mirror of
https://github.com/AstrBotDevs/AstrBot
synced 2026-07-16 01:40:15 +08:00
* refactor: migrate to fastapi * structure refactor * fix: pyright fix * refactor: improve error handling and public messages in plugin services * feat(api): refactor API client integration and enhance request handling - Updated API client configuration to use a dedicated HTTP client. - Introduced utility functions for generating options, queries, and form data for API requests. - Refactored multiple API methods to utilize the new utility functions for improved consistency and readability. - Renamed types for clarity and updated import statements accordingly. feat(docs): add script to update OpenAPI JSON from YAML spec - Created a Python script to convert OpenAPI YAML specification to JSON format. - The script supports customizable input and output paths. - Ensured the script handles directory creation for output paths and validates the YAML structure. * fix * feat(auth): implement rate limiting for v1 login endpoint and enhance request handling * Refactor dashboard API routers to use legacy_router for backward compatibility - Changed all instances of dashboard_router to legacy_router across multiple API modules including platform, plugins, providers, sessions, skills, stats, subagents, t2i, tools, updates, and asgi_runtime. - Updated route definitions to ensure existing endpoints remain functional under the new router structure. - Introduced support for Quart request context in asgi_runtime to enhance compatibility with existing Quart-based plugins. - Added a test case to validate the functionality of the new Quart request context handling in plugin extensions. * chore: remove cli test * fix: update dashboard tests for fastapi migration * chore: satisfy ruff checks * fix: update openapi api key scopes * fix: sync config scope chip selection * fix: restore quart dependency * docs: clarify quart plugin api compatibility * docs: update openapi scope documentation * fix: use singular skill openapi scope * fix: hide update service exception details * fix: address fastapi review comments * fix: address dashboard review findings * docs: revert unrelated package deployment changes * docs: update agent api generation guidance * feat: add plugin page web api helpers * docs: add plugin page bridge demo * fix: type plugin upload files * fix: stabilize plugin page uploads * fix: type plugin web request proxy * docs: remove plugin page docs example * fix: authenticate plugin page SSE bridge
95 lines
2.9 KiB
Python
95 lines
2.9 KiB
Python
from astrbot.core.config.astrbot_config import AstrBotConfig
|
|
from astrbot.core.db import BaseDatabase
|
|
from astrbot.core.utils.auth_password import (
|
|
hash_dashboard_password,
|
|
hash_md5_dashboard_password,
|
|
is_md5_dashboard_password,
|
|
)
|
|
|
|
PASSWORD_STORAGE_UPGRADED_KEY = "password_storage_upgraded"
|
|
PASSWORD_CHANGE_REQUIRED_KEY = "password_change_required"
|
|
|
|
|
|
def _set_dashboard_flag(config: AstrBotConfig, key: str, value: bool) -> None:
|
|
if config["dashboard"].get(key) == bool(value):
|
|
return
|
|
config["dashboard"][key] = bool(value)
|
|
config.save_config()
|
|
|
|
|
|
def _has_usable_pbkdf2_password(config: AstrBotConfig) -> bool:
|
|
password = config["dashboard"].get("pbkdf2_password", "")
|
|
if not isinstance(password, str) or not password.startswith("pbkdf2_sha256$"):
|
|
return False
|
|
|
|
parts = password.split("$")
|
|
if len(parts) != 4:
|
|
return False
|
|
|
|
_, iterations, salt, digest = parts
|
|
try:
|
|
int(iterations)
|
|
bytes.fromhex(salt)
|
|
bytes.fromhex(digest)
|
|
except ValueError:
|
|
return False
|
|
return True
|
|
|
|
|
|
async def is_password_storage_upgraded(
|
|
db: BaseDatabase,
|
|
config: AstrBotConfig,
|
|
) -> bool:
|
|
config_upgraded = _has_usable_pbkdf2_password(config)
|
|
if config["dashboard"].get(PASSWORD_STORAGE_UPGRADED_KEY) != config_upgraded:
|
|
_set_dashboard_flag(config, PASSWORD_STORAGE_UPGRADED_KEY, config_upgraded)
|
|
return config_upgraded
|
|
|
|
|
|
async def set_password_storage_upgraded(
|
|
db: BaseDatabase,
|
|
config: AstrBotConfig,
|
|
upgraded: bool,
|
|
) -> None:
|
|
_set_dashboard_flag(config, PASSWORD_STORAGE_UPGRADED_KEY, upgraded)
|
|
|
|
|
|
async def is_password_change_required(
|
|
db: BaseDatabase,
|
|
config: AstrBotConfig,
|
|
) -> bool:
|
|
stored = config["dashboard"].get(PASSWORD_CHANGE_REQUIRED_KEY, None)
|
|
if stored is not None:
|
|
return bool(stored)
|
|
|
|
required = bool(
|
|
getattr(config, "_generated_dashboard_password_change_required", False)
|
|
or getattr(config, "_dashboard_password_change_required_from_config", False)
|
|
)
|
|
if required:
|
|
_set_dashboard_flag(config, PASSWORD_CHANGE_REQUIRED_KEY, True)
|
|
return required
|
|
|
|
|
|
async def set_password_change_required(
|
|
db: BaseDatabase,
|
|
config: AstrBotConfig,
|
|
required: bool,
|
|
) -> None:
|
|
_set_dashboard_flag(config, PASSWORD_CHANGE_REQUIRED_KEY, required)
|
|
|
|
|
|
def get_dashboard_password_hash(config: AstrBotConfig, *, upgraded: bool) -> str:
|
|
if upgraded and _has_usable_pbkdf2_password(config):
|
|
return config["dashboard"].get("pbkdf2_password", "")
|
|
|
|
md5_password = config["dashboard"].get("password", "")
|
|
if upgraded and not is_md5_dashboard_password(md5_password):
|
|
return ""
|
|
return md5_password
|
|
|
|
|
|
def set_dashboard_password_hashes(config: AstrBotConfig, raw_password: str) -> None:
|
|
config["dashboard"]["pbkdf2_password"] = hash_dashboard_password(raw_password)
|
|
config["dashboard"]["password"] = hash_md5_dashboard_password(raw_password)
|