Spaces:
Sleeping
Sleeping
testcoder-ui
commited on
Commit
·
004d952
1
Parent(s):
486cfb1
Fix OAuth: get username from Starlette Request session (tested and working)
Browse files
app.py
CHANGED
|
@@ -228,55 +228,83 @@ def check_user_access(request: gr.Request) -> Tuple[str, bool]:
|
|
| 228 |
# 在 Hugging Face Space 中,OAuth 登录后用户名可能在多个地方
|
| 229 |
username = None
|
| 230 |
|
| 231 |
-
# 方法1:
|
| 232 |
-
if hasattr(request, '
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 233 |
username = request.username
|
| 234 |
logger.info(f"从 request.username 获取用户名: {username}")
|
| 235 |
|
| 236 |
-
# 方法
|
| 237 |
-
|
| 238 |
-
|
| 239 |
-
|
| 240 |
-
|
| 241 |
-
|
| 242 |
-
|
| 243 |
-
|
| 244 |
-
|
| 245 |
-
if
|
| 246 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 247 |
logger.info(f"从 cookie {cookie_name} 获取用户名: {username}")
|
| 248 |
break
|
| 249 |
|
| 250 |
-
# 方法
|
| 251 |
-
|
| 252 |
-
|
| 253 |
-
|
| 254 |
-
|
| 255 |
-
|
| 256 |
-
|
| 257 |
-
logger.info(f"从 header {header_name} 获取: {header_value}")
|
| 258 |
-
username = header_value
|
| 259 |
break
|
| 260 |
-
|
| 261 |
-
# 如果没有找到,尝试从 authorization header 解析
|
| 262 |
-
if not username and 'authorization' in request.headers:
|
| 263 |
-
auth_header = request.headers.get('authorization', '')
|
| 264 |
-
logger.info(f"找到 authorization header: {auth_header[:50]}...")
|
| 265 |
-
# 这里可以解析 JWT token 获取用户名(如果需要)
|
| 266 |
-
|
| 267 |
-
# 方法5: 从环境变量获取(如果 Space 设置了)
|
| 268 |
-
if not username:
|
| 269 |
-
username = os.getenv('HF_USERNAME', '')
|
| 270 |
-
if username:
|
| 271 |
-
logger.info(f"从环境变量 HF_USERNAME 获取用户名: {username}")
|
| 272 |
|
| 273 |
# 调试:打印 request 对象的所有属性
|
| 274 |
if not username:
|
| 275 |
-
logger.warning("
|
| 276 |
-
if hasattr(request, '
|
| 277 |
-
|
| 278 |
-
|
| 279 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 280 |
|
| 281 |
if not username:
|
| 282 |
return "", False
|
|
|
|
| 228 |
# 在 Hugging Face Space 中,OAuth 登录后用户名可能在多个地方
|
| 229 |
username = None
|
| 230 |
|
| 231 |
+
# 方法1: 从 Starlette Request 的 session 中获取(OAuth 信息存在这里)
|
| 232 |
+
if hasattr(request, 'request') and hasattr(request.request, 'session'):
|
| 233 |
+
session = request.request.session
|
| 234 |
+
# OAuth 用户信息可能在 session 的 'oauth_info' 或 'user' 中
|
| 235 |
+
if 'oauth_info' in session:
|
| 236 |
+
oauth_info = session.get('oauth_info', {})
|
| 237 |
+
username = oauth_info.get('preferred_username') or oauth_info.get('name') or oauth_info.get('sub')
|
| 238 |
+
if username:
|
| 239 |
+
logger.info(f"从 session['oauth_info'] 获取用户名: {username}")
|
| 240 |
+
elif 'user' in session:
|
| 241 |
+
user_info = session.get('user', {})
|
| 242 |
+
username = user_info.get('preferred_username') or user_info.get('name') or user_info.get('username')
|
| 243 |
+
if username:
|
| 244 |
+
logger.info(f"从 session['user'] 获取用户名: {username}")
|
| 245 |
+
elif session:
|
| 246 |
+
# 打印 session 内容用于调试
|
| 247 |
+
logger.info(f"Session keys: {list(session.keys())}")
|
| 248 |
+
logger.info(f"Session content: {session}")
|
| 249 |
+
|
| 250 |
+
# 方法2: 直接从 request.username 获取(Gradio 可能已经解析)
|
| 251 |
+
if not username and hasattr(request, 'username') and request.username:
|
| 252 |
username = request.username
|
| 253 |
logger.info(f"从 request.username 获取用户名: {username}")
|
| 254 |
|
| 255 |
+
# 方法3: 从 Starlette Request 的 state 中获取
|
| 256 |
+
if not username and hasattr(request, 'request') and hasattr(request.request, 'state'):
|
| 257 |
+
state = request.request.state
|
| 258 |
+
if hasattr(state, 'user'):
|
| 259 |
+
user_info = state.user
|
| 260 |
+
if isinstance(user_info, dict):
|
| 261 |
+
username = user_info.get('preferred_username') or user_info.get('name')
|
| 262 |
+
else:
|
| 263 |
+
username = str(user_info)
|
| 264 |
+
if username:
|
| 265 |
+
logger.info(f"从 request.request.state.user 获取用户名: {username}")
|
| 266 |
+
|
| 267 |
+
# 方法4: 从 cookies 中获取
|
| 268 |
+
if not username and hasattr(request, 'request') and hasattr(request.request, 'cookies'):
|
| 269 |
+
cookies = request.request.cookies
|
| 270 |
+
for cookie_name in ['hf_user', 'username', 'user', 'hf_username', 'oauth_profile']:
|
| 271 |
+
if cookie_name in cookies:
|
| 272 |
+
username = cookies[cookie_name]
|
| 273 |
logger.info(f"从 cookie {cookie_name} 获取用户名: {username}")
|
| 274 |
break
|
| 275 |
|
| 276 |
+
# 方法5: 从 headers 中获取
|
| 277 |
+
if not username and hasattr(request, 'request') and hasattr(request.request, 'headers'):
|
| 278 |
+
headers = request.request.headers
|
| 279 |
+
for header_name in ['x-user', 'x-hf-user', 'x-username']:
|
| 280 |
+
if header_name in headers:
|
| 281 |
+
username = headers[header_name]
|
| 282 |
+
logger.info(f"从 header {header_name} 获取用户名: {username}")
|
|
|
|
|
|
|
| 283 |
break
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 284 |
|
| 285 |
# 调试:打印 request 对象的所有属性
|
| 286 |
if not username:
|
| 287 |
+
logger.warning("无法获取用户名,正在调试...")
|
| 288 |
+
if hasattr(request, 'request'):
|
| 289 |
+
starlette_request = request.request
|
| 290 |
+
logger.warning(f"Starlette Request type: {type(starlette_request)}")
|
| 291 |
+
|
| 292 |
+
# 打印 session
|
| 293 |
+
if hasattr(starlette_request, 'session'):
|
| 294 |
+
logger.warning(f"Session keys: {list(starlette_request.session.keys())}")
|
| 295 |
+
logger.warning(f"Session: {dict(starlette_request.session)}")
|
| 296 |
+
|
| 297 |
+
# 打印 state
|
| 298 |
+
if hasattr(starlette_request, 'state'):
|
| 299 |
+
logger.warning(f"State: {starlette_request.state.__dict__}")
|
| 300 |
+
|
| 301 |
+
# 打印 cookies
|
| 302 |
+
if hasattr(starlette_request, 'cookies'):
|
| 303 |
+
logger.warning(f"Cookies: {dict(starlette_request.cookies)}")
|
| 304 |
+
|
| 305 |
+
# 打印 headers
|
| 306 |
+
if hasattr(starlette_request, 'headers'):
|
| 307 |
+
logger.warning(f"Headers: {dict(starlette_request.headers)}")
|
| 308 |
|
| 309 |
if not username:
|
| 310 |
return "", False
|