Spaces:
Running
Running
同步登录认证
Browse files- models.py +1 -0
- router_users_auth.py +2 -1
- 安全认证.py +12 -4
models.py
CHANGED
|
@@ -25,6 +25,7 @@ class UserRegister(BaseModel):
|
|
| 25 |
class UserLogin(BaseModel):
|
| 26 |
account: str
|
| 27 |
password: str
|
|
|
|
| 28 |
|
| 29 |
class UserUpdate(BaseModel):
|
| 30 |
name: Optional[str] = None
|
|
|
|
| 25 |
class UserLogin(BaseModel):
|
| 26 |
account: str
|
| 27 |
password: str
|
| 28 |
+
remember: Optional[bool] = True # 保持登录选项:True=30天, False=24小时
|
| 29 |
|
| 30 |
class UserUpdate(BaseModel):
|
| 31 |
name: Optional[str] = None
|
router_users_auth.py
CHANGED
|
@@ -258,7 +258,8 @@ async def login_user(request: Request, user: UserLogin):
|
|
| 258 |
# 🔒 P0安全增强:生成 JWT Token(替代 mock_token)
|
| 259 |
# 获取password_version用于Token生成(如不存在则默认为0)
|
| 260 |
password_version = user_data.get("password_version", 0)
|
| 261 |
-
|
|
|
|
| 262 |
|
| 263 |
return {
|
| 264 |
"status": "success",
|
|
|
|
| 258 |
# 🔒 P0安全增强:生成 JWT Token(替代 mock_token)
|
| 259 |
# 获取password_version用于Token生成(如不存在则默认为0)
|
| 260 |
password_version = user_data.get("password_version", 0)
|
| 261 |
+
# 根据用户选择的"保持登录"选项设置Token有效期
|
| 262 |
+
token = create_token(user.account, extra_data={"pwd_ver": password_version}, remember=user.remember)
|
| 263 |
|
| 264 |
return {
|
| 265 |
"status": "success",
|
安全认证.py
CHANGED
|
@@ -30,8 +30,10 @@ import bcrypt
|
|
| 30 |
JWT_SECRET = os.environ.get("JWT_SECRET", "ComfyUI-Ranking-Default-Secret-Key-2024")
|
| 31 |
PASSWORD_SALT = os.environ.get("PASSWORD_SALT", "ComfyUI-Ranking-Salt-v1")
|
| 32 |
|
| 33 |
-
# Token 有效期
|
| 34 |
-
TOKEN_EXPIRE_SECONDS = 7 * 24 * 60 * 60
|
|
|
|
|
|
|
| 35 |
|
| 36 |
|
| 37 |
# ==========================================
|
|
@@ -131,13 +133,16 @@ def _base64url_decode(data: str) -> bytes:
|
|
| 131 |
return base64.urlsafe_b64decode(data)
|
| 132 |
|
| 133 |
|
| 134 |
-
def create_token(account: str, extra_data: dict = None) -> str:
|
| 135 |
"""
|
| 136 |
生成 JWT Token
|
| 137 |
|
| 138 |
参数:
|
| 139 |
account: 用户账号(必填)
|
| 140 |
extra_data: 额外数据,如角色、权限等(可选)
|
|
|
|
|
|
|
|
|
|
| 141 |
|
| 142 |
返回:
|
| 143 |
JWT Token 字符串(格式:header.payload.signature)
|
|
@@ -157,10 +162,13 @@ def create_token(account: str, extra_data: dict = None) -> str:
|
|
| 157 |
|
| 158 |
# ========== 2. 构建 Payload ==========
|
| 159 |
now = int(time.time())
|
|
|
|
|
|
|
| 160 |
payload = {
|
| 161 |
"sub": account, # Subject: 用户账号
|
| 162 |
"iat": now, # Issued At: 签发时间
|
| 163 |
-
"exp": now +
|
|
|
|
| 164 |
}
|
| 165 |
|
| 166 |
# 合并额外数据
|
|
|
|
| 30 |
JWT_SECRET = os.environ.get("JWT_SECRET", "ComfyUI-Ranking-Default-Secret-Key-2024")
|
| 31 |
PASSWORD_SALT = os.environ.get("PASSWORD_SALT", "ComfyUI-Ranking-Salt-v1")
|
| 32 |
|
| 33 |
+
# Token 有效期配置(单位:秒)
|
| 34 |
+
TOKEN_EXPIRE_SECONDS = 7 * 24 * 60 * 60 # 默认7天(向后兼容)
|
| 35 |
+
TOKEN_EXPIRE_LONG = 30 * 24 * 60 * 60 # 保持登录:30天
|
| 36 |
+
TOKEN_EXPIRE_SHORT = 24 * 60 * 60 # 不保持登录:24小时(会话级别)
|
| 37 |
|
| 38 |
|
| 39 |
# ==========================================
|
|
|
|
| 133 |
return base64.urlsafe_b64decode(data)
|
| 134 |
|
| 135 |
|
| 136 |
+
def create_token(account: str, extra_data: dict = None, remember: bool = True) -> str:
|
| 137 |
"""
|
| 138 |
生成 JWT Token
|
| 139 |
|
| 140 |
参数:
|
| 141 |
account: 用户账号(必填)
|
| 142 |
extra_data: 额外数据,如角色、权限等(可选)
|
| 143 |
+
remember: 是否保持登录(可选,默认True)
|
| 144 |
+
- True: Token 有效期 30 天
|
| 145 |
+
- False: Token 有效期 24 小时
|
| 146 |
|
| 147 |
返回:
|
| 148 |
JWT Token 字符串(格式:header.payload.signature)
|
|
|
|
| 162 |
|
| 163 |
# ========== 2. 构建 Payload ==========
|
| 164 |
now = int(time.time())
|
| 165 |
+
# 根据 remember 参数选择有效期
|
| 166 |
+
expire_seconds = TOKEN_EXPIRE_LONG if remember else TOKEN_EXPIRE_SHORT
|
| 167 |
payload = {
|
| 168 |
"sub": account, # Subject: 用户账号
|
| 169 |
"iat": now, # Issued At: 签发时间
|
| 170 |
+
"exp": now + expire_seconds, # Expiration: 过期时间
|
| 171 |
+
"remember": remember # 记录登录类型(用于前端提示)
|
| 172 |
}
|
| 173 |
|
| 174 |
# 合并额外数据
|