This commit is contained in:
eric
2026-03-26 05:35:31 -05:00
parent bc6e550b95
commit cbe4585ff4
14 changed files with 78 additions and 41 deletions

39
web2_pocketbase.py Normal file
View File

@@ -0,0 +1,39 @@
"""PocketBase校验用户令牌与 live_allowed供 /start /restart 可选强制。"""
from __future__ import annotations
import os
from typing import Any, Tuple
import httpx
PB_URL = os.environ.get("WEB2_PB_URL", "https://pocketbase.hackrobot.cn").rstrip("/")
REQUIRE_PB = os.environ.get("WEB2_REQUIRE_PB_AUTH", "").strip().lower() in ("1", "true", "yes")
async def pb_auth_refresh_and_validate(token: str) -> Tuple[bool, str, dict[str, Any]]:
"""
使用 auth-refresh 校验令牌并拉取最新用户记录。
返回 (ok, error_message, record)
"""
t = (token or "").strip()
if not t:
return False, "缺少 PocketBase 授权(请在手机端登录会员账号)", {}
url = f"{PB_URL}/api/collections/users/auth-refresh"
try:
async with httpx.AsyncClient(timeout=20.0) as client:
r = await client.post(url, headers={"Authorization": f"Bearer {t}"})
except Exception as e:
return False, f"PocketBase 不可达: {e}", {}
try:
data = r.json()
except Exception:
return False, "PocketBase 响应无效", {}
if r.status_code != 200:
msg = str(data.get("message") or "授权无效或已过期")
return False, msg, {}
rec = data.get("record") or {}
if not isinstance(rec, dict):
return False, "用户记录异常", {}
if rec.get("live_allowed") is False:
return False, "账号已被管理员停用远程直播权限", {}
return True, "", rec