refactor(auth): remove legacy RESTful user routes and migrate authentication to GraphQL context

- Rename get_current_user to get_current_user_id in auth/deps.py to clarify intent
- Remove legacy /me, /logout routes, and placeholder function from auth/__init__.py
- Remove dependency_overrides from app/main.py
- Update CustomContext to resolve and cache full User objects via db query
This commit is contained in:
2026-05-20 02:52:54 +08:00
parent d54aeaa61a
commit 9dfe000f2d
6 changed files with 34 additions and 95 deletions
+5 -40
View File
@@ -1,53 +1,18 @@
import os
from fastapi import APIRouter, Depends, HTTPException, Request
from fastapi import APIRouter
from .deps import get_current_user
from .tokens import create_jwt_token, create_refresh_token, verify_access_token, decode_token
from .deps import get_current_user_id
from .tokens import create_jwt_token, create_refresh_token, verify_access_token
from .oauth import oauth_router
# 创建全局 auth 路由器
# 创建全局 auth 路由器并挂载第三方 OAuth 的路由器
router = APIRouter(tags=["Authentication"])
# 挂载第三方 OAuth 的路由器
router.include_router(oauth_router)
# 定义一个动态获取当前完整用户对象的依赖项
# 这样 auth 包不需要知道 User 模型长什么样
# 也不需要知道 SessionLocal 是什么
# 全部由外部动态提供
def get_user_by_id(user_id: str = Depends(get_current_user)):
"""
这是一个占位/契约函数。
我们在 main.py 中可以通过 app.dependency_overrides 或者直接在使用时,
把具体的数据库查询逻辑绑定到这里。
"""
raise NotImplementedError("Please override or inject the implementation of this function in the external `main.py` file.")
@router.get("/me")
def me(current_user = Depends(get_user_by_id)):
"""
current_user 是由外部解析并传进来的完整用户对象(或者是字典)
"""
return current_user
@router.post("/refresh")
def refresh_token(refresh_token: str):
payload = decode_token(refresh_token)
if payload.get("type") != "refresh":
raise HTTPException(status_code=401)
user_id = payload.get("sub")
new_access = create_jwt_token({"sub": user_id})
return {"access_token": new_access}
@router.post("/logout")
def logout():
return {"message": "ok"}
# 显式声明暴露的接口
__all__ = [
"router",
"get_current_user",
"get_user_by_id",
"get_current_user_id",
"create_jwt_token",
"create_refresh_token",
"verify_access_token",
+2 -1
View File
@@ -9,7 +9,8 @@ load_dotenv()
JWT_SECRET = os.getenv("JWT_SECRET")
JWT_ALGORITHM = os.getenv("JWT_ALGORITHM", "HS256")
def get_current_user(request: Request):
def get_current_user_id(request: Request):
"""仅从 Cookie 中提取并解密出用户的 user_id (sub)"""
token = request.cookies.get("access_token")
if not token:
+1 -27
View File
@@ -9,7 +9,6 @@ import json
from urllib.parse import quote
from dotenv import load_dotenv
from auth.deps import get_current_user
from app.db import SessionLocal
from app.models import User
from auth.tokens import create_jwt_token, create_refresh_token, decode_token
@@ -213,29 +212,4 @@ async def auth_callback(request: Request, code: str, state: str, background_task
response.delete_cookie("oauth_state")
return response
# @router.get("/me")
# def me(user = Depends(get_current_user)):
# return {
# "email": user.email,
# "name": user.name,
# "avatar": get_image_url(user.avatar),
# }
# @router.post("/refresh")
# def refresh_token(refresh_token: str):
# payload = decode_token(refresh_token)
# if payload.get("type") != "refresh":
# raise HTTPException(status_code=401)
# user_id = payload.get("sub")
# new_access = create_jwt_token({"sub": user_id})
# return {"access_token": new_access}
# @router.post("/logout")
# def logout():
# return {"message": "ok"}
return response