mirror of
https://github.com/snailyp/gemini-balance.git
synced 2026-05-31 05:09:46 +08:00
b14bb93d8f
重构项目目录结构,提高代码组织性和可维护性 将schemas目录重命名为domain,更好地表达领域模型概念 将services目录细分为service/chat、service/image等子目录 将api目录重命名为router,更符合FastAPI惯例 创建utils目录存放通用工具函数 更新FastAPI应用程序生命周期管理 替换已弃用的on_event方法为推荐的lifespan事件处理器 添加应用程序关闭时的日志记录 代码质量改进 抽取常量到constants.py,减少硬编码值 添加helpers.py提供通用工具函数 优化配置管理,使用环境变量和默认值 完善文档字符串,提高代码可读性
62 lines
2.3 KiB
Python
62 lines
2.3 KiB
Python
"""
|
|
中间件配置模块,负责设置和配置应用程序的中间件
|
|
"""
|
|
from fastapi import FastAPI, Request
|
|
from fastapi.middleware.cors import CORSMiddleware
|
|
from fastapi.responses import RedirectResponse
|
|
from starlette.middleware.base import BaseHTTPMiddleware
|
|
|
|
from app.logger.logger import get_main_logger
|
|
from app.core.security import verify_auth_token
|
|
# from app.middleware.request_logging_middleware import RequestLoggingMiddleware
|
|
from app.core.constants import API_VERSION
|
|
|
|
logger = get_main_logger()
|
|
|
|
class AuthMiddleware(BaseHTTPMiddleware):
|
|
"""
|
|
认证中间件,处理未经身份验证的请求
|
|
"""
|
|
async def dispatch(self, request: Request, call_next):
|
|
# 允许特定路径绕过身份验证
|
|
if (request.url.path not in ["/", "/auth"] and
|
|
not request.url.path.startswith("/static") and
|
|
not request.url.path.startswith("/gemini") and
|
|
not request.url.path.startswith("/v1") and
|
|
not request.url.path.startswith(f"/{API_VERSION}") and
|
|
not request.url.path.startswith("/health") and
|
|
not request.url.path.startswith("/hf")):
|
|
|
|
auth_token = request.cookies.get("auth_token")
|
|
if not auth_token or not verify_auth_token(auth_token):
|
|
logger.warning(f"Unauthorized access attempt to {request.url.path}")
|
|
return RedirectResponse(url="/")
|
|
logger.debug("Request authenticated successfully")
|
|
|
|
response = await call_next(request)
|
|
return response
|
|
|
|
def setup_middlewares(app: FastAPI) -> None:
|
|
"""
|
|
设置应用程序的中间件
|
|
|
|
Args:
|
|
app: FastAPI应用程序实例
|
|
"""
|
|
# 添加认证中间件
|
|
app.add_middleware(AuthMiddleware)
|
|
|
|
# 添加请求日志中间件(可选,默认注释掉)
|
|
# app.add_middleware(RequestLoggingMiddleware)
|
|
|
|
# 配置CORS中间件
|
|
app.add_middleware(
|
|
CORSMiddleware,
|
|
allow_origins=["*"], # 生产环境建议配置具体的域名
|
|
allow_credentials=True,
|
|
allow_methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"], # 明确指定允许的HTTP方法
|
|
allow_headers=["*"], # 生产环境建议配置具体的请求头
|
|
expose_headers=["*"], # 允许前端访问的响应头
|
|
max_age=600, # 预检请求缓存时间(秒)
|
|
)
|