chore: 后端 agent 和 users 模块代码更新优化

2026-03-10 17:44:29 +08:00
parent 8da9377ed9
commit 2049184456
9 changed files with 294 additions and 81 deletions
@@ -9,7 +9,6 @@ from sqlalchemy.ext.asyncio import AsyncSession
 from core.auth.jwt_verifier import (
    JwtVerifier,
    TokenValidationError,
-    TokenVerifierUnavailableError,
 )
 from core.auth.models import CurrentUser
 from core.config.settings import config
@@ -35,17 +34,19 @@ def get_auth_gateway() -> SupabaseAuthGateway:
 def get_jwt_verifier() -> JwtVerifier:
    global _jwt_verifier
    if _jwt_verifier is None:
-        jwks_url = config.supabase.jwks_url
        issuer = config.supabase.jwt_issuer
-        audience = config.supabase.jwt_audience
-        if not jwks_url or not issuer or not audience:
+        jwt_secret = (
+            config.supabase.jwt_secret.get_secret_value()
+            if config.supabase.jwt_secret is not None
+            else None
+        )
+        if not issuer or not jwt_secret:
            logger.error("JWT validation failed: verifier config not configured")
            raise HTTPException(status_code=503, detail="JWT verifier not configured")
        _jwt_verifier = JwtVerifier(
-            jwks_url=jwks_url,
            issuer=issuer,
-            audience=audience,
-            apikey=config.supabase.anon_key,
+            jwt_secret=jwt_secret,
+            jwt_algorithm=config.supabase.jwt_algorithm,
        )
    return _jwt_verifier

@@ -64,9 +65,6 @@ def get_current_user(authorization: str | None = Header(default=None)) -> Curren
        payload = get_jwt_verifier().verify(token)
    except HTTPException:
        raise
-    except TokenVerifierUnavailableError:
-        logger.error("JWT validation failed: verifier unavailable")
-        raise HTTPException(status_code=503, detail="JWT verifier unavailable")
    except TokenValidationError as exc:
        logger.warning(
            "JWT validation failed",