rainycode 1.1.1__tar.gz → 1.1.3__tar.gz

{rainycode-1.1.1 → rainycode-1.1.3}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rainycode
-Version: 1.1.1
+Version: 1.1.3
 Summary: FastAPI base modules
 Requires-Python: >=3.8
 Requires-Dist: build==1.4.0

{rainycode-1.1.1 → rainycode-1.1.3}/common_base/consts.py

@@ -4,6 +4,5 @@ REDIS_PREFIX_USER_INFO: str = "user:info:"
 REDIS_PREFIX_OAUTH_STATE: str = "oauth:state:"
 REDIS_PREFIX_WECHAT_CODE: str = "wechat:code:"
 REDIS_PREFIX_WECHAT_OAUTH_CODE: str = "wechat:oauth:code:"
-REDIS_PREFIX_TEMP_CODE: str = "oauth:temp_code:"
 REDIS_PREFIX_LOGIN_LOCK_USER: str = "auth:login_lock:user:"
 REDIS_PREFIX_LOGIN_LOCK_IP: str = "auth:login_lock:ip:"

{rainycode-1.1.1 → rainycode-1.1.3}/common_servers/api/auth_api.py

@@ -1,7 +1,7 @@
 from common_models.user_model import User
-from fastapi import APIRouter, Security, Body, Depends, Query, Request
+from fastapi import APIRouter, Security, Body, Query, Request
 from common_base.response import SuccessReturn
-from common_depends.auth_depend import login_require, oauth2_scheme
+from common_depends.auth_depend import login_require
 from common_servers.schemas.auth_schema import *
 from common_servers.service.auth_svc import AuthService
 
@@ -58,7 +58,7 @@ async def login_mini(wechat_in: WechatLogin):
 
 @router.get("/wechat/oauth", summary="获取微信网页授权链接 - 回调(/oauth/callback)")
 async def get_wechat_oauth_url(
-    app_id: str = Query(..., description="微信 AppID"),
+    app_pk: int = Query(..., description="微信应用主键ID"),
     redirect_uri: str = Query(..., description="授权成功后跳转地址"),
     state: str | None = Query(default=None, description="自定义状态参数"),
 ):
@@ -69,17 +69,5 @@ async def get_wechat_oauth_url(
     - 如果用户已注册，回调后直接返回 token
     - 如果用户未注册，自动重定向到 snsapi_userinfo 授权
     """
-    authorize_url = await AuthService.get_wechat_oauth_url(app_id, redirect_uri, state)
-    return SuccessReturn(data={"authorize_url": authorize_url})
-
-
-@router.get("/wechat/token", summary="通过临时授权码获取 token")
-async def get_token_by_temp_code(code: str = Query(..., description="临时授权码")):
-    """
-    OAuth 回调后，前端使用临时码换取 token
-
-    - 临时码有效期：120 秒
-    - 一次性使用，获取后立即失效
-    """
-    token_data = await AuthService.get_token_by_temp_code(code)
-    return SuccessReturn(data=token_data, msg="获取成功")
+    authorize_url = await AuthService.get_wechat_oauth_url(app_pk, redirect_uri, state)
+    return SuccessReturn(data={"authorize_url": authorize_url})

{rainycode-1.1.1 → rainycode-1.1.3}/common_servers/service/auth_svc.py

@@ -11,7 +11,6 @@ from common_base.consts import (
     REDIS_PREFIX_USER_INFO,
     REDIS_PREFIX_WECHAT_CODE,
     REDIS_PREFIX_WECHAT_OAUTH_CODE,
-    REDIS_PREFIX_TEMP_CODE,
     REDIS_PREFIX_LOGIN_LOCK_USER,
     REDIS_PREFIX_LOGIN_LOCK_IP,
 )
@@ -33,7 +32,6 @@ from core.base_config import base_config
 LOGIN_FAIL_LIMIT = 5  # 最大失败次数
 LOGIN_LOCK_SECONDS = 900  # 锁定时间（15分钟）
 IP_FAIL_LIMIT = 20  # 单 IP 最大失败次数
-TEMP_CODE_EXPIRE_SECONDS = 120  # 临时授权码有效期
 
 
 class AuthService:
@@ -148,17 +146,17 @@ class AuthService:
             logger.info(f"用户登出: user_id={user_id}, username={username}")
 
     @classmethod
-    async def get_wechat_oauth_url(cls, app_id: str, redirect_uri: str, state: str | None = None) -> str:
+    async def get_wechat_oauth_url(cls, app_pk: int, redirect_uri: str, state: str | None = None) -> str:
         """
         生成微信网页授权链接（snsapi_base）
 
-        :param app_id: 微信 AppID
+        :param app_pk: 微信应用主键ID
         :param redirect_uri: 授权成功后跳转的前端地址
         :param state: 自定义状态参数
         :return: 微信授权链接
         """
         # 验证公众号配置
-        app_config = await WechatApp.get_or_none(app_id=app_id, app_type=AppTypeEnum.OFFICIAL_ACCOUNT)
+        app_config = await WechatApp.get_or_none(id=app_pk, app_type=AppTypeEnum.OFFICIAL_ACCOUNT)
         if not app_config:
             raise CustomException(msg="无效的公众号配置")
 
@@ -170,8 +168,8 @@ class AuthService:
         # 生成内部 state
         internal_state = state or str(uuid.uuid4())
 
-        # 缓存 state -> (redirect_uri, app_id) 映射，有效期 5 分钟
-        cache_value = json.dumps({"redirect_uri": redirect_uri, "app_id": app_id})
+        # 缓存 state -> (redirect_uri, app_pk) 映射，有效期 5 分钟
+        cache_value = json.dumps({"redirect_uri": redirect_uri, "app_pk": app_pk})
         await AioRedis.set(f"{REDIS_PREFIX_OAUTH_STATE}{internal_state}", cache_value, ex=300)
 
         # 构建回调地址
@@ -204,11 +202,11 @@ class AuthService:
         try:
             cached_data = json.loads(cache_value)
             redirect_uri = cached_data.get("redirect_uri")
-            app_id = cached_data.get("app_id")
+            app_pk = cached_data.get("app_pk")
         except (json.JSONDecodeError, TypeError):
             raise CustomException(msg="授权数据格式错误")
 
-        if not redirect_uri or not app_id:
+        if not redirect_uri or not app_pk:
             raise CustomException(msg="授权数据不完整")
 
         # 删除已使用的 state
@@ -220,7 +218,7 @@ class AuthService:
             raise CustomException(msg="授权码已失效，请重新授权")
 
         # 获取公众号配置
-        app_config = await WechatApp.get_or_none(app_id=app_id, app_type=AppTypeEnum.OFFICIAL_ACCOUNT)
+        app_config = await WechatApp.get_or_none(id=app_pk, app_type=AppTypeEnum.OFFICIAL_ACCOUNT)
         if not app_config:
             raise CustomException(msg="公众号配置不存在")
 
@@ -283,22 +281,6 @@ class AuthService:
 
         return RedirectResponse(url=userinfo_auth_url, status_code=302)
 
-    @classmethod
-    async def get_token_by_temp_code(cls, temp_code: str) -> dict:
-        """
-        通过临时授权码获取 token
-        """
-        cache_key = f"{REDIS_PREFIX_TEMP_CODE}{temp_code}"
-        cache_value = await AioRedis.get(cache_key)
-
-        if not cache_value:
-            raise CustomException(msg="临时授权码已过期，请重新授权")
-
-        # 删除临时码（一次性使用）
-        await AioRedis.delete(cache_key)
-
-        return json.loads(cache_value)
-
     # ==================== 私有方法 ====================
 
     @classmethod
@@ -529,22 +511,20 @@ class AuthService:
         return user
 
     @classmethod
-    async def _build_redirect_response(cls, redirect_uri: str, token_data: dict, state: str | None = None) -> RedirectResponse:
-        """构建带临时码的重定向响应"""
-        # 生成临时授权码
-        temp_code = str(uuid.uuid4())
-
-        # 缓存 token 数据
-        await AioRedis.set(
-            f"{REDIS_PREFIX_TEMP_CODE}{temp_code}",
-            json.dumps(token_data),
-            ex=TEMP_CODE_EXPIRE_SECONDS
-        )
-
-        # 构建重定向 URL
-        params = {"temp_code": temp_code}
+    async def _build_redirect_response(
+        cls, redirect_uri: str, token_data: dict, state: str | None = None
+    ) -> RedirectResponse:
+        """构建带 token 的重定向响应（使用 URL Fragment）"""
+        params = {
+            "access_token": token_data["access_token"],
+            "refresh_token": token_data["refresh_token"],
+            "token_type": token_data["token_type"],
+            "expires_in": str(token_data["expires_in"]),
+        }
         if state:
             params["state"] = state
 
-        redirect_url = f"{redirect_uri}?{urlencode(params)}"
+        # 使用 # fragment 传递 token，避免出现在服务器日志中
+        fragment = urlencode(params)
+        redirect_url = f"{redirect_uri}#{fragment}"
         return RedirectResponse(url=redirect_url, status_code=302)

{rainycode-1.1.1 → rainycode-1.1.3}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "rainycode"
-version = "1.1.1"
+version = "1.1.3"
 description = "FastAPI base modules"
 requires-python = ">=3.8"
 

{rainycode-1.1.1 → rainycode-1.1.3}/rainycode.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rainycode
-Version: 1.1.1
+Version: 1.1.3
 Summary: FastAPI base modules
 Requires-Python: >=3.8
 Requires-Dist: build==1.4.0