feat: Implement API routers for user, tag, vas, webdav, and slave functionalities

- Added user authentication and registration endpoints with JWT support. - Created tag management routes for creating and deleting tags. - Implemented value-added service (VAS) endpoints for managing storage packs and orders. - Developed WebDAV account management routes for creating, updating, and deleting accounts. - Introduced slave router for handling file uploads, downloads, and aria2 task management. - Enhanced JWT utility functions for token creation and secret key management. - Established lifespan management for FastAPI application startup and shutdown processes. - Integrated password handling utilities with Argon2 hashing and two-factor authentication support.
2025-12-19 18:04:34 +08:00
parent 11b67bde6d
commit 51b6de921b
30 changed files with 223 additions and 534 deletions
--- a/utils/JWT/JWT.py
+++ b/utils/JWT/JWT.py
@@ -0,0 +1,52 @@
+from datetime import datetime, timedelta, timezone
+
+import jwt
+from fastapi.security import OAuth2PasswordBearer
+
+oauth2_scheme = OAuth2PasswordBearer(
+    scheme_name='获取 JWT Bearer 令牌',
+    description='用于获取 JWT Bearer 令牌，需要以表单的形式提交',
+    tokenUrl="/api/user/session",
+)
+
+SECRET_KEY = ''
+
+
+async def load_secret_key() -> None:
+    """
+    从数据库读取 JWT 的密钥。
+    """
+    # 延迟导入以避免循环依赖
+    from models.database import get_session
+    from models.setting import Setting
+
+    global SECRET_KEY
+    async for session in get_session():
+        setting = await Setting.get(
+            session,
+            (Setting.type == "auth") & (Setting.name == "secret_key")
+        )
+        if setting:
+            SECRET_KEY = setting.value
+    
+# 访问令牌
+def create_access_token(data: dict, expires_delta: timedelta | None = None) -> tuple[str, datetime]:
+    to_encode = data.copy()
+    if expires_delta:
+        expire = datetime.now(timezone.utc) + expires_delta
+    else:
+        expire = datetime.now(timezone.utc) + timedelta(hours=3)
+    to_encode.update({"exp": expire})
+    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm='HS256')
+    return encoded_jwt, expire
+
+# 刷新令牌
+def create_refresh_token(data: dict, expires_delta: timedelta | None = None) -> tuple[str, datetime]:
+    to_encode = data.copy()
+    if expires_delta:
+        expire = datetime.now(timezone.utc) + expires_delta
+    else:
+        expire = datetime.now(timezone.utc) + timedelta(days=30)
+    to_encode.update({"exp": expire, "token_type": "refresh"})
+    encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm='HS256')
+    return encoded_jwt, expire