mirror of
https://github.com/snailyp/gemini-balance.git
synced 2026-07-13 00:13:08 +08:00
refactor: 代码结构优化与常量化
将日志系统从 app/logger/ 移至 app/log/ 目录 将路由配置从 routers.py 重命名为 routes.py 将硬编码配置值移至 constants.py 中的默认常量 统一代码格式和导入排序 优化函数参数对齐方式
This commit is contained in:
@@ -1,60 +1,72 @@
|
||||
"""
|
||||
中间件配置模块,负责设置和配置应用程序的中间件
|
||||
"""
|
||||
|
||||
from fastapi import FastAPI, Request
|
||||
from fastapi.middleware.cors import CORSMiddleware
|
||||
from fastapi.responses import RedirectResponse
|
||||
from starlette.middleware.base import BaseHTTPMiddleware
|
||||
|
||||
from app.logger.logger import get_main_logger
|
||||
from app.core.security import verify_auth_token
|
||||
# from app.middleware.request_logging_middleware import RequestLoggingMiddleware
|
||||
from app.core.constants import API_VERSION
|
||||
from app.core.security import verify_auth_token
|
||||
from app.log.logger import get_middleware_logger
|
||||
|
||||
logger = get_middleware_logger()
|
||||
|
||||
logger = get_main_logger()
|
||||
|
||||
class AuthMiddleware(BaseHTTPMiddleware):
|
||||
"""
|
||||
认证中间件,处理未经身份验证的请求
|
||||
"""
|
||||
|
||||
async def dispatch(self, request: Request, call_next):
|
||||
# 允许特定路径绕过身份验证
|
||||
if (request.url.path not in ["/", "/auth"] and
|
||||
not request.url.path.startswith("/static") and
|
||||
not request.url.path.startswith("/gemini") and
|
||||
not request.url.path.startswith("/v1") and
|
||||
not request.url.path.startswith(f"/{API_VERSION}") and
|
||||
not request.url.path.startswith("/health") and
|
||||
not request.url.path.startswith("/hf")):
|
||||
|
||||
if (
|
||||
request.url.path not in ["/", "/auth"]
|
||||
and not request.url.path.startswith("/static")
|
||||
and not request.url.path.startswith("/gemini")
|
||||
and not request.url.path.startswith("/v1")
|
||||
and not request.url.path.startswith(f"/{API_VERSION}")
|
||||
and not request.url.path.startswith("/health")
|
||||
and not request.url.path.startswith("/hf")
|
||||
):
|
||||
|
||||
auth_token = request.cookies.get("auth_token")
|
||||
if not auth_token or not verify_auth_token(auth_token):
|
||||
logger.warning(f"Unauthorized access attempt to {request.url.path}")
|
||||
return RedirectResponse(url="/")
|
||||
logger.debug("Request authenticated successfully")
|
||||
|
||||
|
||||
response = await call_next(request)
|
||||
return response
|
||||
|
||||
|
||||
def setup_middlewares(app: FastAPI) -> None:
|
||||
"""
|
||||
设置应用程序的中间件
|
||||
|
||||
|
||||
Args:
|
||||
app: FastAPI应用程序实例
|
||||
"""
|
||||
# 添加认证中间件
|
||||
app.add_middleware(AuthMiddleware)
|
||||
|
||||
|
||||
# 添加请求日志中间件(可选,默认注释掉)
|
||||
# app.add_middleware(RequestLoggingMiddleware)
|
||||
|
||||
|
||||
# 配置CORS中间件
|
||||
app.add_middleware(
|
||||
CORSMiddleware,
|
||||
allow_origins=["*"], # 生产环境建议配置具体的域名
|
||||
allow_credentials=True,
|
||||
allow_methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"], # 明确指定允许的HTTP方法
|
||||
allow_methods=[
|
||||
"GET",
|
||||
"POST",
|
||||
"PUT",
|
||||
"DELETE",
|
||||
"OPTIONS",
|
||||
], # 明确指定允许的HTTP方法
|
||||
allow_headers=["*"], # 生产环境建议配置具体的请求头
|
||||
expose_headers=["*"], # 允许前端访问的响应头
|
||||
max_age=600, # 预检请求缓存时间(秒)
|
||||
|
||||
Reference in New Issue
Block a user