取消AUTH_DISABLED参数

2026-02-24 10:45:53 +08:00
parent 780a48d927
commit 020432ad0e
8 changed files with 8 additions and 28 deletions
--- a/app/api/v1/endpoints/meta.py
+++ b/app/api/v1/endpoints/meta.py
@@ -61,10 +61,7 @@ async def list_user_projects(
    current_user=Depends(get_current_metadata_user),
    metadata_repo: MetadataRepository = Depends(get_metadata_repository),
 ):
-    if settings.AUTH_DISABLED:
-        projects = await metadata_repo.list_all_projects()
-    else:
-        projects = await metadata_repo.list_projects_for_user(current_user.id)
+    projects = await metadata_repo.list_projects_for_user(current_user.id)
    return [
        ProjectSummaryResponse(
            project_id=project.project_id,
--- a/app/auth/keycloak_dependencies.py
+++ b/app/auth/keycloak_dependencies.py
@@ -14,8 +14,6 @@ oauth2_optional = OAuth2PasswordBearer(
 async def get_current_keycloak_sub(
    token: str | None = Depends(oauth2_optional),
 ) -> UUID:
-    if settings.AUTH_DISABLED:
-        return UUID(int=0)
    if not token:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
--- a/app/auth/metadata_dependencies.py
+++ b/app/auth/metadata_dependencies.py
@@ -20,8 +20,6 @@ async def get_current_metadata_user(
    keycloak_sub: UUID = Depends(get_current_keycloak_sub),
    metadata_repo: MetadataRepository = Depends(get_metadata_repository),
 ):
-    if settings.AUTH_DISABLED:
-        return _AuthBypassUser()
    user = await metadata_repo.get_user_by_keycloak_id(keycloak_sub)
    if not user or not user.is_active:
        raise HTTPException(
@@ -33,8 +31,6 @@ async def get_current_metadata_user(
 async def get_current_metadata_admin(
    user=Depends(get_current_metadata_user),
 ):
-    if settings.AUTH_DISABLED:
-        return user
    if user.is_superuser or user.role == "admin":
        return user
    raise HTTPException(
--- a/app/auth/project_dependencies.py
+++ b/app/auth/project_dependencies.py
@@ -53,13 +53,6 @@ async def get_project_context(
            status_code=status.HTTP_403_FORBIDDEN, detail="Project is not active"
        )

-    if settings.AUTH_DISABLED:
-        return ProjectContext(
-            project_id=project.id,
-            user_id=UUID(int=0),
-            project_role="owner",
-        )
-
    user = await metadata_repo.get_user_by_keycloak_id(keycloak_sub)
    if not user:
        raise HTTPException(
--- a/app/core/config.py
+++ b/app/core/config.py
@@ -56,9 +56,6 @@ class Settings(BaseSettings):
    KEYCLOAK_PUBLIC_KEY: str = ""
    KEYCLOAK_ALGORITHM: str = "RS256"

-    # Auth bypass (temporary)
-    AUTH_DISABLED: bool = False
-
    @property
    def SQLALCHEMY_DATABASE_URI(self) -> str:
        return f"postgresql://{self.DB_USER}:{self.DB_PASSWORD}@{self.DB_HOST}:{self.DB_PORT}/{self.DB_NAME}"