feat:限制必须api-key或登录3

v3.2
panyy 2026-06-29 16:53:12 +08:00
parent cdf526bc25
commit 2abb8f154f
2 changed files with 27 additions and 10 deletions

View File

@ -84,17 +84,20 @@ class AnonymousAuthenticationSerializer(serializers.Serializer):
access_token = self.data.get("access_token")
application_access_token = QuerySet(ApplicationAccessToken).filter(access_token=access_token).first()
if application_access_token is not None and application_access_token.is_active:
platform_user = self.get_platform_user(request)
if platform_user is not None:
chat_user_id = str(platform_user.id)
chat_user_type = ChatUserType.PLATFORM_USER.value
user_id = platform_user.id
else:
api_key = self.data.get('api_key') or self.get_request_api_key(request)
api_key = self.data.get('api_key') or self.get_request_api_key(request)
if api_key:
application_api_key = self.validate_application_api_key(application_access_token.application_id, api_key)
chat_user_id = str(application_api_key.id)
chat_user_type = ChatUserType.APPLICATION_API_KEY.value
user_id = None
else:
platform_user = self.get_platform_user(request)
if platform_user is not None:
chat_user_id = str(platform_user.id)
chat_user_type = ChatUserType.PLATFORM_USER.value
user_id = platform_user.id
else:
raise AppUnauthorizedFailed(401, _("Authentication information is incorrect"))
_type = AuthenticationType.CHAT_ANONYMOUS_USER
token = ChatUserToken(application_access_token.application_id, user_id, access_token, _type,
chat_user_type, chat_user_id, ChatAuthentication(None)).to_token()
@ -116,9 +119,11 @@ class AuthProfileSerializer(serializers.Serializer):
if not application_access_token.is_active:
raise NotFound404(404, _("Invalid access_token"))
application_id = application_access_token.application_id
if AnonymousAuthenticationSerializer.get_platform_user(request) is None:
api_key = self.data.get("api_key") or AnonymousAuthenticationSerializer.get_request_api_key(request)
api_key = self.data.get("api_key") or AnonymousAuthenticationSerializer.get_request_api_key(request)
if api_key:
AnonymousAuthenticationSerializer.validate_application_api_key(application_id, api_key)
elif AnonymousAuthenticationSerializer.get_platform_user(request) is None:
raise AppUnauthorizedFailed(401, _("Authentication information is incorrect"))
profile = {
'authentication': False
}

View File

@ -27,7 +27,19 @@ router.beforeEach(
const { chatUser } = useStore()
if (['login', 'chat'].includes(to.name ? to.name.toString() : '')) {
chatUser.setAccessToken(to.params.accessToken.toString())
chatUser.setApiKey(typeof to.query.api_key === 'string' ? to.query.api_key : undefined)
const apiKey = typeof to.query.api_key === 'string' ? to.query.api_key : undefined
chatUser.setApiKey(apiKey)
if (apiKey && to.name === 'chat') {
try {
await chatUser.anonymousAuthentication()
await chatUser.applicationProfile()
next()
} catch (e: any) {
next()
}
return
}
} else {
next({
path: '/404',