Spaces:
Running
Running
File size: 5,318 Bytes
41979e6 bf50685 41979e6 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 |
from fastapi import FastAPI, Depends, HTTPException, Security, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from fastapi.middleware.cors import CORSMiddleware
from jose import JWTError, jwt
from passlib.context import CryptContext
from datetime import datetime, timedelta
from typing import Optional, Dict, Any
import os
from pydantic import BaseModel
from routes import router
from config import settings
# Güvenlik yapılandırması
SECRET_KEY = os.environ.get("SECRET_KEY", "güvenli_bir_anahtar_oluşturun")
ALGORITHM = "HS256"
ACCESS_TOKEN_EXPIRE_MINUTES = 30
# Şifre hashleme
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
# Token doğrulama
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
# Kullanıcı modeli
class User(BaseModel):
username: str
full_name: str
email: str
role: str # "admin", "doctor", "specialist"
disabled: bool = False
# Token modeli
class Token(BaseModel):
access_token: str
token_type: str
# Örnek kullanıcı veritabanı (gerçek uygulamada güvenli bir veritabanı kullanın)
fake_users_db = {
"doktor": {
"username": "doktor",
"full_name": "Doktor Kullanıcı",
"email": "doktor@example.com",
"hashed_password": pwd_context.hash("gizlisifre"),
"role": "doctor",
"disabled": False
},
"bölüm_başkanı": {
"username": "bölüm_başkanı",
"full_name": "Bölüm Başkanı",
"email": "bolum@example.com",
"hashed_password": pwd_context.hash("gizlisifre2"),
"role": "specialist",
"disabled": False
}
}
# Uygulama
app = FastAPI(
title="Tıbbi Konuşma Transkripsiyon Servisi",
description="Doktor viziteleri sırasında konuşmaları transkribe eden ve diyarize eden API",
version="0.1.0"
)
# CORS ayarları - sadece güvenilir kaynaklar
app.add_middleware(
CORSMiddleware,
allow_origins=["https://sizin-guvenli-web-siteniz.com"], # Üretimde belirli bir domain listesi kullanın
allow_credentials=True,
allow_methods=["GET", "POST"],
allow_headers=["Authorization", "Content-Type"],
)
# Yetkilendirme fonksiyonları
def verify_password(plain_password, hashed_password):
return pwd_context.verify(plain_password, hashed_password)
def get_user(db, username: str):
if username in db:
user_dict = db[username]
return User(**user_dict)
def authenticate_user(db, username: str, password: str):
user = get_user(db, username)
if not user:
return False
if not verify_password(password, db[username]["hashed_password"]):
return False
return user
def create_access_token(data: dict, expires_delta: Optional[timedelta] = None):
to_encode = data.copy()
if expires_delta:
expire = datetime.utcnow() + expires_delta
else:
expire = datetime.utcnow() + timedelta(minutes=15)
to_encode.update({"exp": expire})
encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
return encoded_jwt
async def get_current_user(token: str = Depends(oauth2_scheme)):
credentials_exception = HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Geçersiz kimlik bilgileri",
headers={"WWW-Authenticate": "Bearer"},
)
try:
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
username: str = payload.get("sub")
if username is None:
raise credentials_exception
except JWTError:
raise credentials_exception
user = get_user(fake_users_db, username)
if user is None:
raise credentials_exception
return user
async def get_current_active_user(current_user: User = Depends(get_current_user)):
if current_user.disabled:
raise HTTPException(status_code=400, detail="Inactive user")
return current_user
# Doktor yetkisi kontrolü
def doctor_required(current_user: User = Depends(get_current_active_user)):
if current_user.role not in ["doctor", "specialist"]:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Bu işlem için doktor yetkisi gereklidir"
)
return current_user
# Token endpoint
@app.post("/token", response_model=Token)
async def login_for_access_token(form_data: OAuth2PasswordRequestForm = Depends()):
user = authenticate_user(fake_users_db, form_data.username, form_data.password)
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Kullanıcı adı veya şifre hatalı",
headers={"WWW-Authenticate": "Bearer"},
)
access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
access_token = create_access_token(
data={"sub": user.username}, expires_delta=access_token_expires
)
return {"access_token": access_token, "token_type": "bearer"}
# Türkçe dil desteği yapılandırması
app.state.asr_config = {
"language": "tr",
"model": "whisper-large-v3",
"domain": "medical",
# Güvenlik ayarları
"anonymize_data": True # Varsayılan olarak veri anonimleştirme aktif
}
# Router'ı ekle - doktor yetkisi gerektir
app.include_router(router, prefix="/api", dependencies=[Depends(doctor_required)])
|