Update synchronous function calls in JWT (#423)

fastapi-practices · Sep 18, 2024 · 6cf30b3 · 6cf30b3
1 parent eb23d1b
commit 6cf30b3
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 11 deletions.
diff --git a/backend/app/admin/service/auth_service.py b/backend/app/admin/service/auth_service.py
@@ -130,7 +130,7 @@ async def new_token(*, request: Request, response: Response) -> GetNewToken:
                 raise errors.NotFoundError(msg='用户名或密码有误')
             elif not current_user.status:
                 raise errors.AuthorizationError(msg='用户已被锁定, 请联系统管理员')
-            current_token = await get_token(request)
+            current_token = get_token(request)
             new_token = await create_new_token(
                 sub=str(current_user.id),
                 token=current_token,
@@ -152,7 +152,7 @@ async def new_token(*, request: Request, response: Response) -> GetNewToken:
 
     @staticmethod
     async def logout(*, request: Request, response: Response) -> None:
-        token = await get_token(request)
+        token = get_token(request)
         refresh_token = request.cookies.get(settings.COOKIE_REFRESH_TOKEN_KEY)
         response.delete_cookie(settings.COOKIE_REFRESH_TOKEN_KEY)
         if request.user.is_multi_login:

diff --git a/backend/app/admin/service/user_service.py b/backend/app/admin/service/user_service.py
@@ -45,7 +45,7 @@ async def register(*, obj: RegisterUserParam) -> None:
     @staticmethod
     async def add(*, request: Request, obj: AddUserParam) -> None:
         async with async_db_session.begin() as db:
-            await superuser_verify(request)
+            superuser_verify(request)
             username = await user_dao.get_by_username(db, obj.username)
             if username:
                 raise errors.ForbiddenError(msg='用户已注册')
@@ -158,7 +158,7 @@ async def get_select(*, dept: int, username: str = None, phone: str = None, stat
     @staticmethod
     async def update_permission(*, request: Request, pk: int) -> int:
         async with async_db_session.begin() as db:
-            await superuser_verify(request)
+            superuser_verify(request)
             if not await user_dao.get(db, pk):
                 raise errors.NotFoundError(msg='用户不存在')
             else:
@@ -172,7 +172,7 @@ async def update_permission(*, request: Request, pk: int) -> int:
     @staticmethod
     async def update_staff(*, request: Request, pk: int) -> int:
         async with async_db_session.begin() as db:
-            await superuser_verify(request)
+            superuser_verify(request)
             if not await user_dao.get(db, pk):
                 raise errors.NotFoundError(msg='用户不存在')
             else:
@@ -186,7 +186,7 @@ async def update_staff(*, request: Request, pk: int) -> int:
     @staticmethod
     async def update_status(*, request: Request, pk: int) -> int:
         async with async_db_session.begin() as db:
-            await superuser_verify(request)
+            superuser_verify(request)
             if not await user_dao.get(db, pk):
                 raise errors.NotFoundError(msg='用户不存在')
             else:
@@ -200,15 +200,15 @@ async def update_status(*, request: Request, pk: int) -> int:
     @staticmethod
     async def update_multi_login(*, request: Request, pk: int) -> int:
         async with async_db_session.begin() as db:
-            await superuser_verify(request)
+            superuser_verify(request)
             if not await user_dao.get(db, pk):
                 raise errors.NotFoundError(msg='用户不存在')
             else:
                 user_id = request.user.id
                 multi_login = await user_dao.get_multi_login(db, pk) if pk != user_id else request.user.is_multi_login
                 count = await user_dao.set_multi_login(db, pk, False if multi_login else True)
                 await redis_client.delete(f'{settings.JWT_USER_REDIS_PREFIX}:{request.user.id}')
-                token = await get_token(request)
+                token = get_token(request)
                 latest_multi_login = await user_dao.get_multi_login(db, pk)
                 # 超级用户修改自身时，除当前token外，其他token失效
                 if pk == user_id:

diff --git a/backend/common/security/jwt.py b/backend/common/security/jwt.py
@@ -2,7 +2,6 @@
 # -*- coding: utf-8 -*-
 from datetime import timedelta
 
-from asgiref.sync import sync_to_async
 from fastapi import Depends, Request
 from fastapi.security import HTTPBearer
 from fastapi.security.utils import get_authorization_scheme_param
@@ -120,7 +119,6 @@ async def create_new_token(sub: str, token: str, refresh_token: str, multi_login
     )
 
 
-@sync_to_async
 def get_token(request: Request) -> str:
     """
     Get token for request header
@@ -195,7 +193,6 @@ async def get_current_user(db: AsyncSession, pk: int) -> User:
     return user
 
 
-@sync_to_async
 def superuser_verify(request: Request) -> bool:
     """
     Verify the current user permissions through token