feat: Separate dialogue authentication processor and system authentication processor (#4552)

2025-12-25 17:22:55 +00:00 · 2025-12-23 18:50:48 +08:00 · 2025-12-23 18:50:48 +08:00 · b39ecf691b
parent 283b6a9e33
commit b39ecf691b
5 changed files with 50 additions and 18 deletions
--- a/apps/chat/views/chat.py
+++ b/apps/chat/views/chat.py
@ -21,7 +21,7 @@ from chat.serializers.chat import OpenChatSerializers, ChatSerializers, SpeechTo
    TextToSpeechSerializers, OpenAIChatSerializer
 from chat.serializers.chat_authentication import AnonymousAuthenticationSerializer, ApplicationProfileSerializer, \
    AuthProfileSerializer
-from common.auth import TokenAuth
+from common.auth import ChatTokenAuth
 from common.constants.permission_constants import ChatAuth
 from common.exception.app_exception import AppAuthenticationFailed
 from common.result import result
@ -65,7 +65,7 @@ class ResourceProxy(APIView):


 class OpenAIView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['POST'],
@ -108,7 +108,7 @@ class AnonymousAuthentication(APIView):


 class ApplicationProfile(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['GET'],
@ -142,7 +142,7 @@ class AuthProfile(APIView):


 class ChatView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['POST'],
@ -164,7 +164,7 @@ class ChatView(APIView):


 class OpenView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['GET'],
@ -196,7 +196,7 @@ class CaptchaView(APIView):


 class SpeechToText(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['POST'],
@ -215,7 +215,7 @@ class SpeechToText(APIView):


 class TextToSpeech(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['POST'],
@ -234,7 +234,7 @@ class TextToSpeech(APIView):


 class UploadFile(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
    parser_classes = [MultiPartParser]

    @extend_schema(
--- a/apps/chat/views/chat_record.py
+++ b/apps/chat/views/chat_record.py
@ -18,11 +18,11 @@ from chat.api.vote_api import VoteAPI
 from chat.serializers.chat_record import VoteSerializer, HistoricalConversationSerializer, \
    HistoricalConversationRecordSerializer, HistoricalConversationOperateSerializer
 from common import result
-from common.auth import TokenAuth
+from common.auth import ChatTokenAuth


 class VoteView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['PUT'],
@ -42,7 +42,7 @@ class VoteView(APIView):


 class HistoricalConversationView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['GET'],
@ -61,7 +61,7 @@ class HistoricalConversationView(APIView):
            }).list())

    class Operate(APIView):
-        authentication_classes = [TokenAuth]
+        authentication_classes = [ChatTokenAuth]

        @extend_schema(
            methods=['PUT'],
@ -100,7 +100,7 @@ class HistoricalConversationView(APIView):
                }).logic_delete())

    class BatchDelete(APIView):
-        authentication_classes = [TokenAuth]
+        authentication_classes = [ChatTokenAuth]

        @extend_schema(
            methods=['DELETE'],
@ -118,7 +118,7 @@ class HistoricalConversationView(APIView):
            }).batch_logic_delete())

    class PageView(APIView):
-        authentication_classes = [TokenAuth]
+        authentication_classes = [ChatTokenAuth]

        @extend_schema(
            methods=['GET'],
@ -138,7 +138,7 @@ class HistoricalConversationView(APIView):


 class HistoricalConversationRecordView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['GET'],
@ -158,7 +158,7 @@ class HistoricalConversationRecordView(APIView):
            }).list())

    class PageView(APIView):
-        authentication_classes = [TokenAuth]
+        authentication_classes = [ChatTokenAuth]

        @extend_schema(
            methods=['GET'],
@ -179,7 +179,7 @@ class HistoricalConversationRecordView(APIView):


 class ChatRecordView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]

    @extend_schema(
        methods=['GET'],
--- a/apps/common/auth/authenticate.py
+++ b/apps/common/auth/authenticate.py
@ -51,6 +51,7 @@ def new_instance_by_class_path(class_path: str):


 handles = [new_instance_by_class_path(class_path) for class_path in settings.AUTH_HANDLES]
+chat_handles = [new_instance_by_class_path(class_path) for class_path in settings.CHAT_AUTH_HANDLES]


 class TokenDetails:
@ -93,3 +94,29 @@ class TokenAuth(TokenAuthentication):
                                                                                                                 AppApiException):
                raise e
            raise AppAuthenticationFailed(1002, _('Authentication information is incorrect! illegal user'))
+
+
+class ChatTokenAuth(TokenAuthentication):
+    keyword = "Bearer"
+
+    # 重新 authenticate 方法，自定义认证规则
+    def authenticate(self, request):
+        auth = request.META.get('HTTP_AUTHORIZATION')
+        # 未认证
+        if auth is None:
+            raise AppAuthenticationFailed(1003, _('Not logged in, please log in first'))
+        if not auth.startswith("Bearer "):
+            raise AppAuthenticationFailed(1002, _('Authentication information is incorrect! illegal user'))
+        try:
+            token = auth[7:]
+            token_details = TokenDetails(token)
+            for handle in chat_handles:
+                if handle.support(request, token, token_details.get_token_details):
+                    return handle.handle(request, token, token_details.get_token_details)
+            raise AppAuthenticationFailed(1002, _('Authentication information is incorrect! illegal user'))
+        except Exception as e:
+            maxkb_logger.error(f'Exception: {e}', exc_info=True)
+            if isinstance(e, AppEmbedIdentityFailed) or isinstance(e, AppChatNumOutOfBoundsFailed) or isinstance(e,
+                                                                                                                 AppApiException):
+                raise e
+            raise AppAuthenticationFailed(1002, _('Authentication information is incorrect! illegal user'))
--- a/apps/maxkb/settings/auth/model.py
+++ b/apps/maxkb/settings/auth/model.py
@ -9,3 +9,5 @@

 AUTH_HANDLES = [
 ]
+CHAT_AUTH_HANDLES = [
+]
--- a/apps/maxkb/settings/auth/web.py
+++ b/apps/maxkb/settings/auth/web.py
@ -10,7 +10,10 @@ USER_TOKEN_AUTH = 'common.auth.handle.impl.user_token.UserToken'
 CHAT_ANONYMOUS_USER_AURH = 'common.auth.handle.impl.chat_anonymous_user_token.ChatAnonymousUserToken'
 APPLICATION_KEY_AUTH = 'common.auth.handle.impl.application_key.ApplicationKey'
 AUTH_HANDLES = [
-    USER_TOKEN_AUTH,
+    USER_TOKEN_AUTH
+]
+
+CHAT_AUTH_HANDLES = [
    CHAT_ANONYMOUS_USER_AURH,
    APPLICATION_KEY_AUTH
 ]