libushang преди 4 месеца
родител
ревизия
be7f8cf856
променени са 4 файла, в които са добавени 111 реда и са изтрити 5 реда
  1. 3 3
      .env
  2. 1 1
      routers/api/eventManagement/checkin.py
  3. 4 1
      routers/prod_api/__init__.py
  4. 103 0
      routers/prod_api/sso.py

+ 3 - 3
.env

@@ -21,7 +21,7 @@ DEV_YJXP_WEB_ROOT_PATH = "http://127.0.0.1:8086/yjxp/#"
 #粤政易APP回调地址
 DEV_YJXP_CALLBACK_WEB_PATH = "http://19.155.220.206:8086/api/yzy/callback.html"
 
-DEV_YZY_WEB_ROOT = "https://yjdev.tjp.com.cn:8086"
+DEV_YZY_WEB_ROOT = "https://yjxp.tjp.com.cn:8086"
 
 #########################################################################
 # 预发布环境配置
@@ -49,7 +49,7 @@ STAGE_YJXP_WEB_ROOT_PATH = "http://120.241.74.139:8086/yjxp/#"
 STAGE_YJXP_CALLBACK_WEB_PATH = "http://19.155.220.206:8086/api/yzy/callback.html"
 # STAGE_YJXP_CALLBACK_WEB_PATH = "http://120.241.74.139:8086/api/yzy/callback.html"
 
-STAGE_YZY_WEB_ROOT = "https://yjdev.tjp.com.cn:8086"
+STAGE_YZY_WEB_ROOT = "https://yjxp.tjp.com.cn:8086"
 
 #########################################################################
 # 生产环境配置
@@ -78,4 +78,4 @@ PROD_YJXP_WEB_ROOT_PATH = "http://120.241.74.139:8086/yjxp/#"
 # STAGE_YJXP_CALLBACK_WEB_PATH = "http://19.155.220.228:8086/yzy/callback.html"
 PROD_YJXP_CALLBACK_WEB_PATH = "http://120.241.74.139:8086/yzy/callback.html"
 
-PROD_YZY_WEB_ROOT = "https://yjdev.tjp.com.cn:8086"
+PROD_YZY_WEB_ROOT = "https://yjxp.mmsyjj.cn:8086"

+ 1 - 1
routers/api/eventManagement/checkin.py

@@ -70,7 +70,7 @@ async def get_qrcode2(
         detail_url = YzyApi.format_redirect_url(redirect_url)
     else:
         # 120.241.74.139
-        detail_url = "http://yjdev.tjp.com.cn:8086/yjxp/#" + redirect_url
+        detail_url = "http://yjxp.tjp.com.cn:8086/yjxp/#" + redirect_url
     '''
     detail_url = "{}{}".format(settings.YZY_WEB_ROOT, redirect_url)
 

+ 4 - 1
routers/prod_api/__init__.py

@@ -6,6 +6,7 @@ from routers.api import upload_file
 from . import system
 from . import auth
 from . import zwrz
+from . import sso
 
 router = APIRouter()
 
@@ -15,4 +16,6 @@ router.include_router(system.router, prefix="/system")#, dependencies=[Depends(v
 
 router.include_router(upload_file.router, prefix="/file")
 
-router.include_router(zwrz.router)
+router.include_router(zwrz.router)
+
+router.include_router(sso.router, prefix="/sso")

+ 103 - 0
routers/prod_api/sso.py

@@ -0,0 +1,103 @@
+# -*- coding: utf-8 -*-
+
+from fastapi import APIRouter, Depends, Request, Header, Form, Body
+from fastapi.responses import FileResponse, StreamingResponse
+from sqlalchemy.orm import Session
+from fastapi.responses import JSONResponse
+from database import get_db
+from utils import *
+from utils.vcode import *
+from utils.redis_util import *
+import base64
+from common.const import *
+from io import BytesIO
+from utils.StripTagsHTMLParser import *
+from common import security
+from datetime import timedelta
+from common.security import valid_access_token
+from common.auth_user import *
+from common import YzyApi
+from models import *
+from urllib.parse import quote
+import requests
+import jwt
+import traceback
+
+router = APIRouter()
+
+
+# 提供给数科使用的单点登录token
+@router.post('/token/create')
+def sso_token(request: Request,
+    user_id: int = Depends(valid_access_token),
+    db: Session = Depends(get_db)):
+
+    sso_token_expires = timedelta(seconds = 300)
+    sso_token = security.create_access_token(
+        data={"sub": user_id}, expires_delta = sso_token_expires
+    )
+
+    return {
+        "code": 200,
+        "msg": "操作成功",
+        "data": {
+            "sso_token": sso_token
+        }
+    }
+
+# token校验
+@router.post('/token/valid')
+def sso_token(request: Request,
+    sso_token: str,
+    db: Session = Depends(get_db)):
+
+    try:
+        payload = jwt.decode(sso_token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM])
+        print(payload,payload.get("sub"))
+        user_id: str = payload.get("sub")
+
+        row = db.query(SysUser).filter(SysUser.user_id == int(user_id)).first()
+        if row is None:
+            return {
+                "code": 500,
+                "msg": "token异常"
+            }
+        
+        # 角色信息
+        roles = []
+        role_ids = db.query(SysUserRole).filter(SysUserRole.user_id == int(user_id)).all()
+        for role in role_ids:
+            role_info = db.query(SysRole).filter(SysRole.role_id == role.role_id).first()
+            roles.append(
+                {
+                    "roleId": role_info.role_id,
+                    "roleName": role_info.role_name,
+                    "roleKey": role_info.role_key
+                }
+            )
+
+        role_keys = [
+            n['roleKey']
+            for n in roles
+        ]
+        
+        data = {
+            "userId": row.user_id,
+            "userName": row.user_name,
+            "nickName": row.nick_name,
+            "roles": role_keys
+        }
+    
+        return {
+            "code": 200,
+            "msg": "操作成功",
+            "data": data
+        }
+        
+    except Exception:
+        traceback.print_exc()
+        return {
+            "code": 500,
+            "msg": "token异常"
+        }
+