| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 |
- from fastapi import Request, status
- from fastapi.responses import JSONResponse
- from .logger import logger
- from .token import verify_token
- async def auth_middleware(request: Request, call_next):
- """统一 token 认证中间件。"""
- whitelist_paths = [
- "/",
- "/health",
- "/docs",
- "/redoc",
- "/openapi.json",
- "/static",
- "/assets",
- "/apiv1/auth/local_login",
- "/apiv1/auth/register",
- ]
- path = request.url.path
- for whitelist_path in whitelist_paths:
- if path.startswith(whitelist_path):
- request.state.user = None
- return await call_next(request)
- auth_header = (request.headers.get("Authorization") or "").strip()
- token = request.headers.get("token") or request.headers.get("Token") or auth_header
- if auth_header.lower().startswith("bearer "):
- token = auth_header[7:].strip()
- logger.info(f"认证中间件 - 路径: {path}")
- logger.info(f"认证中间件 - Token (前20字符): {token[:20] if token else 'None'}...")
- if not token:
- logger.warning("认证中间件 - 未提供token")
- return JSONResponse(
- status_code=status.HTTP_401_UNAUTHORIZED,
- content={"statusCode": 401, "msg": "未提供认证Token"},
- )
- user_info = await verify_token(token)
- if not user_info:
- logger.error("认证中间件 - Token验证失败,返回401")
- return JSONResponse(
- status_code=status.HTTP_401_UNAUTHORIZED,
- content={"statusCode": 401, "msg": "Token验证失败"},
- )
- logger.info(f"认证中间件 - Token验证成功,用户 {user_info.username} ({user_info.account})")
- request.state.user = user_info
- return await call_next(request)
|
