From 258404fa45dda6542f1809ef4467c534518e93ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=82=B9=E6=96=B9=E6=88=90?= Date: Thu, 9 Oct 2025 14:44:17 +0800 Subject: [PATCH] =?UTF-8?q?fix(middlewares):=20=E6=B7=BB=E5=8A=A0JSON?= =?UTF-8?q?=E5=AD=97=E6=AE=B5=E8=A7=84=E8=8C=83=E5=8C=96=E5=A4=84=E7=90=86?= =?UTF-8?q?=E7=A1=AE=E4=BF=9D=E6=95=B0=E6=8D=AE=E5=90=88=E6=B3=95=E6=80=A7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit refactor(api): 统一路由依赖认证,调整部分路由权限配置 在middlewares.py中添加normalize_json_field方法处理JSON字段,确保写入数据库的数据合法 在__init__.py中统一路由认证依赖,部分路由从仅需权限改为同时需要认证和权限 --- app/api/v1/__init__.py | 33 +++++++++++++++++++-------------- app/core/middlewares.py | 36 ++++++++++++++++++++++++++++++++++-- 估值字段.txt | 4 ++-- 3 files changed, 55 insertions(+), 18 deletions(-) diff --git a/app/api/v1/__init__.py b/app/api/v1/__init__.py index 7a80d31..5443bb0 100644 --- a/app/api/v1/__init__.py +++ b/app/api/v1/__init__.py @@ -1,6 +1,7 @@ -from fastapi import APIRouter +from fastapi import APIRouter, Depends -from app.core.dependency import DependPermission +from app.core.dependency import DependAuth, DependPermission +from app.utils.app_user_jwt import get_current_app_user from .apis import apis_router from .app_users import app_users_router @@ -23,15 +24,19 @@ v1_router = APIRouter() v1_router.include_router(base_router, prefix="/base") v1_router.include_router(app_users_router, prefix="/app-user") # AppUser路由,无需权限依赖 v1_router.include_router(app_valuations_router, prefix="/app-valuations") # 用户端估值评估路由,需要认证 -v1_router.include_router(users_router, prefix="/user", dependencies=[DependPermission]) -v1_router.include_router(roles_router, prefix="/role", dependencies=[DependPermission]) -v1_router.include_router(menus_router, prefix="/menu", dependencies=[DependPermission]) -v1_router.include_router(apis_router, prefix="/api", dependencies=[DependPermission]) -v1_router.include_router(depts_router, prefix="/dept", dependencies=[DependPermission]) -v1_router.include_router(auditlog_router, prefix="/auditlog", dependencies=[DependPermission]) -v1_router.include_router(esg_router, prefix="/esg", dependencies=[DependPermission]) -v1_router.include_router(index_router, prefix="/index", dependencies=[DependPermission]) -v1_router.include_router(industry_router, prefix="/industry", dependencies=[DependPermission]) -v1_router.include_router(policy_router, prefix="/policy", dependencies=[DependPermission]) -v1_router.include_router(third_party_api_router, prefix="/third_party_api", dependencies=[DependPermission]) -v1_router.include_router(valuations_router, prefix="/valuations", dependencies=[DependPermission]) +v1_router.include_router(users_router, prefix="/user", dependencies=[DependAuth, DependPermission]) +v1_router.include_router(roles_router, prefix="/role", dependencies=[DependAuth, DependPermission]) +v1_router.include_router(menus_router, prefix="/menu", dependencies=[DependAuth, DependPermission]) +v1_router.include_router(apis_router, prefix="/api", dependencies=[DependAuth, DependPermission]) +v1_router.include_router(depts_router, prefix="/dept", dependencies=[DependAuth, DependPermission]) +v1_router.include_router(auditlog_router, prefix="/auditlog", dependencies=[DependAuth, DependPermission]) +v1_router.include_router(esg_router, prefix="/esg") +v1_router.include_router(index_router, prefix="/index") +v1_router.include_router(industry_router, prefix="/industry") +v1_router.include_router(policy_router, prefix="/policy") +v1_router.include_router( + third_party_api_router, + prefix="/third_party_api", + dependencies=[DependAuth, DependPermission], +) +v1_router.include_router(valuations_router, prefix="/valuations", dependencies=[DependAuth, DependPermission]) diff --git a/app/core/middlewares.py b/app/core/middlewares.py index 08d8a8e..a999658 100644 --- a/app/core/middlewares.py +++ b/app/core/middlewares.py @@ -122,6 +122,35 @@ class HttpAuditLogMiddleware(BaseHTTPMiddleware): pass return v + def normalize_json_field(self, value: Any) -> Any: + """确保写入 JSONField 的值合法。""" + if value is None: + return None + + if isinstance(value, (bytes, bytearray)): + try: + value = value.decode("utf-8") + except Exception: + value = value.decode("utf-8", errors="ignore") + + if isinstance(value, str): + stripped = value.strip() + if not stripped: + return None + try: + return json.loads(stripped) + except (ValueError, TypeError): + return stripped + + if isinstance(value, (dict, list, int, float, bool)): + return value + + try: + json.dumps(value) + return value + except (TypeError, ValueError): + return str(value) + async def _async_iter(self, items: list[bytes]) -> AsyncGenerator[bytes, None]: for item in items: yield item @@ -166,8 +195,11 @@ class HttpAuditLogMiddleware(BaseHTTPMiddleware): data: dict = await self.get_request_log(request=request, response=response) data["response_time"] = process_time - data["request_args"] = request.state.request_args - data["response_body"] = await self.get_response_body(request, response) + request_args = getattr(request.state, "request_args", None) + response_body = await self.get_response_body(request, response) + + data["request_args"] = self.normalize_json_field(request_args) + data["response_body"] = self.normalize_json_field(response_body) await AuditLog.create(**data) return response diff --git a/估值字段.txt b/估值字段.txt index 5ee8f9f..e23ebd8 100644 --- a/估值字段.txt +++ b/估值字段.txt @@ -37,5 +37,5 @@ export DOCKER_DEFAULT_PLATFORM=linux/amd64 -docker build -t zfc931912343/guzhi-fastapi-admin:v1.0 . -docker push zfc931912343/guzhi-fastapi-admin:v1.0 +docker build -t zfc931912343/guzhi-fastapi-admin:v1.1 . +docker push zfc931912343/guzhi-fastapi-admin:v1.1