From e914d93c258e75863d40f366bf8f2582a3957561 Mon Sep 17 00:00:00 2001 From: Junyan Qin Date: Sat, 10 May 2025 15:32:41 +0800 Subject: [PATCH] feat: check user existence when authing --- pkg/api/http/controller/group.py | 5 +++++ pkg/api/http/service/user.py | 8 ++++++++ pkg/persistence/mgr.py | 2 +- 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/pkg/api/http/controller/group.py b/pkg/api/http/controller/group.py index efbb7247..343ec690 100644 --- a/pkg/api/http/controller/group.py +++ b/pkg/api/http/controller/group.py @@ -75,6 +75,11 @@ class RouterGroup(abc.ABC): try: user_email = await self.ap.user_service.verify_jwt_token(token) + # check if this account exists + user = await self.ap.user_service.get_user_by_email(user_email) + if not user: + return self.http_status(401, -1, '用户不存在') + # 检查f是否接受user_email参数 if 'user_email' in f.__code__.co_varnames: kwargs['user_email'] = user_email diff --git a/pkg/api/http/service/user.py b/pkg/api/http/service/user.py index 2edfd874..f416a4a5 100644 --- a/pkg/api/http/service/user.py +++ b/pkg/api/http/service/user.py @@ -35,6 +35,14 @@ class UserService: ) ) + async def get_user_by_email(self, user_email: str) -> user.User | None: + result = await self.ap.persistence_mgr.execute_async( + sqlalchemy.select(user.User).where(user.User.user == user_email) + ) + + result_list = result.all() + return result_list[0] if result_list is not None and len(result_list) > 0 else None + async def authenticate(self, user_email: str, password: str) -> str | None: result = await self.ap.persistence_mgr.execute_async( sqlalchemy.select(user.User).where(user.User.user == user_email) diff --git a/pkg/persistence/mgr.py b/pkg/persistence/mgr.py index e8f953ab..3a66762a 100644 --- a/pkg/persistence/mgr.py +++ b/pkg/persistence/mgr.py @@ -83,7 +83,7 @@ class PersistenceManager: 'stages': pipeline_service.default_stage_order, 'is_default': True, 'name': 'Chat Pipeline', - 'description': '默认对话配置流水线', + 'description': '默认提供的流水线,您配置的机器人、第一个模型将自动绑定到此流水线', 'config': pipeline_config, }