diff --git a/.env.example b/.env.example index 45a1a3c..3ae9f0c 100644 --- a/.env.example +++ b/.env.example @@ -71,9 +71,6 @@ PROJECT_TS_POOL_MAX_SIZE=10 # KEYCLOAK_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----" # KEYCLOAK_ALGORITHM=RS256 -# 临时禁用鉴权(调试用) -# AUTH_DISABLED=false - # ============================================ # 其他配置 # ============================================ diff --git a/.env.local b/.env.local index 7e6e0ef..2e6e01d 100644 --- a/.env.local +++ b/.env.local @@ -1,13 +1,15 @@ -NETWORK_NAME="szh" +NETWORK_NAME="tjwater" +KEYCLOAK_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBjdgjImuFfKsZ+FWFlsZSG0Kftduc2o0qA/warFezaYmi8+7fiuuhLErLUbjGPSEU3WpsVxPe5PIs+AJJn/z9uBXXXo/pYggHvp48hlwr6MIYX5xtby7MLM/bHL2ACN4m7FNs/Gilkkbt4515sMFUiwJzd6Wj6FvQdGDDGx/7bVGgiVQRJvrrMZN5zD4i8cFiTQIcGKbURJjre/zWWiA+7gEwArp9ujjBuaINooiQLQM39C9Z5QJcp5nhaztOBiJJgiJOHi5MLpIhI1p1ViVBXKXRMuPhtTXLAz+r/sC44XZS/6V8uUPuLNin9o0jHk/CqJ3GkK3xJBQoWgplkwuQIDAQAB\n-----END PUBLIC KEY-----" +KEYCLOAK_ALGORITHM=RS256 -DB_NAME="szh" +DB_NAME="tjwater" DB_HOST="192.168.1.114" DB_PORT="5432" DB_USER="tjwater" DB_PASSWORD="Tjwater@123456" -TIMESCALEDB_DB_NAME="szh" +TIMESCALEDB_DB_NAME="tjwater" TIMESCALEDB_DB_HOST="192.168.1.114" TIMESCALEDB_DB_PORT="5433" TIMESCALEDB_DB_USER="tjwater" -TIMESCALEDB_DB_PASSWORD="Tjwater@123456" \ No newline at end of file +TIMESCALEDB_DB_PASSWORD="Tjwater@123456" diff --git a/app/api/v1/endpoints/meta.py b/app/api/v1/endpoints/meta.py index ea91e65..098b608 100644 --- a/app/api/v1/endpoints/meta.py +++ b/app/api/v1/endpoints/meta.py @@ -61,10 +61,7 @@ async def list_user_projects( current_user=Depends(get_current_metadata_user), metadata_repo: MetadataRepository = Depends(get_metadata_repository), ): - if settings.AUTH_DISABLED: - projects = await metadata_repo.list_all_projects() - else: - projects = await metadata_repo.list_projects_for_user(current_user.id) + projects = await metadata_repo.list_projects_for_user(current_user.id) return [ ProjectSummaryResponse( project_id=project.project_id, diff --git a/app/auth/keycloak_dependencies.py b/app/auth/keycloak_dependencies.py index 1b09401..be8ef0c 100644 --- a/app/auth/keycloak_dependencies.py +++ b/app/auth/keycloak_dependencies.py @@ -14,8 +14,6 @@ oauth2_optional = OAuth2PasswordBearer( async def get_current_keycloak_sub( token: str | None = Depends(oauth2_optional), ) -> UUID: - if settings.AUTH_DISABLED: - return UUID(int=0) if not token: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, diff --git a/app/auth/metadata_dependencies.py b/app/auth/metadata_dependencies.py index db88c57..323d549 100644 --- a/app/auth/metadata_dependencies.py +++ b/app/auth/metadata_dependencies.py @@ -20,8 +20,6 @@ async def get_current_metadata_user( keycloak_sub: UUID = Depends(get_current_keycloak_sub), metadata_repo: MetadataRepository = Depends(get_metadata_repository), ): - if settings.AUTH_DISABLED: - return _AuthBypassUser() user = await metadata_repo.get_user_by_keycloak_id(keycloak_sub) if not user or not user.is_active: raise HTTPException( @@ -33,8 +31,6 @@ async def get_current_metadata_user( async def get_current_metadata_admin( user=Depends(get_current_metadata_user), ): - if settings.AUTH_DISABLED: - return user if user.is_superuser or user.role == "admin": return user raise HTTPException( diff --git a/app/auth/project_dependencies.py b/app/auth/project_dependencies.py index b95c20b..f9dee9d 100644 --- a/app/auth/project_dependencies.py +++ b/app/auth/project_dependencies.py @@ -53,13 +53,6 @@ async def get_project_context( status_code=status.HTTP_403_FORBIDDEN, detail="Project is not active" ) - if settings.AUTH_DISABLED: - return ProjectContext( - project_id=project.id, - user_id=UUID(int=0), - project_role="owner", - ) - user = await metadata_repo.get_user_by_keycloak_id(keycloak_sub) if not user: raise HTTPException( diff --git a/app/core/config.py b/app/core/config.py index 2c64eec..1501684 100644 --- a/app/core/config.py +++ b/app/core/config.py @@ -56,9 +56,6 @@ class Settings(BaseSettings): KEYCLOAK_PUBLIC_KEY: str = "" KEYCLOAK_ALGORITHM: str = "RS256" - # Auth bypass (temporary) - AUTH_DISABLED: bool = False - @property def SQLALCHEMY_DATABASE_URI(self) -> str: return f"postgresql://{self.DB_USER}:{self.DB_PASSWORD}@{self.DB_HOST}:{self.DB_PORT}/{self.DB_NAME}" diff --git a/scripts/run_server.py b/scripts/run_server.py index 77b566d..79db060 100644 --- a/scripts/run_server.py +++ b/scripts/run_server.py @@ -16,6 +16,6 @@ if __name__ == "__main__": "app.main:app", host="0.0.0.0", port=8000, - workers=2, # 这里可以设置多进程 + workers=4, # 这里可以设置多进程 loop="asyncio", )