fix login api

2024-03-29 11:13:57 +08:00
parent 89b2fe10fe
commit 5ee41b87a2
6 changed files with 185 additions and 161 deletions
--- a/app/api/endpoints/login.py
+++ b/app/api/endpoints/login.py
@ -30,35 +30,33 @@ async def login_access_token(
    获取认证Token
    """
    # 检查数据库
-    user = User.authenticate(
+    success, user = User.authenticate(
        db=db,
        name=form_data.username,
        password=form_data.password,
        otp_password=otp_password
    )
-    if not user:
-        # 请求协助认证
-        logger.warn(f"登录用户 {form_data.username} 本地用户名或密码不匹配，尝试辅助认证 ...")
-        token = UserChain().user_authenticate(form_data.username, form_data.password)
-        if not token:
-            logger.warn(f"用户 {form_data.username} 登录失败！")
-            raise HTTPException(status_code=401, detail="用户名、密码、二次校验不正确")
-        else:
-            logger.info(f"用户 {form_data.username} 辅助认证成功，用户信息: {token}，以普通用户登录...")
-            # 加入用户信息表
-            user = User.get_by_name(db=db, name=form_data.username)
-            if not user:
-                logger.info(f"用户不存在，创建用户: {form_data.username}")
+    if not success:
+        # 认证不成功
+        if not user:
+            # 未找到用户，请求协助认证
+            logger.warn(f"登录用户 {form_data.username} 本地不存在，尝试辅助认证 ...")
+            token = UserChain().user_authenticate(form_data.username, form_data.password)
+            if not token:
+                logger.warn(f"用户 {form_data.username} 登录失败！")
+                raise HTTPException(status_code=401, detail="用户名、密码、二次校验码不正确")
+            else:
+                logger.info(f"用户 {form_data.username} 辅助认证成功，用户信息: {token}，以普通用户登录...")
+                # 加入用户信息表
+                logger.info(f"创建用户: {form_data.username}")
                user = User(name=form_data.username, is_active=True,
                            is_superuser=False, hashed_password=get_password_hash(token))
                user.create(db)
-            else:
-                # 辅助验证用户若未启用，则禁止登录
-                if not user.is_active:
-                    raise HTTPException(status_code=403, detail="用户未启用")
-                # 普通用户权限
-                user.is_superuser = False
-    elif not user.is_active:
+        else:
+            # 用户存在，但认证失败
+            logger.warn(f"用户 {user.name} 登录失败！")
+            raise HTTPException(status_code=401, detail="用户名、密码或二次校验码不正确")
+    elif user and not user.is_active:
        raise HTTPException(status_code=403, detail="用户未启用")
    logger.info(f"用户 {user.name} 登录成功！")
    return schemas.Token(
--- a/app/api/endpoints/plugin.py
+++ b/app/api/endpoints/plugin.py
@ -14,16 +14,16 @@ router = APIRouter()


@router.get("/", summary="所有插件", response_model=List[schemas.Plugin])
-def all_plugins(_: schemas.TokenPayload = Depends(verify_token), state: str = "all") -> Any:
+def all_plugins(_: schemas.TokenPayload = Depends(verify_token), state: str = "all") -> List[schemas.Plugin]:
    """
    查询所有插件清单，包括本地插件和在线插件，插件状态：installed, market, all
    """
    # 本地插件
    local_plugins = PluginManager().get_local_plugins()
    # 已安装插件
-    installed_plugins = [plugin for plugin in local_plugins if plugin.get("installed")]
+    installed_plugins = [plugin for plugin in local_plugins if plugin.installed]
    # 未安装的本地插件
-    not_installed_plugins = [plugin for plugin in local_plugins if not plugin.get("installed")]
+    not_installed_plugins = [plugin for plugin in local_plugins if not plugin.installed]
    if state == "installed":
        return installed_plugins

@ -39,17 +39,17 @@ def all_plugins(_: schemas.TokenPayload = Depends(verify_token), state: str = "a
    # 插件市场插件清单
    market_plugins = []
    # 已安装插件IDS
-    _installed_ids = [plugin["id"] for plugin in installed_plugins]
+    _installed_ids = [plugin.id for plugin in installed_plugins]
    # 未安装的线上插件或者有更新的插件
    for plugin in online_plugins:
-        if plugin["id"] not in _installed_ids:
+        if plugin.id not in _installed_ids:
            market_plugins.append(plugin)
-        elif plugin.get("has_update"):
+        elif plugin.has_update:
            market_plugins.append(plugin)
    # 未安装的本地插件，且不在线上插件中
-    _plugin_ids = [plugin["id"] for plugin in market_plugins]
+    _plugin_ids = [plugin.id for plugin in market_plugins]
    for plugin in not_installed_plugins:
-        if plugin["id"] not in _plugin_ids:
+        if plugin.id not in _plugin_ids:
            market_plugins.append(plugin)
    # 返回插件清单
    if state == "market":
--- a/app/api/endpoints/user.py
+++ b/app/api/endpoints/user.py
@ -17,8 +17,8 @@ router = APIRouter()

@router.get("/", summary="所有用户", response_model=List[schemas.User])
 def read_users(
-    db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_active_superuser),
+        db: Session = Depends(get_db),
+        current_user: User = Depends(get_current_active_superuser),
 ) -> Any:
    """
    查询用户列表
@ -29,10 +29,10 @@ def read_users(

@router.post("/", summary="新增用户", response_model=schemas.Response)
 def create_user(
-    *,
-    db: Session = Depends(get_db),
-    user_in: schemas.UserCreate,
-    current_user: User = Depends(get_current_active_superuser),
+        *,
+        db: Session = Depends(get_db),
+        user_in: schemas.UserCreate,
+        current_user: User = Depends(get_current_active_superuser),
 ) -> Any:
    """
    新增用户
@ -51,10 +51,10 @@ def create_user(

@router.put("/", summary="更新用户", response_model=schemas.Response)
 def update_user(
-    *,
-    db: Session = Depends(get_db),
-    user_in: schemas.UserCreate,
-    _: User = Depends(get_current_active_superuser),
+        *,
+        db: Session = Depends(get_db),
+        user_in: schemas.UserCreate,
+        _: User = Depends(get_current_active_superuser),
 ) -> Any:
    """
    更新用户
@ -64,7 +64,8 @@ def update_user(
        # 正则表达式匹配密码包含字母、数字、特殊字符中的至少两项
        pattern = r'^(?![a-zA-Z]+$)(?!\d+$)(?![^\da-zA-Z\s]+$).{6,50}$'
        if not re.match(pattern, user_info.get("password")):
-            return schemas.Response(success=False, message="密码需要同时包含字母、数字、特殊字符中的至少两项，且长度大于6位")
+            return schemas.Response(success=False,
+                                    message="密码需要同时包含字母、数字、特殊字符中的至少两项，且长度大于6位")
        user_info["hashed_password"] = get_password_hash(user_info["password"])
        user_info.pop("password")
    user = User.get_by_name(db, name=user_info["name"])
@ -76,7 +77,7 @@ def update_user(

@router.get("/current", summary="当前登录用户信息", response_model=schemas.User)
 def read_current_user(
-    current_user: User = Depends(get_current_active_user)
+        current_user: User = Depends(get_current_active_user)
 ) -> Any:
    """
    当前登录用户信息
@ -102,12 +103,51 @@ async def upload_avatar(user_id: int, db: Session = Depends(get_db),
    return schemas.Response(success=True, message=file.filename)


+@router.post('/otp/generate', summary='生成otp验证uri', response_model=schemas.Response)
+def otp_generate(
+        current_user: User = Depends(get_current_active_user)
+) -> Any:
+    secret, uri = OtpUtils.generate_secret_key(current_user.name)
+    return schemas.Response(success=secret != "", data={'secret': secret, 'uri': uri})
+
+
+@router.post('/otp/judge', summary='判断otp验证是否通过', response_model=schemas.Response)
+def otp_judge(
+        data: dict,
+        db: Session = Depends(get_db),
+        current_user: User = Depends(get_current_active_user)
+) -> Any:
+    uri = data.get("uri")
+    otp_password = data.get("otpPassword")
+    if not OtpUtils.is_legal(uri, otp_password):
+        return schemas.Response(success=False, message="验证码错误")
+    current_user.update_otp_by_name(db, current_user.name, True, OtpUtils.get_secret(uri))
+    return schemas.Response(success=True)
+
+
+@router.post('/otp/disable', summary='关闭当前用户的otp验证', response_model=schemas.Response)
+def otp_disable(
+        db: Session = Depends(get_db),
+        current_user: User = Depends(get_current_active_user)
+) -> Any:
+    current_user.update_otp_by_name(db, current_user.name, False, "")
+    return schemas.Response(success=True)
+
+
+@router.get('/otp/{userid}', summary='判断当前用户是否开启otp验证', response_model=schemas.Response)
+def otp_enable(userid: str, db: Session = Depends(get_db)) -> Any:
+    user: User = User.get_by_name(db, userid)
+    if not user:
+        return schemas.Response(success=False, message="用户不存在")
+    return schemas.Response(success=user.is_otp)
+
+
@router.delete("/{user_name}", summary="删除用户", response_model=schemas.Response)
 def delete_user(
-    *,
-    db: Session = Depends(get_db),
-    user_name: str,
-    current_user: User = Depends(get_current_active_superuser),
+        *,
+        db: Session = Depends(get_db),
+        user_name: str,
+        current_user: User = Depends(get_current_active_superuser),
 ) -> Any:
    """
    删除用户
@ -121,9 +161,9 @@ def delete_user(

@router.get("/{user_id}", summary="用户详情", response_model=schemas.User)
 def read_user_by_id(
-    user_id: int,
-    current_user: User = Depends(get_current_active_user),
-    db: Session = Depends(get_db),
+        user_id: int,
+        current_user: User = Depends(get_current_active_user),
+        db: Session = Depends(get_db),
 ) -> Any:
    """
    查询用户详情
@ -142,34 +182,3 @@ def read_user_by_id(
            detail="用户权限不足"
        )
    return user
-
-
-@router.post('/otp/generate', summary='生成otp验证uri', response_model=schemas.Response)
-def otp_generate(
-    current_user: User = Depends(get_current_active_user)
-) -> Any:
-    secret, uri = OtpUtils.generate_secret_key(current_user.name)
-    return schemas.Response(success=secret != "", data={'secret': secret, 'uri': uri})
-
-
-@router.post('/otp/judge', summary='判断otp验证是否通过', response_model=schemas.Response)
-def otp_judge(
-    data: dict,
-    db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_active_user)
-) -> Any:
-    uri = data.get("uri")
-    otp_password = data.get("otpPassword")
-    if not OtpUtils.is_legal(uri, otp_password):
-        return schemas.Response(success=False, message="验证码错误")
-    current_user.update_otp_by_name(db, current_user.name, True, OtpUtils.get_secret(uri))
-    return schemas.Response(success=True)
-
-
-@router.post('/otp/disable', summary='关闭当前用户的otp验证', response_model=schemas.Response)
-def otp_disable(
-    db: Session = Depends(get_db),
-    current_user: User = Depends(get_current_active_user)
-) -> Any:
-    current_user.update_otp_by_name(db, current_user.name, False, "")
-    return schemas.Response(success=True)