re-structure code

app/dependencies/__init__.py

@@ -0,0 +1,2 @@
+from .database import get_db as get_db
+from .user import get_current_user as get_current_user

app/dependencies/user.py

@@ -0,0 +1,32 @@
+from fastapi import Depends, HTTPException
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+from sqlalchemy.orm import Session
+
+from app.auth import get_token_by_access_token
+
+from .database import get_db
+from app.database import (
+    User as DBUser,
+)
+
+security = HTTPBearer()
+
+
+async def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Depends(security),
+    db: Session = Depends(get_db),
+) -> DBUser:
+    """获取当前认证用户"""
+    token = credentials.credentials
+
+    # 验证令牌
+    token_record = get_token_by_access_token(db, token)
+    if not token_record:
+        raise HTTPException(status_code=401, detail="Invalid or expired token")
+
+    # 获取用户
+    user = db.query(DBUser).filter(DBUser.id == token_record.user_id).first()
+    if not user:
+        raise HTTPException(status_code=404, detail="User not found")
+
+    return user

app/router/__init__.py

@@ -0,0 +1,5 @@
+from __future__ import annotations
+
+from . import me  # pyright: ignore[reportUnusedImport]  # noqa: F401
+from .api_router import router as api_router
+from .auth import router as auth_router

app/router/api_router.py

@@ -0,0 +1,4 @@
+from fastapi import APIRouter
+
+
+router = APIRouter()

app/router/auth.py

@@ -0,0 +1,112 @@
+from __future__ import annotations
+
+from datetime import timedelta
+
+from app.auth import (
+    authenticate_user,
+    create_access_token,
+    generate_refresh_token,
+    get_token_by_refresh_token,
+    store_token,
+)
+from app.config import settings
+from app.dependencies import get_db
+from app.models import TokenResponse
+
+from fastapi import APIRouter, Depends, Form, HTTPException
+from sqlalchemy.orm import Session
+
+router = APIRouter(tags=["osu! OAuth 认证"])
+
+
+@router.post("/oauth/token", response_model=TokenResponse)
+async def oauth_token(
+    grant_type: str = Form(...),
+    client_id: str = Form(...),
+    client_secret: str = Form(...),
+    scope: str = Form("*"),
+    username: str | None = Form(None),
+    password: str | None = Form(None),
+    refresh_token: str | None = Form(None),
+    db: Session = Depends(get_db),
+):
+    """OAuth 令牌端点"""
+    # 验证客户端凭据
+    if (
+        client_id != settings.OSU_CLIENT_ID
+        or client_secret != settings.OSU_CLIENT_SECRET
+    ):
+        raise HTTPException(status_code=401, detail="Invalid client credentials")
+
+    if grant_type == "password":
+        # 密码授权流程
+        if not username or not password:
+            raise HTTPException(
+                status_code=400, detail="Username and password required"
+            )
+
+        # 验证用户
+        user = authenticate_user(db, username, password)
+        if not user:
+            raise HTTPException(status_code=401, detail="Invalid username or password")
+
+        # 生成令牌
+        access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
+        access_token = create_access_token(
+            data={"sub": str(user.id)}, expires_delta=access_token_expires
+        )
+        refresh_token_str = generate_refresh_token()
+
+        # 存储令牌
+        store_token(
+            db,
+            user.id,
+            access_token,
+            refresh_token_str,
+            settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60,
+        )
+
+        return TokenResponse(
+            access_token=access_token,
+            token_type="Bearer",
+            expires_in=settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60,
+            refresh_token=refresh_token_str,
+            scope=scope,
+        )
+
+    elif grant_type == "refresh_token":
+        # 刷新令牌流程
+        if not refresh_token:
+            raise HTTPException(status_code=400, detail="Refresh token required")
+
+        # 验证刷新令牌
+        token_record = get_token_by_refresh_token(db, refresh_token)
+        if not token_record:
+            raise HTTPException(status_code=401, detail="Invalid refresh token")
+
+        # 生成新的访问令牌
+        access_token_expires = timedelta(minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
+        access_token = create_access_token(
+            data={"sub": str(token_record.user_id)}, expires_delta=access_token_expires
+        )
+        new_refresh_token = generate_refresh_token()
+
+        # 更新令牌
+        store_token(
+            db,
+            token_record.user_id,
+            access_token,
+            new_refresh_token,
+            settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60,
+        )
+
+        return TokenResponse(
+            access_token=access_token,
+            token_type="Bearer",
+            expires_in=settings.ACCESS_TOKEN_EXPIRE_MINUTES * 60,
+            refresh_token=new_refresh_token,
+            scope=scope,
+        )
+
+    else:
+        raise HTTPException(status_code=400, detail="Unsupported grant type")

app/router/me.py

@@ -0,0 +1,29 @@
+from __future__ import annotations
+
+from typing import Literal
+
+from app.database import (
+    User as DBUser,
+)
+from app.dependencies import get_current_user, get_db
+from app.models import (
+    User as ApiUser,
+)
+from app.utils import convert_db_user_to_api_user
+
+from .api_router import router
+
+from fastapi import Depends
+from sqlalchemy.orm import Session
+
+
+@router.get("/me/{ruleset}", response_model=ApiUser)
+async def get_user_info_default(
+    ruleset: Literal["osu", "taiko", "fruits", "mania"] = "osu",
+    current_user: DBUser = Depends(get_current_user),
+    db: Session = Depends(get_db),
+):
+    """获取当前用户信息（默认使用osu模式）"""
+    # 默认使用osu模式
+    api_user = convert_db_user_to_api_user(current_user, ruleset, db)
+    return api_user