优化证书生成与正式部署配置

This commit is contained in:
2026-06-15 18:23:46 +08:00
parent f1d7491288
commit 668e0403af
31 changed files with 1603 additions and 145 deletions

View File

@@ -8,6 +8,10 @@ from app.models import AdminUser
bearer_scheme = HTTPBearer(auto_error=False)
ROLE_ALIASES = {
"admin": "system_admin",
}
def get_current_admin(
credentials: HTTPAuthorizationCredentials | None = Depends(bearer_scheme),
@@ -26,7 +30,8 @@ def get_current_admin(
def require_roles(*role_codes: str):
def checker(admin: AdminUser = Depends(get_current_admin)) -> AdminUser:
if admin.role_code not in role_codes:
role_code = ROLE_ALIASES.get(admin.role_code, admin.role_code)
if role_code not in role_codes:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Permission denied")
return admin