4e3a4b4602
带 Web 操作界面的备份系统,支持: - 数据源:MySQL 数据库(mysqldump)、服务器目录(tar.gz) - 存储目标:本地目录、S3 兼容对象存储(MinIO/Ceph/AWS S3) - 触发方式:手动 + Cron 定时调度(APScheduler) - 备份还原:MySQL 库、目录 - JWT 登录认证 + Fernet 字段加密 - 保留策略:按数量 + 按天数双重清理 技术栈:FastAPI + SQLAlchemy 2 + APScheduler + aioboto3; 前端 Vite + React 18 + TypeScript + Ant Design 5 + Zustand。 Docker Compose 一键起。 Co-Authored-By: Claude <noreply@anthropic.com>
53 lines
1.6 KiB
Python
53 lines
1.6 KiB
Python
"""FastAPI 依赖注入:当前用户、DB Session 等。"""
|
|
from typing import Annotated
|
|
|
|
from fastapi import Depends, HTTPException, status
|
|
from fastapi.security import OAuth2PasswordBearer
|
|
from jose import JWTError
|
|
from sqlalchemy.orm import Session
|
|
|
|
from app.database import get_db
|
|
from app.models.user import User
|
|
from app.security import decode_token
|
|
|
|
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/login", auto_error=False)
|
|
|
|
DBSession = Annotated[Session, Depends(get_db)]
|
|
TokenDep = Annotated[str | None, Depends(oauth2_scheme)]
|
|
|
|
|
|
def get_current_user(
|
|
token: TokenDep,
|
|
db: DBSession,
|
|
) -> User:
|
|
if not token:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Not authenticated",
|
|
headers={"WWW-Authenticate": "Bearer"},
|
|
)
|
|
try:
|
|
payload = decode_token(token)
|
|
username: str | None = payload.get("sub")
|
|
if not username:
|
|
raise HTTPException(status_code=401, detail="Invalid token")
|
|
except JWTError:
|
|
raise HTTPException(status_code=401, detail="Invalid or expired token")
|
|
|
|
user = db.query(User).filter(User.username == username).first()
|
|
if not user or not user.is_active:
|
|
raise HTTPException(status_code=401, detail="User not found or inactive")
|
|
return user
|
|
|
|
|
|
CurrentUser = Annotated[User, Depends(get_current_user)]
|
|
|
|
|
|
def require_admin(user: CurrentUser) -> User:
|
|
if not user.is_admin:
|
|
raise HTTPException(status_code=403, detail="Admin privilege required")
|
|
return user
|
|
|
|
|
|
AdminUser = Annotated[User, Depends(require_admin)]
|