后端初始化结构

web/ws/backend/app/core/config.py

@@ -0,0 +1,43 @@
+"""
+应用配置
+"""
+from typing import List
+from pydantic_settings import BaseSettings
+from pydantic import AnyHttpUrl
+
+
+class Settings(BaseSettings):
+    """应用配置类"""
+    
+    # 项目信息
+    PROJECT_NAME: str = "PBMDB API"
+    VERSION: str = "1.0.0"
+    API_V1_STR: str = "/api/v1"
+    
+    # 数据库配置
+    DATABASE_URL: str = "postgresql://webws_admin:password@postgres:5432/webws_database"
+    
+    # CORS 配置
+    ALLOWED_ORIGINS: List[str] = [
+        "https://amiap.hzau.edu.cn",
+        "http://localhost:3000",  # 本地开发
+    ]
+    
+    # 安全配置
+    SECRET_KEY: str = "your-secret-key-here-change-in-production"
+    ACCESS_TOKEN_EXPIRE_MINUTES: int = 60 * 24 * 7  # 7 days
+    
+    # 文件上传配置
+    MAX_UPLOAD_SIZE: int = 1024 * 1024 * 100  # 100MB
+    UPLOAD_DIR: str = "/app/uploads"
+    
+    # 分页配置
+    DEFAULT_PAGE_SIZE: int = 20
+    MAX_PAGE_SIZE: int = 100
+    
+    class Config:
+        env_file = ".env"
+        case_sensitive = True
+
+
+settings = Settings()

web/ws/backend/app/core/security.py

@@ -0,0 +1,39 @@
+"""
+安全认证模块
+"""
+from datetime import datetime, timedelta
+from typing import Optional
+from fastapi import Depends, HTTPException, status
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+
+
+security = HTTPBearer()
+
+
+async def verify_token(
+    credentials: HTTPAuthorizationCredentials = Depends(security)
+) -> dict:
+    """
+    验证 Token
+    """
+    token = credentials.credentials
+    # TODO: 实现 JWT token 验证逻辑
+    return {"user_id": "example"}
+
+
+async def verify_upload_key(key: str) -> bool:
+    """
+    验证上传口令
+    用于数据汇交功能
+    """
+    # TODO: 从数据库或配置中验证口令
+    valid_keys = ["temp_key_123"]  # 临时示例
+    return key in valid_keys
+
+
+def create_access_token(data: dict, expires_delta: Optional[timedelta] = None) -> str:
+    """
+    创建访问令牌
+    """
+    # TODO: 实现 JWT token 生成
+    return "temporary_token"