WebUI后端整体重构

2026-01-13 07:24:27 +08:00
parent 812296590e
commit ffafbf0a26
36 changed files with 927 additions and 294 deletions
--- a/src/webui/dependencies.py
+++ b/src/webui/dependencies.py
@@ -0,0 +1,87 @@
+from typing import Optional
+from fastapi import Depends, Cookie, Header, Request, HTTPException
+from .core import get_current_token, get_token_manager, check_auth_rate_limit, check_api_rate_limit
+
+
+async def require_auth(
+    request: Request,
+    maibot_session: Optional[str] = Cookie(None),
+    authorization: Optional[str] = Header(None),
+) -> str:
+    """
+    FastAPI 依赖：要求有效认证
+
+    用于保护需要认证的路由，自动从 Cookie 或 Header 获取并验证 token
+
+    Returns:
+        验证通过的 token
+
+    Raises:
+        HTTPException 401: 认证失败
+    """
+    return get_current_token(request, maibot_session, authorization)
+
+
+async def require_auth_with_rate_limit(
+    request: Request,
+    maibot_session: Optional[str] = Cookie(None),
+    authorization: Optional[str] = Header(None),
+    _rate_limit: None = Depends(check_auth_rate_limit),
+) -> str:
+    """
+    FastAPI 依赖：要求有效认证 + 频率限制
+
+    组合了认证检查和频率限制，适用于敏感操作
+
+    Returns:
+        验证通过的 token
+
+    Raises:
+        HTTPException 401: 认证失败
+        HTTPException 429: 请求过于频繁
+    """
+    return get_current_token(request, maibot_session, authorization)
+
+
+def get_optional_token(
+    maibot_session: Optional[str] = Cookie(None),
+    authorization: Optional[str] = Header(None),
+) -> Optional[str]:
+    """
+    FastAPI 依赖：可选获取 token（不验证）
+
+    用于某些需要知道是否有 token 但不强制验证的场景
+
+    Returns:
+        token 字符串或 None
+    """
+    if maibot_session:
+        return maibot_session
+    if authorization and authorization.startswith("Bearer "):
+        return authorization.replace("Bearer ", "")
+    return None
+
+
+async def verify_token_optional(
+    maibot_session: Optional[str] = Cookie(None),
+    authorization: Optional[str] = Header(None),
+) -> bool:
+    """
+    FastAPI 依赖：可选验证 token
+
+    返回 token 是否有效，不抛出异常
+
+    Returns:
+        True 如果 token 有效，否则 False
+    """
+    token = None
+    if maibot_session:
+        token = maibot_session
+    elif authorization and authorization.startswith("Bearer "):
+        token = authorization.replace("Bearer ", "")
+
+    if not token:
+        return False
+
+    token_manager = get_token_manager()
+    return token_manager.verify_token(token)