Spaces:

Kevinshh
/

Preformu

Running

App Files Files Community

Preformu / utils /auth.py

Kevinshh

Upload 2 files

af4bd3a verified 3 months ago

raw

history blame contribute delete

2.78 kB

	"""
	Authentication Module
	=====================
	User authentication logic for Pharma K platform.
	"""

	import hashlib
	import re
	from typing import Optional, Tuple
	from utils.database import (
	create_user, get_user_by_email, update_last_login,
	get_all_users, get_default_llm_config, set_default_llm_config
	)


	def hash_password(password: str) -> str:
	"""Hash password using SHA256 (simple, no bcrypt dependency)."""
	return hashlib.sha256(password.encode()).hexdigest()


	def verify_password(password: str, password_hash: str) -> bool:
	"""Verify password against hash."""
	return hash_password(password) == password_hash


	def validate_email(email: str) -> bool:
	"""Validate email format."""
	pattern = r'^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$'
	return bool(re.match(pattern, email))


	def validate_password(password: str) -> Tuple[bool, str]:
	"""
	Validate password strength.
	Returns (is_valid, error_message)
	"""
	if len(password) < 6:
	return False, "密码长度至少6位"
	return True, ""


	def register_user(email: str, password: str) -> Tuple[bool, str]:
	"""
	Register a new user.
	Returns (success, message)
	"""
	# Validate email
	if not validate_email(email):
	return False, "邮箱格式不正确"

	# Validate password
	is_valid, error_msg = validate_password(password)
	if not is_valid:
	return False, error_msg

	# Check if email already exists
	if get_user_by_email(email):
	return False, "该邮箱已被注册"

	# Create user
	password_hash = hash_password(password)
	if create_user(email, password_hash):
	return True, "注册成功！请登录"
	else:
	return False, "注册失败，请重试"


	def login_user(email: str, password: str) -> Tuple[bool, str, Optional[dict]]:
	"""
	Login user.
	Returns (success, message, user_info)
	"""
	user = get_user_by_email(email)

	if not user:
	return False, "用户不存在", None

	if not verify_password(password, user['password_hash']):
	return False, "密码错误", None

	# Update last login
	update_last_login(email)

	return True, "登录成功", {
	'id': user['id'],
	'email': user['email'],
	'role': user['role']
	}


	def is_admin(user: dict) -> bool:
	"""Check if user is admin."""
	return user and user.get('role') == 'admin'


	# Re-export database functions for convenience
	__all__ = [
	'register_user',
	'login_user',
	'is_admin',
	'get_all_users',
	'get_default_llm_config',
	'set_default_llm_config',
	'validate_email'
	]