-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix:solve the dup retrieval issue (#575)
* feat: merge partial env variable and skip validation in the dev * fix: fix dup retrieval * feat: update petercat-utils
- Loading branch information
1 parent
de3dc77
commit 61bd4ef
Showing
9 changed files
with
129 additions
and
121 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
[tool.poetry] | ||
name = "petercat_utils" | ||
version = "0.1.39" | ||
version = "0.1.40" | ||
description = "" | ||
authors = ["raoha.rh <[email protected]>"] | ||
readme = "README.md" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,88 +1,87 @@ | ||
import traceback | ||
from typing import Awaitable, Callable | ||
|
||
from fastapi import HTTPException, Request, status | ||
from fastapi.responses import JSONResponse | ||
from petercat_utils import get_env_variable | ||
from fastapi.security import OAuth2PasswordBearer | ||
from starlette.middleware.base import BaseHTTPMiddleware | ||
from starlette.responses import Response | ||
from fastapi.security import OAuth2PasswordBearer | ||
|
||
from core.dao.botDAO import BotDAO | ||
|
||
WEB_URL = get_env_variable("WEB_URL") | ||
ENVRIMENT = get_env_variable("PETERCAT_ENV", "development") | ||
from env import ENVIRONMENT, WEB_URL | ||
|
||
ALLOW_LIST = [ | ||
"/", | ||
"/favicon.ico", | ||
"/api/health_checker", | ||
"/api/bot/list", | ||
"/api/bot/detail", | ||
"/api/github/app/webhook", | ||
"/app/installation/callback", | ||
"/", | ||
"/favicon.ico", | ||
"/api/health_checker", | ||
"/api/bot/list", | ||
"/api/bot/detail", | ||
"/api/github/app/webhook", | ||
"/app/installation/callback", | ||
] | ||
|
||
ANONYMOUS_USER_ALLOW_LIST = [ | ||
"/api/auth/userinfo", | ||
"/api/chat/qa", | ||
"/api/chat/stream_qa", | ||
"/api/auth/userinfo", | ||
"/api/chat/qa", | ||
"/api/chat/stream_qa", | ||
] | ||
|
||
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/token") | ||
|
||
|
||
class AuthMiddleWare(BaseHTTPMiddleware): | ||
|
||
async def oauth(self, request: Request): | ||
try: | ||
referer = request.headers.get('referer') | ||
origin = request.headers.get('origin') | ||
if referer and referer.startswith(WEB_URL): | ||
return True | ||
token = await oauth2_scheme(request=request) | ||
if token: | ||
bot_dao = BotDAO() | ||
bot = bot_dao.get_bot(bot_id=token) | ||
return bot and ( | ||
"*" in bot.domain_whitelist | ||
or | ||
origin in bot.domain_whitelist | ||
) | ||
except HTTPException: | ||
return False | ||
async def dispatch(self, request: Request, call_next: Callable[[Request], Awaitable[Response]]) -> Response: | ||
try: | ||
# if ENVRIMENT == "development": | ||
# return await call_next(request) | ||
# Auth 相关的直接放过 | ||
if request.url.path.startswith("/api/auth"): | ||
return await call_next(request) | ||
if request.url.path in ALLOW_LIST: | ||
return await call_next(request) | ||
if await self.oauth(request=request): | ||
return await call_next(request) | ||
|
||
# 获取 session 中的用户信息 | ||
user = request.session.get("user") | ||
if not user: | ||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Unauthorized") | ||
if user['sub'].startswith("client|"): | ||
if request.url.path in ANONYMOUS_USER_ALLOW_LIST: | ||
return await call_next(request) | ||
else: | ||
# 如果没有用户信息,返回 401 Unauthorized 错误 | ||
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Anonymous User Not Allow") | ||
return await call_next(request) | ||
except HTTPException as e: | ||
print(traceback.format_exception(e)) | ||
# 处理 HTTP 异常 | ||
return JSONResponse(status_code=e.status_code, content={"detail": e.detail}) | ||
except Exception as e: | ||
# 处理其他异常 | ||
return JSONResponse(status_code=500, content={"detail": f"Internal Server Error: {e}"}) | ||
async def oauth(self, request: Request): | ||
try: | ||
referer = request.headers.get('referer') | ||
origin = request.headers.get('origin') | ||
if referer and referer.startswith(WEB_URL): | ||
return True | ||
|
||
token = await oauth2_scheme(request=request) | ||
if token: | ||
bot_dao = BotDAO() | ||
bot = bot_dao.get_bot(bot_id=token) | ||
return bot and ( | ||
"*" in bot.domain_whitelist | ||
or | ||
origin in bot.domain_whitelist | ||
) | ||
except HTTPException: | ||
return False | ||
|
||
async def dispatch(self, request: Request, call_next: Callable[[Request], Awaitable[Response]]) -> Response: | ||
try: | ||
if ENVIRONMENT == "development": | ||
return await call_next(request) | ||
|
||
# Auth 相关的直接放过 | ||
if request.url.path.startswith("/api/auth"): | ||
return await call_next(request) | ||
|
||
if request.url.path in ALLOW_LIST: | ||
return await call_next(request) | ||
|
||
if await self.oauth(request=request): | ||
return await call_next(request) | ||
|
||
# 获取 session 中的用户信息 | ||
user = request.session.get("user") | ||
if not user: | ||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Unauthorized") | ||
|
||
if user['sub'].startswith("client|"): | ||
if request.url.path in ANONYMOUS_USER_ALLOW_LIST: | ||
return await call_next(request) | ||
else: | ||
# 如果没有用户信息,返回 401 Unauthorized 错误 | ||
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Anonymous User Not Allow") | ||
|
||
return await call_next(request) | ||
except HTTPException as e: | ||
print(traceback.format_exception(e)) | ||
# 处理 HTTP 异常 | ||
return JSONResponse(status_code=e.status_code, content={"detail": e.detail}) | ||
except Exception as e: | ||
# 处理其他异常 | ||
return JSONResponse(status_code=500, content={"detail": f"Internal Server Error: {e}"}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
# list all env variables | ||
from petercat_utils import get_env_variable | ||
|
||
WEB_URL = get_env_variable("WEB_URL") | ||
ENVIRONMENT = get_env_variable("PETERCAT_ENV", "development") | ||
API_URL = get_env_variable("API_URL") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.