secure avatar to s3 by exception control

This commit is contained in:
2026-05-18 23:39:56 +08:00
parent d73118ad79
commit 6ed6d38273
+16 -2
View File
@@ -73,14 +73,25 @@ async def auth_callback(request: Request, code: str, state: str):
db = SessionLocal()
try:
user = db.query(User).filter(User.email == user_info["email"]).first()
if not user:
# 提取邮箱前缀作为 handle 基础
# 比如 "john.doe@gmail.com" -> "john_doe"
base_handle = user_info["email"].split("@")[0].replace(".", "_").lower()
# 拼接一个随机短字符串,确保 handle 的唯一性
import secrets
random_suffix = secrets.token_hex(3) # 生成 6 位随机字符
suggested_handle = f"{base_handle}_{random_suffix}"
user = User(
google_id=user_info["id"],
email=user_info["email"],
name=user_info["name"],
avatar=user_info["picture"],
handle=suggested_handle,
)
db.add(user)
db.commit()
@@ -88,14 +99,17 @@ async def auth_callback(request: Request, code: str, state: str):
# 异步/同步将头像转存到 S3
from app.utils.s3 import upload_google_avatar_to_s3
try:
s3_avatar_url = await upload_google_avatar_to_s3(user_info["picture"], str(user.id))
# 将更新后的 S3 URL 写回数据库
user.avatar = s3_avatar_url
db.commit()
except Exception as s3_err:
print(f"S3 Upload failed: {s3_err}")
# 这里不需要再次 refresh,除非后面还要用到更新后的 user 对象
# db.refresh(user)
finally:
db.close()
jwt_token = create_jwt_token({