取消AUTH_DISABLED参数

.env.example

@@ -71,9 +71,6 @@ PROJECT_TS_POOL_MAX_SIZE=10
 # KEYCLOAK_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----"
 # KEYCLOAK_ALGORITHM=RS256
 
-# 临时禁用鉴权（调试用）
-# AUTH_DISABLED=false
-
 # ============================================
 # 其他配置
 # ============================================

.env.local

@@ -1,13 +1,15 @@
-NETWORK_NAME="szh"
+NETWORK_NAME="tjwater"
+KEYCLOAK_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBjdgjImuFfKsZ+FWFlsZSG0Kftduc2o0qA/warFezaYmi8+7fiuuhLErLUbjGPSEU3WpsVxPe5PIs+AJJn/z9uBXXXo/pYggHvp48hlwr6MIYX5xtby7MLM/bHL2ACN4m7FNs/Gilkkbt4515sMFUiwJzd6Wj6FvQdGDDGx/7bVGgiVQRJvrrMZN5zD4i8cFiTQIcGKbURJjre/zWWiA+7gEwArp9ujjBuaINooiQLQM39C9Z5QJcp5nhaztOBiJJgiJOHi5MLpIhI1p1ViVBXKXRMuPhtTXLAz+r/sC44XZS/6V8uUPuLNin9o0jHk/CqJ3GkK3xJBQoWgplkwuQIDAQAB\n-----END PUBLIC KEY-----"
+KEYCLOAK_ALGORITHM=RS256
 
-DB_NAME="szh"
+DB_NAME="tjwater"
 DB_HOST="192.168.1.114"
 DB_PORT="5432"
 DB_USER="tjwater"
 DB_PASSWORD="Tjwater@123456"
 
-TIMESCALEDB_DB_NAME="szh"
+TIMESCALEDB_DB_NAME="tjwater"
 TIMESCALEDB_DB_HOST="192.168.1.114"
 TIMESCALEDB_DB_PORT="5433"
 TIMESCALEDB_DB_USER="tjwater"
-TIMESCALEDB_DB_PASSWORD="Tjwater@123456"
+TIMESCALEDB_DB_PASSWORD="Tjwater@123456"

app/api/v1/endpoints/meta.py

@@ -61,10 +61,7 @@ async def list_user_projects(
     current_user=Depends(get_current_metadata_user),
     metadata_repo: MetadataRepository = Depends(get_metadata_repository),
 ):
-    if settings.AUTH_DISABLED:
+    projects = await metadata_repo.list_projects_for_user(current_user.id)
-        projects = await metadata_repo.list_all_projects()
-    else:
-        projects = await metadata_repo.list_projects_for_user(current_user.id)
     return [
         ProjectSummaryResponse(
             project_id=project.project_id,

app/auth/keycloak_dependencies.py

@@ -14,8 +14,6 @@ oauth2_optional = OAuth2PasswordBearer(
 async def get_current_keycloak_sub(
     token: str | None = Depends(oauth2_optional),
 ) -> UUID:
-    if settings.AUTH_DISABLED:
-        return UUID(int=0)
     if not token:
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,

app/auth/metadata_dependencies.py

@@ -20,8 +20,6 @@ async def get_current_metadata_user(
     keycloak_sub: UUID = Depends(get_current_keycloak_sub),
     metadata_repo: MetadataRepository = Depends(get_metadata_repository),
 ):
-    if settings.AUTH_DISABLED:
-        return _AuthBypassUser()
     user = await metadata_repo.get_user_by_keycloak_id(keycloak_sub)
     if not user or not user.is_active:
         raise HTTPException(
@@ -33,8 +31,6 @@ async def get_current_metadata_user(
 async def get_current_metadata_admin(
     user=Depends(get_current_metadata_user),
 ):
-    if settings.AUTH_DISABLED:
-        return user
     if user.is_superuser or user.role == "admin":
         return user
     raise HTTPException(

app/auth/project_dependencies.py

@@ -53,13 +53,6 @@ async def get_project_context(
             status_code=status.HTTP_403_FORBIDDEN, detail="Project is not active"
         )
 
-    if settings.AUTH_DISABLED:
-        return ProjectContext(
-            project_id=project.id,
-            user_id=UUID(int=0),
-            project_role="owner",
-        )
-
     user = await metadata_repo.get_user_by_keycloak_id(keycloak_sub)
     if not user:
         raise HTTPException(

app/core/config.py

@@ -56,9 +56,6 @@ class Settings(BaseSettings):
     KEYCLOAK_PUBLIC_KEY: str = ""
     KEYCLOAK_ALGORITHM: str = "RS256"
 
-    # Auth bypass (temporary)
-    AUTH_DISABLED: bool = False
-
     @property
     def SQLALCHEMY_DATABASE_URI(self) -> str:
         return f"postgresql://{self.DB_USER}:{self.DB_PASSWORD}@{self.DB_HOST}:{self.DB_PORT}/{self.DB_NAME}"

scripts/run_server.py

@@ -16,6 +16,6 @@ if __name__ == "__main__":
         "app.main:app",
         host="0.0.0.0",
         port=8000,
-        workers=2,  # 这里可以设置多进程
+        workers=4,  # 这里可以设置多进程
         loop="asyncio",
     )