| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 |
- from fastapi import Request, HTTPException, status
- from fastapi.responses import JSONResponse
- from .token import verify_local_token
- from .logger import logger
- async def auth_middleware(request: Request, call_next):
- """Token认证中间件"""
- # 白名单路径(不需要认证)
- whitelist_paths = [
- "/",
- "/health",
- "/docs",
- "/redoc",
- "/openapi.json",
- "/static",
- "/assets",
- "/apiv1/auth/local_login",
- "/apiv1/auth/register"
- ]
- # 检查是否在白名单中
- path = request.url.path
- for whitelist_path in whitelist_paths:
- if path.startswith(whitelist_path):
- # 白名单路径也设置一个默认user,避免后续访问出错
- request.state.user = None
- return await call_next(request)
- # 获取Token
- token = request.headers.get("token") or request.headers.get(
- "Authorization", "").replace("Bearer ", "")
- logger.info(f"认证中间件 - 路径: {path}")
- logger.info(f"认证中间件 - Token (前20字符): {token[:20] if token else 'None'}...")
- if not token:
- logger.warning("认证中间件 - 未提供Token")
- return JSONResponse(
- status_code=status.HTTP_401_UNAUTHORIZED,
- content={"code": 401, "msg": "未提供认证Token"}
- )
- # 验证Token
- logger.info("认证中间件 - 开始验证Token")
- user_info = await verify_local_token(token)
- if not user_info:
- logger.error("认证中间件 - Token验证失败,返回401")
- return JSONResponse(
- status_code=status.HTTP_401_UNAUTHORIZED,
- content={"code": 401, "msg": "Token验证失败"}
- )
- logger.info(
- f"认证中间件 - Token验证成功,用户: {user_info.username} ({user_info.account})")
- # 将用户信息存储到request.state中
- request.state.user = user_info
- response = await call_next(request)
- return response
|
