Improve JWT claims and chat channel reliability

Adds standard JWT claims (audience and issuer) to access tokens and updates config for these fields. Refactors multiplayer room chat channel logic to ensure reliable user join/leave with retry mechanisms, improves error handling and cleanup, and ensures host is correctly added as a participant. Updates Docker entrypoint for better compatibility and connection handling, modifies Docker Compose and Nginx config for improved deployment and proxy header forwarding.
2025-08-24 10:36:57 +08:00
parent 0cf3061f8a
commit 616656638d
7 changed files with 203 additions and 101 deletions
--- a/app/auth.py
+++ b/app/auth.py
@@ -154,12 +154,21 @@ def create_access_token(data: dict, expires_delta: timedelta | None = None) -> s
        expire = utcnow() + expires_delta
    else:
        expire = utcnow() + timedelta(minutes=settings.access_token_expire_minutes)
-
-    to_encode.update({"exp": expire, "random": secrets.token_hex(16)})
+    
+    # 添加标准JWT声明
+    to_encode.update({
+        "exp": expire,
+        "random": secrets.token_hex(16)
+    })
+    if hasattr(settings, 'jwt_audience') and settings.jwt_audience:
+        to_encode["aud"] = settings.jwt_audience
+    if hasattr(settings, 'jwt_issuer') and settings.jwt_issuer:
+        to_encode["iss"] = settings.jwt_issuer
+    
+    # 编码JWT
    encoded_jwt = jwt.encode(to_encode, settings.secret_key, algorithm=settings.algorithm)
    return encoded_jwt

-
 def generate_refresh_token() -> str:
    """生成刷新令牌"""
    length = 64