From 7fb7c094fd6a7de6899d901b1b4bb9bc1587aadd Mon Sep 17 00:00:00 2001
From: MingxuanGame <MingxuanGame@outlook.com>
Date: Thu, 14 Aug 2025 13:55:06 +0000
Subject: [PATCH] feat(private-api): support upload cover

---
 app/router/private/avatar.py |  2 +-
 app/router/private/cover.py  | 69 ++++++++++++++++++++++++++++++++++++
 2 files changed, 70 insertions(+), 1 deletion(-)
 create mode 100644 app/router/private/cover.py

diff --git a/app/router/private/avatar.py b/app/router/private/avatar.py
index 99d942f..e724daf 100644
--- a/app/router/private/avatar.py
+++ b/app/router/private/avatar.py
@@ -28,7 +28,7 @@ async def upload_avatar(
 ):
     """上传用户头像
 
-    接收 Base64 编码的图片数据，验证图片格式和大小后存储到头像目录，并更新用户的头像 URL
+    接收图片数据，验证图片格式和大小后存储到存储服务，并更新用户的头像 URL
 
     限制条件:
     - 支持的图片格式: PNG、JPEG、GIF
diff --git a/app/router/private/cover.py b/app/router/private/cover.py
new file mode 100644
index 0000000..9f9b35d
--- /dev/null
+++ b/app/router/private/cover.py
@@ -0,0 +1,69 @@
+from __future__ import annotations
+
+import hashlib
+from io import BytesIO
+
+from app.database.lazer_user import User, UserProfileCover
+from app.dependencies.database import get_db
+from app.dependencies.storage import get_storage_service
+from app.dependencies.user import get_client_user
+from app.storage.base import StorageService
+
+from .router import router
+
+from fastapi import Depends, File, HTTPException, Security
+from PIL import Image
+from sqlmodel.ext.asyncio.session import AsyncSession
+
+
+@router.post(
+    "/cover/upload",
+    name="上传头像",
+)
+async def upload_avatar(
+    content: bytes = File(...),
+    current_user: User = Security(get_client_user),
+    storage: StorageService = Depends(get_storage_service),
+    session: AsyncSession = Depends(get_db),
+):
+    """上传用户头像
+
+    接收图片数据，验证图片格式和大小后存储到存储服务，并更新用户的头像 URL
+
+    限制条件:
+    - 支持的图片格式: PNG、JPEG、GIF
+    - 最大文件大小: 10MB
+    - 最大图片尺寸: 3000x2000 像素
+
+    返回:
+    - 头像 URL 和文件哈希值
+    """
+
+    # check file
+    if len(content) > 10 * 1024 * 1024:  # 10MB limit
+        raise HTTPException(status_code=400, detail="File size exceeds 10MB limit")
+    elif len(content) == 0:
+        raise HTTPException(status_code=400, detail="File cannot be empty")
+    try:
+        with Image.open(BytesIO(content)) as img:
+            if img.format not in ["PNG", "JPEG", "GIF"]:
+                raise HTTPException(status_code=400, detail="Invalid image format")
+            if img.size[0] > 3000 or img.size[1] > 2000:
+                raise HTTPException(
+                    status_code=400, detail="Image size exceeds 3000x2000 pixels"
+                )
+    except Exception as e:
+        raise HTTPException(status_code=400, detail=f"Error processing image: {e}")
+
+    filehash = hashlib.sha256(content).hexdigest()
+    storage_path = f"cover/{current_user.id}_{filehash}.png"
+    if not await storage.is_exists(storage_path):
+        await storage.write_file(storage_path, content)
+    url = await storage.get_file_url(storage_path)
+    current_user.cover = UserProfileCover(url=url)
+    await session.commit()
+
+    return {
+        "url": url,
+        "filehash": filehash,
+    }