提交所有代码到 qiaoxinjiu 分支

2026-05-11 14:29:16 +08:00
parent 01a4ac8ea1
commit 2fea5adb44
59 changed files with 4957 additions and 1603 deletions
--- a/app/api/utils/pycache/authMiddleware.cpython-38.pyc
+++ b/app/api/utils/pycache/authMiddleware.cpython-38.pyc
--- a/app/api/utils/authMiddleware.py
+++ b/app/api/utils/authMiddleware.py
@@ -16,10 +16,22 @@ from common.sqlSession import SqlSession

 TOKEN_PREFIX = 'effekt:token:'
 TOKEN_CONTEXT_PREFIX = 'effekt:token:ctx:'
+REFRESH_TOKEN_PREFIX = 'effekt:refresh:'
 TOKEN_EXPIRE_SECONDS = 7200
+REFRESH_TOKEN_EXPIRE_SECONDS = 86400 * 7
 TOKEN_REFRESH_THRESHOLD_SECONDS = 1800
 TOKEN_CONTEXT_EXPIRE_SECONDS = 300
-WHITELIST_PATHS = ['/it/api/auth/login', '/it/api/auth/register']
+WHITELIST_PATHS = [
+    '/it/api/auth/login',
+    '/it/api/auth/register',
+    '/it/api/auth/refresh',
+    '/it/api/automation/execution/case/pull',
+    '/it/api/automation/execution/queued',
+    '/it/api/automation/execution/start',
+    '/it/api/automation/execution/case/result',
+    '/it/api/automation/execution/finish',
+    '/it/api/automation/execution/abort'
+]

 _redis_client = redis.from_url(REDIS_URL, decode_responses=True)
 _redis_client.ping()
@@ -32,6 +44,34 @@ def create_token(user_id):
    return token, TOKEN_EXPIRE_SECONDS


+def create_refresh_token(user_id):
+    refresh_token = uuid.uuid4().hex
+    key = REFRESH_TOKEN_PREFIX + refresh_token
+    _redis_client.setex(key, REFRESH_TOKEN_EXPIRE_SECONDS, str(user_id))
+    return refresh_token, REFRESH_TOKEN_EXPIRE_SECONDS
+
+
+def validate_refresh_token(refresh_token):
+    key = REFRESH_TOKEN_PREFIX + refresh_token
+    user_id = _redis_client.get(key)
+    if user_id:
+        return int(user_id)
+    return None
+
+
+def revoke_refresh_token(refresh_token):
+    if refresh_token:
+        _redis_client.delete(REFRESH_TOKEN_PREFIX + refresh_token)
+
+
+def revoke_all_refresh_tokens(user_id):
+    keys = _redis_client.keys(REFRESH_TOKEN_PREFIX + '*')
+    for key in keys:
+        stored_user_id = _redis_client.get(key)
+        if stored_user_id == str(user_id):
+            _redis_client.delete(key)
+
+
 def get_token_ttl(token):
    return _redis_client.ttl(TOKEN_PREFIX + token)

@@ -71,10 +111,10 @@ def login_required(func):
    def wrapper(*args, **kwargs):
        token = parse_token()
        if not token:
-            return ApiResponse.build_failure(40004, msg='未登录或缺少token！')
+            return ApiResponse.build_failure(40001, msg='缺少token！')
        user_id = get_current_user_id(token)
        if not user_id:
-            return ApiResponse.build_failure(40004, msg='token无效或已过期！')
+            return ApiResponse.build_failure(451, msg='token无效或已过期！')
        session = None
        try:
            token_context = get_token_context(token)
@@ -133,10 +173,10 @@ def permission_required(permission_code):
        @wraps(func)
        def wrapper(*args, **kwargs):
            if not getattr(g, 'current_user_id', None):
-                return ApiResponse.build_failure(40004, msg='未登录或缺少token！')
+                return ApiResponse.build_failure(40001, msg='缺少token！')
            current_permission_codes = getattr(g, 'current_permission_codes', [])
            if not has_permission(permission_code, current_permission_codes):
-                return ApiResponse.build_failure(40004, msg='无权限访问该接口！')
+                return ApiResponse.build_failure(40003, msg='无权限访问该接口！')
            return func(*args, **kwargs)
        return wrapper
    return decorator