Files
AstrBot/astrbot/dashboard/password_state.py
Weilong Liao 0d8e8682db refactor(core): migrate backend backbone from Quart to FastAPI and introduce more OpenAPI (#8688)
* refactor: migrate to fastapi

* structure refactor

* fix: pyright fix

* refactor: improve error handling and public messages in plugin services

* feat(api): refactor API client integration and enhance request handling

- Updated API client configuration to use a dedicated HTTP client.
- Introduced utility functions for generating options, queries, and form data for API requests.
- Refactored multiple API methods to utilize the new utility functions for improved consistency and readability.
- Renamed types for clarity and updated import statements accordingly.

feat(docs): add script to update OpenAPI JSON from YAML spec

- Created a Python script to convert OpenAPI YAML specification to JSON format.
- The script supports customizable input and output paths.
- Ensured the script handles directory creation for output paths and validates the YAML structure.

* fix

* feat(auth): implement rate limiting for v1 login endpoint and enhance request handling

* Refactor dashboard API routers to use legacy_router for backward compatibility

- Changed all instances of dashboard_router to legacy_router across multiple API modules including platform, plugins, providers, sessions, skills, stats, subagents, t2i, tools, updates, and asgi_runtime.
- Updated route definitions to ensure existing endpoints remain functional under the new router structure.
- Introduced support for Quart request context in asgi_runtime to enhance compatibility with existing Quart-based plugins.
- Added a test case to validate the functionality of the new Quart request context handling in plugin extensions.

* chore: remove cli test

* fix: update dashboard tests for fastapi migration

* chore: satisfy ruff checks

* fix: update openapi api key scopes

* fix: sync config scope chip selection

* fix: restore quart dependency

* docs: clarify quart plugin api compatibility

* docs: update openapi scope documentation

* fix: use singular skill openapi scope

* fix: hide update service exception details

* fix: address fastapi review comments

* fix: address dashboard review findings

* docs: revert unrelated package deployment changes

* docs: update agent api generation guidance

* feat: add plugin page web api helpers

* docs: add plugin page bridge demo

* fix: type plugin upload files

* fix: stabilize plugin page uploads

* fix: type plugin web request proxy

* docs: remove plugin page docs example

* fix: authenticate plugin page SSE bridge
2026-06-14 15:03:26 +08:00

95 lines
2.9 KiB
Python

from astrbot.core.config.astrbot_config import AstrBotConfig
from astrbot.core.db import BaseDatabase
from astrbot.core.utils.auth_password import (
hash_dashboard_password,
hash_md5_dashboard_password,
is_md5_dashboard_password,
)
PASSWORD_STORAGE_UPGRADED_KEY = "password_storage_upgraded"
PASSWORD_CHANGE_REQUIRED_KEY = "password_change_required"
def _set_dashboard_flag(config: AstrBotConfig, key: str, value: bool) -> None:
if config["dashboard"].get(key) == bool(value):
return
config["dashboard"][key] = bool(value)
config.save_config()
def _has_usable_pbkdf2_password(config: AstrBotConfig) -> bool:
password = config["dashboard"].get("pbkdf2_password", "")
if not isinstance(password, str) or not password.startswith("pbkdf2_sha256$"):
return False
parts = password.split("$")
if len(parts) != 4:
return False
_, iterations, salt, digest = parts
try:
int(iterations)
bytes.fromhex(salt)
bytes.fromhex(digest)
except ValueError:
return False
return True
async def is_password_storage_upgraded(
db: BaseDatabase,
config: AstrBotConfig,
) -> bool:
config_upgraded = _has_usable_pbkdf2_password(config)
if config["dashboard"].get(PASSWORD_STORAGE_UPGRADED_KEY) != config_upgraded:
_set_dashboard_flag(config, PASSWORD_STORAGE_UPGRADED_KEY, config_upgraded)
return config_upgraded
async def set_password_storage_upgraded(
db: BaseDatabase,
config: AstrBotConfig,
upgraded: bool,
) -> None:
_set_dashboard_flag(config, PASSWORD_STORAGE_UPGRADED_KEY, upgraded)
async def is_password_change_required(
db: BaseDatabase,
config: AstrBotConfig,
) -> bool:
stored = config["dashboard"].get(PASSWORD_CHANGE_REQUIRED_KEY, None)
if stored is not None:
return bool(stored)
required = bool(
getattr(config, "_generated_dashboard_password_change_required", False)
or getattr(config, "_dashboard_password_change_required_from_config", False)
)
if required:
_set_dashboard_flag(config, PASSWORD_CHANGE_REQUIRED_KEY, True)
return required
async def set_password_change_required(
db: BaseDatabase,
config: AstrBotConfig,
required: bool,
) -> None:
_set_dashboard_flag(config, PASSWORD_CHANGE_REQUIRED_KEY, required)
def get_dashboard_password_hash(config: AstrBotConfig, *, upgraded: bool) -> str:
if upgraded and _has_usable_pbkdf2_password(config):
return config["dashboard"].get("pbkdf2_password", "")
md5_password = config["dashboard"].get("password", "")
if upgraded and not is_md5_dashboard_password(md5_password):
return ""
return md5_password
def set_dashboard_password_hashes(config: AstrBotConfig, raw_password: str) -> None:
config["dashboard"]["pbkdf2_password"] = hash_dashboard_password(raw_password)
config["dashboard"]["password"] = hash_md5_dashboard_password(raw_password)