diff --git a/apps/jingrow/jingrow/api/auth_api.py b/apps/jingrow/jingrow/api/auth_api.py index ab2e9f8..5e3f8a7 100644 --- a/apps/jingrow/jingrow/api/auth_api.py +++ b/apps/jingrow/jingrow/api/auth_api.py @@ -241,3 +241,39 @@ async def get_user_permissions_route(session_cookie: Optional[str] = Depends(get except Exception as e: logger.error(f"获取用户权限异常: {str(e)}", exc_info=True) raise HTTPException(status_code=500, detail=f"获取用户权限异常: {str(e)}") + + +# ============ 兼容 SaaS 版前端 API ============ + +@router.post("/api/action/login") +async def saas_login(request: Request): + """兼容 SaaS 版前端登录""" + content_type = request.headers.get('content-type', '') + + if 'application/x-www-form-urlencoded' in content_type: + body = await request.body() + params = dict(pair.split('=', 1) for pair in body.decode().split('&') if '=' in pair) + username = params.get('usr', params.get('username', '')) + password = params.get('pwd', params.get('password', '')) + else: + data = await request.json() + username = data.get('usr', data.get('username', '')) + password = data.get('pwd', data.get('password', '')) + + if not username or not password: + raise HTTPException(status_code=400, detail="用户名和密码不能为空") + + result = login(username, password) + if not result.get("success"): + raise HTTPException(status_code=401, detail=result.get("message", "登录失败")) + + session_cookie = result.get("session_cookie") + return create_response_with_cookie({"message": result.get("message", "Logged In")}, session_cookie) + + +@router.api_route("/api/action/logout", methods=["GET", "POST"]) +async def saas_logout(request: Request): + """兼容 SaaS 版前端登出""" + session_cookie = request.cookies.get('sid') + logout(session_cookie) + return create_response_clear_cookies({"message": "Logged Out"}) diff --git a/apps/jingrow/jingrow/services/whitelist.py b/apps/jingrow/jingrow/services/whitelist.py index cbf6da0..a0d8591 100644 --- a/apps/jingrow/jingrow/services/whitelist.py +++ b/apps/jingrow/jingrow/services/whitelist.py @@ -16,7 +16,7 @@ from jingrow.utils.jingrow_api import get_logged_user from jingrow.utils.app_manager import ensure_apps_on_sys_path logger = logging.getLogger(__name__) -router = APIRouter() +router = APIRouter(prefix="/api/action") async def authenticate_request(request: Request, allow_guest: bool) -> bool: """