From bfb9dca56a469d79dd942c0ee255b59a04b11c1a Mon Sep 17 00:00:00 2001 From: jingrow Date: Tue, 10 Mar 2026 22:27:53 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E7=99=BB=E9=99=86=E7=99=BB?= =?UTF-8?q?=E5=87=BA=E5=90=8E=E7=AB=AFapi=E7=AB=AF=E7=82=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/jingrow/jingrow/api/auth_api.py | 36 ++++++++++++++++++++++ apps/jingrow/jingrow/services/whitelist.py | 2 +- 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/apps/jingrow/jingrow/api/auth_api.py b/apps/jingrow/jingrow/api/auth_api.py index ab2e9f8..5e3f8a7 100644 --- a/apps/jingrow/jingrow/api/auth_api.py +++ b/apps/jingrow/jingrow/api/auth_api.py @@ -241,3 +241,39 @@ async def get_user_permissions_route(session_cookie: Optional[str] = Depends(get except Exception as e: logger.error(f"获取用户权限异常: {str(e)}", exc_info=True) raise HTTPException(status_code=500, detail=f"获取用户权限异常: {str(e)}") + + +# ============ 兼容 SaaS 版前端 API ============ + +@router.post("/api/action/login") +async def saas_login(request: Request): + """兼容 SaaS 版前端登录""" + content_type = request.headers.get('content-type', '') + + if 'application/x-www-form-urlencoded' in content_type: + body = await request.body() + params = dict(pair.split('=', 1) for pair in body.decode().split('&') if '=' in pair) + username = params.get('usr', params.get('username', '')) + password = params.get('pwd', params.get('password', '')) + else: + data = await request.json() + username = data.get('usr', data.get('username', '')) + password = data.get('pwd', data.get('password', '')) + + if not username or not password: + raise HTTPException(status_code=400, detail="用户名和密码不能为空") + + result = login(username, password) + if not result.get("success"): + raise HTTPException(status_code=401, detail=result.get("message", "登录失败")) + + session_cookie = result.get("session_cookie") + return create_response_with_cookie({"message": result.get("message", "Logged In")}, session_cookie) + + +@router.api_route("/api/action/logout", methods=["GET", "POST"]) +async def saas_logout(request: Request): + """兼容 SaaS 版前端登出""" + session_cookie = request.cookies.get('sid') + logout(session_cookie) + return create_response_clear_cookies({"message": "Logged Out"}) diff --git a/apps/jingrow/jingrow/services/whitelist.py b/apps/jingrow/jingrow/services/whitelist.py index cbf6da0..a0d8591 100644 --- a/apps/jingrow/jingrow/services/whitelist.py +++ b/apps/jingrow/jingrow/services/whitelist.py @@ -16,7 +16,7 @@ from jingrow.utils.jingrow_api import get_logged_user from jingrow.utils.app_manager import ensure_apps_on_sys_path logger = logging.getLogger(__name__) -router = APIRouter() +router = APIRouter(prefix="/api/action") async def authenticate_request(request: Request, allow_guest: bool) -> bool: """