feat:限制必须api-key或登录3
parent
cdf526bc25
commit
2abb8f154f
|
|
@ -84,17 +84,20 @@ class AnonymousAuthenticationSerializer(serializers.Serializer):
|
|||
access_token = self.data.get("access_token")
|
||||
application_access_token = QuerySet(ApplicationAccessToken).filter(access_token=access_token).first()
|
||||
if application_access_token is not None and application_access_token.is_active:
|
||||
platform_user = self.get_platform_user(request)
|
||||
if platform_user is not None:
|
||||
chat_user_id = str(platform_user.id)
|
||||
chat_user_type = ChatUserType.PLATFORM_USER.value
|
||||
user_id = platform_user.id
|
||||
else:
|
||||
api_key = self.data.get('api_key') or self.get_request_api_key(request)
|
||||
api_key = self.data.get('api_key') or self.get_request_api_key(request)
|
||||
if api_key:
|
||||
application_api_key = self.validate_application_api_key(application_access_token.application_id, api_key)
|
||||
chat_user_id = str(application_api_key.id)
|
||||
chat_user_type = ChatUserType.APPLICATION_API_KEY.value
|
||||
user_id = None
|
||||
else:
|
||||
platform_user = self.get_platform_user(request)
|
||||
if platform_user is not None:
|
||||
chat_user_id = str(platform_user.id)
|
||||
chat_user_type = ChatUserType.PLATFORM_USER.value
|
||||
user_id = platform_user.id
|
||||
else:
|
||||
raise AppUnauthorizedFailed(401, _("Authentication information is incorrect"))
|
||||
_type = AuthenticationType.CHAT_ANONYMOUS_USER
|
||||
token = ChatUserToken(application_access_token.application_id, user_id, access_token, _type,
|
||||
chat_user_type, chat_user_id, ChatAuthentication(None)).to_token()
|
||||
|
|
@ -116,9 +119,11 @@ class AuthProfileSerializer(serializers.Serializer):
|
|||
if not application_access_token.is_active:
|
||||
raise NotFound404(404, _("Invalid access_token"))
|
||||
application_id = application_access_token.application_id
|
||||
if AnonymousAuthenticationSerializer.get_platform_user(request) is None:
|
||||
api_key = self.data.get("api_key") or AnonymousAuthenticationSerializer.get_request_api_key(request)
|
||||
api_key = self.data.get("api_key") or AnonymousAuthenticationSerializer.get_request_api_key(request)
|
||||
if api_key:
|
||||
AnonymousAuthenticationSerializer.validate_application_api_key(application_id, api_key)
|
||||
elif AnonymousAuthenticationSerializer.get_platform_user(request) is None:
|
||||
raise AppUnauthorizedFailed(401, _("Authentication information is incorrect"))
|
||||
profile = {
|
||||
'authentication': False
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,19 @@ router.beforeEach(
|
|||
const { chatUser } = useStore()
|
||||
if (['login', 'chat'].includes(to.name ? to.name.toString() : '')) {
|
||||
chatUser.setAccessToken(to.params.accessToken.toString())
|
||||
chatUser.setApiKey(typeof to.query.api_key === 'string' ? to.query.api_key : undefined)
|
||||
const apiKey = typeof to.query.api_key === 'string' ? to.query.api_key : undefined
|
||||
chatUser.setApiKey(apiKey)
|
||||
|
||||
if (apiKey && to.name === 'chat') {
|
||||
try {
|
||||
await chatUser.anonymousAuthentication()
|
||||
await chatUser.applicationProfile()
|
||||
next()
|
||||
} catch (e: any) {
|
||||
next()
|
||||
}
|
||||
return
|
||||
}
|
||||
} else {
|
||||
next({
|
||||
path: '/404',
|
||||
|
|
|
|||
Loading…
Reference in New Issue