完了鉴权相关代码和鉴权依赖注入

2025-01-21 21:28:18 +08:00
parent 3b7ac1f682
commit f1cdbab0f4
4 changed files with 117 additions and 6 deletions
--- a/routes/depends.py
+++ b/routes/depends.py
@@ -0,0 +1,18 @@
+from fastapi import Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordBearer
+from typing import Optional
+from schemas.auth import TokenData
+from services.auth_service import verify_token
+
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="auth/login")
+
+async def get_current_user(token: str = Depends(oauth2_scheme)) -> TokenData:
+    """获取当前用户"""
+    token_data = verify_token(token)
+    if token_data is None:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid authentication credentials",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    return token_data
--- a/routes/users.py
+++ b/routes/users.py
@@ -1,7 +1,9 @@
 from fastapi import APIRouter, Depends, HTTPException, status
 from typing import List, Optional
+from schemas.auth import TokenData
 from schemas.user import UserCreate, UserUpdate, UserResponse
-from services.auth import get_current_user
+from routes.depends import get_current_user
+from services.user_services import get_user_by_id

 router = APIRouter(tags=["users"])

@@ -10,8 +12,14 @@ async def get_users(
    page: int = 1,
    limit: int = 10,
    role: Optional[str] = None,
-    current_user: UserResponse = Depends(get_current_user)
+    current_user_token: TokenData = Depends(get_current_user)
 ):
+    current_user = await get_user_by_id(current_user_token.id)
+    if current_user is None:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found"
+        )
    if current_user.role not in ["system_admin", "admin"]:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
@@ -23,8 +31,14 @@ async def get_users(
@router.post("/", response_model=UserResponse, status_code=status.HTTP_201_CREATED)
 async def create_user(
    user_data: UserCreate,
-    current_user: UserResponse = Depends(get_current_user)
+    current_user_token: TokenData = Depends(get_current_user)
 ):
+    current_user = await get_user_by_id(current_user_token.id)
+    if current_user is None:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found"
+        )
    if current_user.role not in ["system_admin", "admin"]:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
@@ -37,8 +51,14 @@ async def create_user(
 async def update_user(
    user_id: int,
    user_data: UserUpdate,
-    current_user: UserResponse = Depends(get_current_user)
+    current_user_token: TokenData = Depends(get_current_user)
 ):
+    current_user = await get_user_by_id(current_user_token.id)
+    if current_user is None:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found"
+        )
    if current_user.role not in ["system_admin", "admin"]:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
@@ -50,8 +70,14 @@ async def update_user(
@router.delete("/{user_id}", status_code=status.HTTP_204_NO_CONTENT)
 async def delete_user(
    user_id: int,
-    current_user: UserResponse = Depends(get_current_user)
+    current_user_token: TokenData = Depends(get_current_user)
 ):
+    current_user = await get_user_by_id(current_user_token.id)
+    if current_user is None:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail="User not found"
+        )
    if current_user.role not in ["system_admin", "admin"]:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,