feat: Separate dialogue authentication processor and system authentication processor

apps/chat/views/chat.py

@@ -21,7 +21,7 @@
     TextToSpeechSerializers, OpenAIChatSerializer
 from chat.serializers.chat_authentication import AnonymousAuthenticationSerializer, ApplicationProfileSerializer, \
     AuthProfileSerializer
-from common.auth import TokenAuth
+from common.auth import ChatTokenAuth
 from common.auth.mcp_auth_token import mcp_token_required
 from common.constants.permission_constants import ChatAuth
 from common.exception.app_exception import AppAuthenticationFailed
@@ -66,7 +66,7 @@ def get(self, request: Request):
 
 
 class OpenAIView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['POST'],
@@ -109,7 +109,7 @@ def post(self, request: Request):
 
 
 class ApplicationProfile(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['GET'],
@@ -143,7 +143,7 @@ def get(self, request: Request):
 
 
 class ChatView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['POST'],
@@ -166,7 +166,7 @@ def post(self, request: Request, chat_id: str):
 
 
 class OpenView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['GET'],
@@ -199,7 +199,7 @@ def get(self, request: Request):
 
 
 class SpeechToText(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['POST'],
@@ -218,7 +218,7 @@ def post(self, request: Request):
 
 
 class TextToSpeech(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['POST'],
@@ -237,7 +237,7 @@ def post(self, request: Request):
 
 
 class UploadFile(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
     parser_classes = [MultiPartParser]
 
     @extend_schema(

apps/chat/views/chat_record.py

@@ -18,11 +18,11 @@
 from chat.serializers.chat_record import VoteSerializer, HistoricalConversationSerializer, \
     HistoricalConversationRecordSerializer, HistoricalConversationOperateSerializer
 from common import result
-from common.auth import TokenAuth
+from common.auth import ChatTokenAuth
 
 
 class VoteView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['PUT'],
@@ -42,7 +42,7 @@ def put(self, request: Request, chat_id: str, chat_record_id: str):
 
 
 class HistoricalConversationView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['GET'],
@@ -61,7 +61,7 @@ def get(self, request: Request):
             }).list())
 
     class Operate(APIView):
-        authentication_classes = [TokenAuth]
+        authentication_classes = [ChatTokenAuth]
 
         @extend_schema(
             methods=['PUT'],
@@ -100,7 +100,7 @@ def delete(self, request: Request, chat_id: str):
                 }).logic_delete())
 
     class BatchDelete(APIView):
-        authentication_classes = [TokenAuth]
+        authentication_classes = [ChatTokenAuth]
 
         @extend_schema(
             methods=['DELETE'],
@@ -118,7 +118,7 @@ def delete(self, request: Request):
             }).batch_logic_delete())
 
     class PageView(APIView):
-        authentication_classes = [TokenAuth]
+        authentication_classes = [ChatTokenAuth]
 
         @extend_schema(
             methods=['GET'],
@@ -138,7 +138,7 @@ def get(self, request: Request, current_page: int, page_size: int):
 
 
 class HistoricalConversationRecordView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['GET'],
@@ -158,7 +158,7 @@ def get(self, request: Request, chat_id: str):
             }).list())
 
     class PageView(APIView):
-        authentication_classes = [TokenAuth]
+        authentication_classes = [ChatTokenAuth]
 
         @extend_schema(
             methods=['GET'],
@@ -179,7 +179,7 @@ def get(self, request: Request, chat_id: str, current_page: int, page_size: int)
 
 
 class ChatRecordView(APIView):
-    authentication_classes = [TokenAuth]
+    authentication_classes = [ChatTokenAuth]
 
     @extend_schema(
         methods=['GET'],

apps/common/auth/authenticate.py

@@ -51,6 +51,7 @@ def new_instance_by_class_path(class_path: str):
 
 
 handles = [new_instance_by_class_path(class_path) for class_path in settings.AUTH_HANDLES]
+chat_handles = [new_instance_by_class_path(class_path) for class_path in settings.CHAT_AUTH_HANDLES]
 
 
 class TokenDetails:
@@ -93,3 +94,29 @@ def authenticate(self, request):
                                                                                                                  AppApiException):
                 raise e
             raise AppAuthenticationFailed(1002, _('Authentication information is incorrect! illegal user'))
+
+
+class ChatTokenAuth(TokenAuthentication):
+    keyword = "Bearer"
+
+    # 重新 authenticate 方法，自定义认证规则
+    def authenticate(self, request):
+        auth = request.META.get('HTTP_AUTHORIZATION')
+        # 未认证
+        if auth is None:
+            raise AppAuthenticationFailed(1003, _('Not logged in, please log in first'))
+        if not auth.startswith("Bearer "):
+            raise AppAuthenticationFailed(1002, _('Authentication information is incorrect! illegal user'))
+        try:
+            token = auth[7:]
+            token_details = TokenDetails(token)
+            for handle in chat_handles:
+                if handle.support(request, token, token_details.get_token_details):
+                    return handle.handle(request, token, token_details.get_token_details)
+            raise AppAuthenticationFailed(1002, _('Authentication information is incorrect! illegal user'))
+        except Exception as e:
+            maxkb_logger.error(f'Exception: {e}', exc_info=True)
+            if isinstance(e, AppEmbedIdentityFailed) or isinstance(e, AppChatNumOutOfBoundsFailed) or isinstance(e,
+                                                                                                                 AppApiException):
+                raise e
+            raise AppAuthenticationFailed(1002, _('Authentication information is incorrect! illegal user'))

apps/maxkb/settings/auth/model.py

@@ -9,3 +9,5 @@
 
 AUTH_HANDLES = [
 ]
+CHAT_AUTH_HANDLES = [
+]

apps/maxkb/settings/auth/web.py

@@ -10,7 +10,10 @@
 CHAT_ANONYMOUS_USER_AURH = 'common.auth.handle.impl.chat_anonymous_user_token.ChatAnonymousUserToken'
 APPLICATION_KEY_AUTH = 'common.auth.handle.impl.application_key.ApplicationKey'
 AUTH_HANDLES = [
-    USER_TOKEN_AUTH,
+    USER_TOKEN_AUTH
+]
+
+CHAT_AUTH_HANDLES = [
     CHAT_ANONYMOUS_USER_AURH,
     APPLICATION_KEY_AUTH
 ]