diff --git a/core/routers/auth/routes.py b/core/routers/auth/routes.py index 5281052..9686072 100644 --- a/core/routers/auth/routes.py +++ b/core/routers/auth/routes.py @@ -43,7 +43,7 @@ async def get_wechat_phone( result = await wechat_api.get_phone_number(code) except WechatApiError: raise HTTPException(status.HTTP_401_UNAUTHORIZED, detail='Invalid code') - return {'data': {'phone': jsonpath(result, '$.phone_info.phoneNumber')}} + return {'data': {'phone': jsonpath(result, '$.phone_info.phoneNumber', first=True)}} @auth_router.post( @@ -81,30 +81,22 @@ async def wechat_login( return {'status': 4001, 'message': '首次登录需要用户授权信息'} if all([ - # payload.phone, - payload.encrypted_data, - payload.iv, + payload.phone, + payload.nickname, + payload.avatar_url, ]) is False: raise HTTPException(status.HTTP_400_BAD_REQUEST, detail='请重试登录操作') # 注册用户 - session_key = wechat_session.get('session_key') union_id = wechat_session.get('union_id') - try: - profile = decrypt_sensitive_data(session_key, payload.encrypted_data, payload.iv) - except (ValueError, TypeError) as e: - logger.exception(f"[wechat_login] Exception, User information decryption failed, detail: {e}") - raise HTTPException(status.HTTP_400_BAD_REQUEST, detail='请重试登录操作') - - logger.info(f"decrypt plaintext: {wechat_session}") user: User | bool = await db_crud.create( data={ - 'nickname': profile.get('nickName'), - 'gender': profile.get('gender'), + 'nickname': payload.nickname, + 'gender': None, 'wechat_openid': openid, 'wechat_union_id': union_id, 'phone': payload.phone, - 'avatar_url': profile.get('avatarUrl') + 'avatar_url': payload.avatar_url }, filters={'wechat_openid': openid} ) diff --git a/core/routers/auth/schema.py b/core/routers/auth/schema.py index 7e040cd..54cae9b 100644 --- a/core/routers/auth/schema.py +++ b/core/routers/auth/schema.py @@ -12,8 +12,8 @@ from pydantic import BaseModel, constr class WechatLoginIn(BaseModel): code: str phone: Optional[constr(pattern='^1[0-9]{10}$')] = None - encrypted_data: Optional[str] = None - iv: Optional[str] = None + nickname: Optional[constr(max_length=20)] = None + avatar_url: Optional[constr(pattern='^http[a-zA-Z0-9:/\.]+')] = None class Token(BaseModel):