backend/app/core/user_context.py

from fastapi import Header, Request, Security
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer

from app.core.context import UserContext
from app.core.exceptions import AppError
from app.services.external_auth_service import ExternalAuthService

bearer_scheme = HTTPBearer(auto_error=False, description="Django 用户中心 access token")


async def get_user_context(
    request: Request,
    credentials: HTTPAuthorizationCredentials | None = Security(bearer_scheme),
    x_entry_scene: str | None = Header(default=None, alias="X-Entry-Scene"),
    x_request_id: str | None = Header(default=None, alias="X-Request-Id"),
) -> UserContext:
    """用户校验：只接受宿主系统 access token，并转发 Django 用户中心 `/me` 获取真实用户。"""
    if not credentials or not credentials.credentials.strip():
        raise AppError("AUTH_CREDENTIAL_REQUIRED", "Authorization header is required", 401)

    user = await ExternalAuthService().authenticate(request)
    return UserContext(
        user_id=user.user_id,
        tenant_id=user.tenant_id,
        role=user.role,
        entry_scene=x_entry_scene,
        request_id=x_request_id,
        ip_address=request.client.host if request.client else None,
        user_agent=request.headers.get("User-Agent"),
        username=user.username,
        display_name=user.display_name,
        auth_source=user.source,
        profile=user.profile,
    )
prepare backend-only fastapi deployment 2026-06-01 17:32:18 +08:00			`from fastapi import Header, Request, Security`
			`from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer`
chore: initialize medical consultation agent demo 2026-06-01 09:25:26 +08:00
			`from app.core.context import UserContext`
			`from app.core.exceptions import AppError`
feat: add django user center auth integration 2026-06-01 14:28:43 +08:00			`from app.services.external_auth_service import ExternalAuthService`
chore: initialize medical consultation agent demo 2026-06-01 09:25:26 +08:00
prepare backend-only fastapi deployment 2026-06-01 17:32:18 +08:00			`bearer_scheme = HTTPBearer(auto_error=False, description="Django 用户中心 access token")`

chore: initialize medical consultation agent demo 2026-06-01 09:25:26 +08:00
			`async def get_user_context(`
			`request: Request,`
prepare backend-only fastapi deployment 2026-06-01 17:32:18 +08:00			`credentials: HTTPAuthorizationCredentials \| None = Security(bearer_scheme),`
chore: initialize medical consultation agent demo 2026-06-01 09:25:26 +08:00			`x_entry_scene: str \| None = Header(default=None, alias="X-Entry-Scene"),`
			`x_request_id: str \| None = Header(default=None, alias="X-Request-Id"),`
			`) -> UserContext:`
prepare backend-only fastapi deployment 2026-06-01 17:32:18 +08:00			"""用户校验：只接受宿主系统 access token，并转发 Django 用户中心 `/me` 获取真实用户。"""
			`if not credentials or not credentials.credentials.strip():`
			`raise AppError("AUTH_CREDENTIAL_REQUIRED", "Authorization header is required", 401)`
chore: initialize medical consultation agent demo 2026-06-01 09:25:26 +08:00
prepare backend-only fastapi deployment 2026-06-01 17:32:18 +08:00			`user = await ExternalAuthService().authenticate(request)`
chore: initialize medical consultation agent demo 2026-06-01 09:25:26 +08:00			`return UserContext(`
prepare backend-only fastapi deployment 2026-06-01 17:32:18 +08:00			`user_id=user.user_id,`
			`tenant_id=user.tenant_id,`
			`role=user.role,`
chore: initialize medical consultation agent demo 2026-06-01 09:25:26 +08:00			`entry_scene=x_entry_scene,`
			`request_id=x_request_id,`
			`ip_address=request.client.host if request.client else None,`
			`user_agent=request.headers.get("User-Agent"),`
prepare backend-only fastapi deployment 2026-06-01 17:32:18 +08:00			`username=user.username,`
			`display_name=user.display_name,`
			`auth_source=user.source,`
			`profile=user.profile,`
chore: initialize medical consultation agent demo 2026-06-01 09:25:26 +08:00			`)`