(
-        cls,
-        openid: str,
-        app_config: WechatApp,
-        unionid: str | None = None,
-        phone: str | None = None,
-        nickname: str | None = None,
-        avatar: str | None = None,
-        session_key: str | None = None,
-    ) -> User:
-        """
-        绑定已有用户或创建新用户
-        Args:
-            openid: 微信 OpenID
-            app_config: 微信应用配置
-            unionid: 微信 UnionID（可选，用于跨应用关联）
-            phone: 手机号（可选，小程序一键登录获取）
-            nickname: 微信昵称
-            avatar: 微信头像
-            session_key: 会话密钥（仅小程序）
-        Returns:
-            User: 用户对象
-        """
-        # 1. 检查 WechatUser 是否已存在
-        wechat_user = await WechatUser.get_or_none(
-            openid=openid, wechat_app=app_config
-        ).select_related("user")
-        if wechat_user:
-            # 已存在关联，更新信息
-            if session_key:
-                wechat_user.session_key = session_key
-            if nickname:
-                wechat_user.nickname = nickname
-            if avatar:
-                wechat_user.avatar = avatar
-            if phone and not wechat_user.user.phone:
-                wechat_user.user.phone = phone
-                await wechat_user.user.save()
-            await wechat_user.save()
-            return wechat_user.user
-        # 2. 检查 User 是否存在（通过 phone 或 unionid）
-        user = None
-        if phone:
-            user = await User.get_or_none(phone=phone)
-        # 如果有 UnionID，检查其他应用下的 WechatUser 是否关联了 User
-        if not user and unionid:
-            other_wechat_user = (
-                await WechatUser.filter(unionid=unionid)
-                .exclude(wechat_app=app_config)
-                .first()
-                .select_related("user")
-            )
-            if other_wechat_user:
-                user = other_wechat_user.user
-        # 3. 创建 User（如不存在）
-        if not user:
-            # 使用 UUID 避免并发冲突
-            username = f"wx_{uuid.uuid4().hex[:8]}"
-            user = await User.create(
-                username=username,
-                password="",  # 微信用户无密码
-                phone=phone,
-                nickname=nickname or f"用户{username[-4:]}",
-                avatar=avatar,
-            )
-        # 4. 创建 WechatUser 关联
-        await WechatUser.create(
-            user=user,
-            wechat_app=app_config,
-            openid=openid,
-            unionid=unionid,
-            session_key=session_key,
-            nickname=nickname,
-            avatar=avatar,
-        )
-        return user