|
| 1 | +""" |
| 2 | +Redis клиент для хранения токенов и сессий |
| 3 | +
|
| 4 | +Предоставляет постоянное хранилище для: |
| 5 | +- Активных токенов авторизации |
| 6 | +- Пользовательских сессий |
| 7 | +- Временных данных с TTL |
| 8 | +""" |
| 9 | + |
| 10 | +import os |
| 11 | +import redis |
| 12 | +from typing import Optional |
| 13 | +import logging |
| 14 | + |
| 15 | +logger = logging.getLogger(__name__) |
| 16 | + |
| 17 | + |
| 18 | +class RedisTokenStorage: |
| 19 | + """ |
| 20 | + Хранилище токенов в Redis с автоматическим TTL |
| 21 | +
|
| 22 | + Features: |
| 23 | + - Автоматическое истечение токенов (default 8 часов) |
| 24 | + - Fallback to in-memory при недоступности Redis |
| 25 | + - Thread-safe операции |
| 26 | + """ |
| 27 | + |
| 28 | + def __init__( |
| 29 | + self, |
| 30 | + host: str = "localhost", |
| 31 | + port: int = 6379, |
| 32 | + db: int = 0, |
| 33 | + password: Optional[str] = None, |
| 34 | + default_ttl: int = 28800, # 8 hours |
| 35 | + ): |
| 36 | + """ |
| 37 | + Инициализация Redis клиента |
| 38 | +
|
| 39 | + Args: |
| 40 | + host: Redis host |
| 41 | + port: Redis port |
| 42 | + db: Redis database number |
| 43 | + password: Redis password (optional) |
| 44 | + default_ttl: Default TTL for tokens in seconds (8 hours) |
| 45 | + """ |
| 46 | + self.default_ttl = default_ttl |
| 47 | + self._fallback_storage = {} # In-memory fallback |
| 48 | + |
| 49 | + try: |
| 50 | + self.redis_client = redis.Redis( |
| 51 | + host=host, |
| 52 | + port=port, |
| 53 | + db=db, |
| 54 | + password=password |
| 55 | + if password and password != "CHANGE_THIS_REDIS_PASSWORD" |
| 56 | + else None, |
| 57 | + decode_responses=True, |
| 58 | + socket_connect_timeout=2, |
| 59 | + socket_timeout=2, |
| 60 | + ) |
| 61 | + # Test connection |
| 62 | + self.redis_client.ping() |
| 63 | + self.is_available = True |
| 64 | + logger.info(f"✅ Redis connected: {host}:{port} (db={db})") |
| 65 | + except (redis.ConnectionError, redis.TimeoutError) as e: |
| 66 | + logger.warning(f"⚠️ Redis unavailable: {e}. Using in-memory fallback.") |
| 67 | + self.redis_client = None |
| 68 | + self.is_available = False |
| 69 | + |
| 70 | + def save_token(self, token: str, email: str, ttl: Optional[int] = None) -> bool: |
| 71 | + """ |
| 72 | + Сохранить токен с привязкой к email |
| 73 | +
|
| 74 | + Args: |
| 75 | + token: Authorization token |
| 76 | + email: User email |
| 77 | + ttl: Time to live in seconds (optional, uses default_ttl) |
| 78 | +
|
| 79 | + Returns: |
| 80 | + True if successful |
| 81 | + """ |
| 82 | + ttl = ttl or self.default_ttl |
| 83 | + key = f"auth:token:{token}" |
| 84 | + |
| 85 | + try: |
| 86 | + if self.is_available: |
| 87 | + self.redis_client.setex(key, ttl, email) |
| 88 | + logger.debug(f"Token saved to Redis: {email} (TTL: {ttl}s)") |
| 89 | + else: |
| 90 | + self._fallback_storage[token] = email |
| 91 | + logger.debug(f"Token saved to memory: {email}") |
| 92 | + return True |
| 93 | + except Exception as e: |
| 94 | + logger.error(f"Failed to save token: {e}") |
| 95 | + self._fallback_storage[token] = email |
| 96 | + return False |
| 97 | + |
| 98 | + def get_email_by_token(self, token: str) -> Optional[str]: |
| 99 | + """ |
| 100 | + Получить email по токену |
| 101 | +
|
| 102 | + Args: |
| 103 | + token: Authorization token |
| 104 | +
|
| 105 | + Returns: |
| 106 | + User email or None if token not found/expired |
| 107 | + """ |
| 108 | + key = f"auth:token:{token}" |
| 109 | + |
| 110 | + try: |
| 111 | + if self.is_available: |
| 112 | + email = self.redis_client.get(key) |
| 113 | + return email |
| 114 | + else: |
| 115 | + return self._fallback_storage.get(token) |
| 116 | + except Exception as e: |
| 117 | + logger.error(f"Failed to get token: {e}") |
| 118 | + return self._fallback_storage.get(token) |
| 119 | + |
| 120 | + def delete_token(self, token: str) -> bool: |
| 121 | + """ |
| 122 | + Удалить токен (logout) |
| 123 | +
|
| 124 | + Args: |
| 125 | + token: Authorization token |
| 126 | +
|
| 127 | + Returns: |
| 128 | + True if deleted |
| 129 | + """ |
| 130 | + key = f"auth:token:{token}" |
| 131 | + |
| 132 | + try: |
| 133 | + if self.is_available: |
| 134 | + self.redis_client.delete(key) |
| 135 | + if token in self._fallback_storage: |
| 136 | + del self._fallback_storage[token] |
| 137 | + return True |
| 138 | + except Exception as e: |
| 139 | + logger.error(f"Failed to delete token: {e}") |
| 140 | + return False |
| 141 | + |
| 142 | + def get_all_tokens(self) -> dict[str, str]: |
| 143 | + """ |
| 144 | + Получить все активные токены (для совместимости) |
| 145 | +
|
| 146 | + Returns: |
| 147 | + Dict of token -> email mappings |
| 148 | + """ |
| 149 | + if not self.is_available: |
| 150 | + return self._fallback_storage.copy() |
| 151 | + |
| 152 | + try: |
| 153 | + tokens = {} |
| 154 | + pattern = "auth:token:*" |
| 155 | + for key in self.redis_client.scan_iter(match=pattern): |
| 156 | + token = key.replace("auth:token:", "") |
| 157 | + email = self.redis_client.get(key) |
| 158 | + if email: |
| 159 | + tokens[token] = email |
| 160 | + return tokens |
| 161 | + except Exception as e: |
| 162 | + logger.error(f"Failed to get all tokens: {e}") |
| 163 | + return self._fallback_storage.copy() |
| 164 | + |
| 165 | + def count_tokens(self) -> int: |
| 166 | + """Подсчитать количество активных токенов""" |
| 167 | + if not self.is_available: |
| 168 | + return len(self._fallback_storage) |
| 169 | + |
| 170 | + try: |
| 171 | + pattern = "auth:token:*" |
| 172 | + count = sum(1 for _ in self.redis_client.scan_iter(match=pattern)) |
| 173 | + return count |
| 174 | + except Exception as e: |
| 175 | + logger.error(f"Failed to count tokens: {e}") |
| 176 | + return len(self._fallback_storage) |
| 177 | + |
| 178 | + |
| 179 | +# Глобальный экземпляр Redis клиента |
| 180 | +_redis_storage: Optional[RedisTokenStorage] = None |
| 181 | + |
| 182 | + |
| 183 | +def get_redis_storage() -> RedisTokenStorage: |
| 184 | + """Получить глобальный экземпляр Redis хранилища""" |
| 185 | + global _redis_storage |
| 186 | + |
| 187 | + if _redis_storage is None: |
| 188 | + # Initialize from environment variables |
| 189 | + _redis_storage = RedisTokenStorage( |
| 190 | + host=os.getenv("REDIS_HOST", "localhost"), |
| 191 | + port=int(os.getenv("REDIS_PORT", "6379")), |
| 192 | + db=int(os.getenv("REDIS_DB", "0")), |
| 193 | + password=os.getenv("REDIS_PASSWORD"), |
| 194 | + default_ttl=int(os.getenv("JWT_ACCESS_TOKEN_EXPIRE_MINUTES", "480")) * 60, |
| 195 | + ) |
| 196 | + |
| 197 | + return _redis_storage |
0 commit comments