Feat: Server refactor v1 (#1509)

2026-05-01 21:20:15 +00:00 · 2026-03-24 18:05:52 +08:00 · 2026-03-24 18:05:52 +08:00 · 712f20a8fa
commit 712f20a8fa
parent 1e542f9d27
179 changed files with 5593 additions and 6063 deletions
--- a/server/app/api/init.py
+++ b/server/app/api/init.py
@ -0,0 +1,15 @@
+# ========= Copyright 2025-2026 @ Eigent.ai All Rights Reserved. =========
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ========= Copyright 2025-2026 @ Eigent.ai All Rights Reserved. =========
+
+"""Non-domain v1 API endpoints."""
--- a/server/app/api/demo_controller.py
+++ b/server/app/api/demo_controller.py
@ -0,0 +1,27 @@
+# ========= Copyright 2025-2026 @ Eigent.ai All Rights Reserved. =========
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ========= Copyright 2025-2026 @ Eigent.ai All Rights Reserved. =========
+
+"""Demo endpoint - uses v1 auth."""
+
+from fastapi import APIRouter, Depends
+from fastapi_babel import _
+
+from app.shared.auth import auth_optional
+
+router = APIRouter(tags=["demo"])
+
+
+@router.get("/demo")
+def get(user=Depends(auth_optional)):
+    return {"message": user.id if user else _("no auth"), "content": _("hello")}
--- a/server/app/api/redirect_controller.py
+++ b/server/app/api/redirect_controller.py
@ -0,0 +1,88 @@
+# ========= Copyright 2025-2026 @ Eigent.ai All Rights Reserved. =========
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ========= Copyright 2025-2026 @ Eigent.ai All Rights Reserved. =========
+
+"""Redirect controller - H11 XSS fix with json.dumps + encodeURIComponent."""
+
+import json
+
+from fastapi import APIRouter, Request
+from fastapi.responses import HTMLResponse
+
+router = APIRouter(tags=["Redirect"])
+
+
+@router.get("/redirect/callback")
+def redirect_callback(code: str, request: Request):
+    cookies = request.cookies
+    cookies_json = json.dumps(cookies)
+    safe_code = json.dumps(code)
+
+    html_content = f"""
+    <!DOCTYPE html>
+    <html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <title>Authorization successful</title>
+        <style>
+            body {{
+                font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;
+                display: flex;
+                justify-content: center;
+                align-items: center;
+                min-height: 100vh;
+                margin: 0;
+                padding: 20px 0;
+                background-color: #f4f4f9;
+                color: #333;
+            }}
+            .container {{
+                padding: 30px;
+                background-color: white;
+                border-radius: 12px;
+                box-shadow: 0 4px 20px rgba(0, 0, 0, 0.1);
+                max-width: 600px;
+                width: 100%;
+                text-align: center;
+            }}
+            h1 {{
+                text-align: center;
+            }}
+            .loading {{
+                margin-top: 20px;
+                font-size: 16px;
+                color: #666;
+            }}
+        </style>
+    </head>
+    <body>
+        <div class="container">
+            <h1>Authorization Successful</h1>
+            <p>Redirecting to application...</p>
+            <div class="loading">Please wait...</div>
+        </div>
+        <script>
+            (function() {{
+                const allCookies = {cookies_json};
+                const code = {safe_code};
+                const baseUrl = "eigent://callback?code=" + encodeURIComponent(code);
+                let finalUrl = baseUrl;
+
+                window.location.href = finalUrl;
+            }})();
+        </script>
+    </body>
+    </html>
+    """
+    return HTMLResponse(content=html_content)