first commit

2026-04-07 16:05:05 +08:00
commit 9d9bdbb1ce
136 changed files with 5103 additions and 0 deletions
@@ -0,0 +1,18 @@
+from flask import Blueprint
+
+api_bp = Blueprint("api", __name__)
+
+from . import (
+    auth,
+    users,
+    workspaces,
+    agents,
+    conversations,
+    messages,
+    tools,
+    skills,
+    memories,
+    models,
+    cron_jobs,
+    channels,
+)
@@ -0,0 +1,107 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from . import api_bp
+from ..models import Agent, Workspace
+from ..schemas import AgentSchema, AgentCreateSchema, AgentUpdateSchema
+from ..services import AgentService
+
+
+agent_schema = AgentSchema()
+agent_create_schema = AgentCreateSchema()
+agent_update_schema = AgentUpdateSchema()
+
+
+@api_bp.route("/workspaces/<int:workspace_id>/agents", methods=["GET"])
+@jwt_required()
+def get_agents(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+
+    agents = Agent.query.filter_by(workspace_id=workspace_id).all()
+    return jsonify(agent_schema.dump(agents, many=True))
+
+
+@api_bp.route("/workspaces/<int:workspace_id>/agents", methods=["POST"])
+@jwt_required()
+def create_agent(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+
+    data = request.get_json()
+    errors = agent_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        agent = AgentService.create_agent(workspace_id, data)
+        return jsonify(agent_schema.dump(agent)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/agents/<int:agent_id>", methods=["GET"])
+@jwt_required()
+def get_agent(agent_id):
+    user_id = get_jwt_identity()
+    agent = Agent.query.filter_by(id=agent_id).first()
+    if not agent:
+        return jsonify({"error": "Agent 不存在"}), 404
+
+    workspace = Workspace.query.filter_by(
+        id=agent.workspace_id, user_id=user_id
+    ).first()
+    if not workspace:
+        return jsonify({"error": "无权访问此 Agent"}), 403
+
+    return jsonify(agent_schema.dump(agent))
+
+
+@api_bp.route("/agents/<int:agent_id>", methods=["PUT"])
+@jwt_required()
+def update_agent(agent_id):
+    user_id = get_jwt_identity()
+    agent = Agent.query.filter_by(id=agent_id).first()
+    if not agent:
+        return jsonify({"error": "Agent 不存在"}), 404
+
+    workspace = Workspace.query.filter_by(
+        id=agent.workspace_id, user_id=user_id
+    ).first()
+    if not workspace:
+        return jsonify({"error": "无权访问此 Agent"}), 403
+
+    data = request.get_json()
+    errors = agent_update_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        updated_agent = AgentService.update_agent(agent, data)
+        return jsonify(agent_schema.dump(updated_agent))
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/agents/<int:agent_id>", methods=["DELETE"])
+@jwt_required()
+def delete_agent(agent_id):
+    user_id = get_jwt_identity()
+    agent = Agent.query.filter_by(id=agent_id).first()
+    if not agent:
+        return jsonify({"error": "Agent 不存在"}), 404
+
+    workspace = Workspace.query.filter_by(
+        id=agent.workspace_id, user_id=user_id
+    ).first()
+    if not workspace:
+        return jsonify({"error": "无权访问此 Agent"}), 403
+
+    try:
+        AgentService.delete_agent(agent)
+        return jsonify({"message": "Agent 已删除"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,55 @@
+from flask import request, jsonify
+from flask_jwt_extended import create_access_token
+from . import api_bp
+from ..models import User
+from ..schemas import UserCreateSchema
+from ..services import AuthService
+
+
+user_create_schema = UserCreateSchema()
+
+
+@api_bp.route("/auth/register", methods=["POST"])
+def register():
+    data = request.get_json()
+    errors = user_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        user = AuthService.register(
+            data["username"], data["password"], data.get("email")
+        )
+        access_token = create_access_token(identity=user.id)
+        return jsonify(
+            {
+                "message": "注册成功",
+                "user": user.to_dict(),
+                "access_token": access_token,
+            }
+        ), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/auth/login", methods=["POST"])
+def login():
+    data = request.get_json()
+    username = data.get("username")
+    password = data.get("password")
+
+    if not username or not password:
+        return jsonify({"error": "用户名和密码不能为空"}), 400
+
+    try:
+        user = AuthService.login(username, password)
+        access_token = create_access_token(identity=user.id)
+        return jsonify(
+            {
+                "message": "登录成功",
+                "user": user.to_dict(),
+                "access_token": access_token,
+            }
+        ), 200
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 401
@@ -0,0 +1,71 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required
+from . import api_bp
+from ..models import Channel
+from ..schemas import ChannelSchema, ChannelCreateSchema, ChannelUpdateSchema
+from ..services import ChannelService
+
+
+channel_schema = ChannelSchema()
+channel_create_schema = ChannelCreateSchema()
+channel_update_schema = ChannelUpdateSchema()
+
+
+@api_bp.route("/channels", methods=["GET"])
+@jwt_required()
+def get_channels():
+    channels = Channel.query.all()
+    return jsonify(channel_schema.dump(channels, many=True))
+
+
+@api_bp.route("/channels", methods=["POST"])
+@jwt_required()
+def create_channel():
+    data = request.get_json()
+    errors = channel_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        channel = ChannelService.create_channel(data)
+        return jsonify(channel_schema.dump(channel)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/channels/<int:channel_id>", methods=["GET"])
+@jwt_required()
+def get_channel(channel_id):
+    channel = Channel.query.get(channel_id)
+    if not channel:
+        return jsonify({"error": "渠道不存在"}), 404
+    return jsonify(channel_schema.dump(channel))
+
+
+@api_bp.route("/channels/<int:channel_id>", methods=["PUT"])
+@jwt_required()
+def update_channel(channel_id):
+    channel = Channel.query.get(channel_id)
+    if not channel:
+        return jsonify({"error": "渠道不存在"}), 404
+
+    data = request.get_json()
+    errors = channel_update_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        updated_channel = ChannelService.update_channel(channel, data)
+        return jsonify(channel_schema.dump(updated_channel))
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/channels/<int:channel_id>", methods=["DELETE"])
+@jwt_required()
+def delete_channel(channel_id):
+    try:
+        ChannelService.delete_channel(channel_id)
+        return jsonify({"message": "渠道已删除"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,92 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from . import api_bp
+from ..models import Conversation, Workspace
+from ..schemas import (
+    ConversationSchema,
+    ConversationCreateSchema,
+    ConversationUpdateSchema,
+)
+from ..services import ConversationService
+
+
+conversation_schema = ConversationSchema()
+conversation_create_schema = ConversationCreateSchema()
+conversation_update_schema = ConversationUpdateSchema()
+
+
+@api_bp.route("/workspaces/<int:workspace_id>/conversations", methods=["GET"])
+@jwt_required()
+def get_conversations(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+
+    conversations = Conversation.query.filter_by(workspace_id=workspace_id).all()
+    return jsonify(conversation_schema.dump(conversations, many=True))
+
+
+@api_bp.route("/workspaces/<int:workspace_id>/conversations", methods=["POST"])
+@jwt_required()
+def create_conversation(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+
+    data = request.get_json()
+    errors = conversation_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        conversation = ConversationService.create_conversation(workspace_id, data)
+        return jsonify(conversation_schema.dump(conversation)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/conversations/<int:conversation_id>", methods=["GET"])
+@jwt_required()
+def get_conversation(conversation_id):
+    user_id = get_jwt_identity()
+    conversation = Conversation.query.filter_by(id=conversation_id).first()
+    if not conversation:
+        return jsonify({"error": "会话不存在"}), 404
+
+    workspace = Workspace.query.filter_by(
+        id=conversation.workspace_id, user_id=user_id
+    ).first()
+    if not workspace:
+        return jsonify({"error": "无权访问此会话"}), 403
+
+    return jsonify(conversation_schema.dump(conversation))
+
+
+@api_bp.route("/conversations/<int:conversation_id>", methods=["PUT"])
+@jwt_required()
+def update_conversation(conversation_id):
+    user_id = get_jwt_identity()
+    conversation = Conversation.query.filter_by(id=conversation_id).first()
+    if not conversation:
+        return jsonify({"error": "会话不存在"}), 404
+
+    workspace = Workspace.query.filter_by(
+        id=conversation.workspace_id, user_id=user_id
+    ).first()
+    if not workspace:
+        return jsonify({"error": "无权访问此会话"}), 403
+
+    data = request.get_json()
+    errors = conversation_update_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        updated_conversation = ConversationService.update_conversation(
+            conversation, data
+        )
+        return jsonify(conversation_schema.dump(updated_conversation))
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,71 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required
+from . import api_bp
+from ..models import CronJob
+from ..schemas import CronJobSchema, CronJobCreateSchema, CronJobUpdateSchema
+from ..services import CronJobService
+
+
+cron_job_schema = CronJobSchema()
+cron_job_create_schema = CronJobCreateSchema()
+cron_job_update_schema = CronJobUpdateSchema()
+
+
+@api_bp.route("/agents/<int:agent_id>/cron-jobs", methods=["GET"])
+@jwt_required()
+def get_cron_jobs(agent_id):
+    cron_jobs = CronJob.query.filter_by(agent_id=agent_id).all()
+    return jsonify(cron_job_schema.dump(cron_jobs, many=True))
+
+
+@api_bp.route("/agents/<int:agent_id>/cron-jobs", methods=["POST"])
+@jwt_required()
+def create_cron_job(agent_id):
+    data = request.get_json()
+    errors = cron_job_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        cron_job = CronJobService.create_cron_job(agent_id, data)
+        return jsonify(cron_job_schema.dump(cron_job)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/cron-jobs/<int:cron_job_id>", methods=["GET"])
+@jwt_required()
+def get_cron_job(cron_job_id):
+    cron_job = CronJob.query.get(cron_job_id)
+    if not cron_job:
+        return jsonify({"error": "定时任务不存在"}), 404
+    return jsonify(cron_job_schema.dump(cron_job))
+
+
+@api_bp.route("/cron-jobs/<int:cron_job_id>", methods=["PUT"])
+@jwt_required()
+def update_cron_job(cron_job_id):
+    cron_job = CronJob.query.get(cron_job_id)
+    if not cron_job:
+        return jsonify({"error": "定时任务不存在"}), 404
+
+    data = request.get_json()
+    errors = cron_job_update_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        updated_cron_job = CronJobService.update_cron_job(cron_job, data)
+        return jsonify(cron_job_schema.dump(updated_cron_job))
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/cron-jobs/<int:cron_job_id>", methods=["DELETE"])
+@jwt_required()
+def delete_cron_job(cron_job_id):
+    try:
+        CronJobService.delete_cron_job(cron_job_id)
+        return jsonify({"message": "定时任务已删除"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,81 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from . import api_bp
+from ..models import Memory, Workspace
+from ..schemas import MemorySchema, MemoryCreateSchema, MemoryUpdateSchema
+from ..services import MemoryService
+
+
+memory_schema = MemorySchema()
+memory_create_schema = MemoryCreateSchema()
+memory_update_schema = MemoryUpdateSchema()
+
+
+@api_bp.route("/workspaces/<int:workspace_id>/memories", methods=["GET"])
+@jwt_required()
+def get_memories(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+
+    memories = Memory.query.filter_by(workspace_id=workspace_id).all()
+    return jsonify(memory_schema.dump(memories, many=True))
+
+
+@api_bp.route("/workspaces/<int:workspace_id>/memories", methods=["POST"])
+@jwt_required()
+def create_memory(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+
+    data = request.get_json()
+    errors = memory_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        memory = MemoryService.create_memory(workspace_id, data)
+        return jsonify(memory_schema.dump(memory)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/memories/<int:memory_id>", methods=["GET"])
+@jwt_required()
+def get_memory(memory_id):
+    memory = Memory.query.get(memory_id)
+    if not memory:
+        return jsonify({"error": "记忆不存在"}), 404
+    return jsonify(memory_schema.dump(memory))
+
+
+@api_bp.route("/memories/<int:memory_id>", methods=["PUT"])
+@jwt_required()
+def update_memory(memory_id):
+    memory = Memory.query.get(memory_id)
+    if not memory:
+        return jsonify({"error": "记忆不存在"}), 404
+
+    data = request.get_json()
+    errors = memory_update_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        updated_memory = MemoryService.update_memory(memory, data)
+        return jsonify(memory_schema.dump(updated_memory))
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/memories/<int:memory_id>", methods=["DELETE"])
+@jwt_required()
+def delete_memory(memory_id):
+    try:
+        MemoryService.delete_memory(memory_id)
+        return jsonify({"message": "记忆已删除"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,58 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from . import api_bp
+from ..models import Message, Conversation, Workspace
+from ..schemas import MessageSchema, MessageCreateSchema
+from ..services import MessageService
+
+
+message_schema = MessageSchema()
+message_create_schema = MessageCreateSchema()
+
+
+@api_bp.route("/conversations/<int:conversation_id>/messages", methods=["GET"])
+@jwt_required()
+def get_messages(conversation_id):
+    user_id = get_jwt_identity()
+    conversation = Conversation.query.filter_by(id=conversation_id).first()
+    if not conversation:
+        return jsonify({"error": "会话不存在"}), 404
+
+    workspace = Workspace.query.filter_by(
+        id=conversation.workspace_id, user_id=user_id
+    ).first()
+    if not workspace:
+        return jsonify({"error": "无权访问此会话"}), 403
+
+    messages = (
+        Message.query.filter_by(conversation_id=conversation_id)
+        .order_by(Message.created_at)
+        .all()
+    )
+    return jsonify(message_schema.dump(messages, many=True))
+
+
+@api_bp.route("/conversations/<int:conversation_id>/messages", methods=["POST"])
+@jwt_required()
+def create_message(conversation_id):
+    user_id = get_jwt_identity()
+    conversation = Conversation.query.filter_by(id=conversation_id).first()
+    if not conversation:
+        return jsonify({"error": "会话不存在"}), 404
+
+    workspace = Workspace.query.filter_by(
+        id=conversation.workspace_id, user_id=user_id
+    ).first()
+    if not workspace:
+        return jsonify({"error": "无权访问此会话"}), 403
+
+    data = request.get_json()
+    errors = message_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        message = MessageService.create_message(conversation_id, data)
+        return jsonify(message_schema.dump(message)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,75 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required
+from . import api_bp
+from ..models import Model
+from ..schemas import ModelSchema, ModelCreateSchema
+from ..services import ModelService
+
+
+model_schema = ModelSchema()
+model_create_schema = ModelCreateSchema()
+
+
+@api_bp.route("/models", methods=["GET"])
+@jwt_required()
+def get_models():
+    models = Model.query.all()
+    return jsonify(model_schema.dump(models, many=True))
+
+
+@api_bp.route("/models", methods=["POST"])
+@jwt_required()
+def create_model():
+    data = request.get_json()
+    errors = model_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        model = ModelService.create_model(data)
+        return jsonify(model_schema.dump(model)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/models/<int:model_id>", methods=["GET"])
+@jwt_required()
+def get_model(model_id):
+    model = Model.query.get(model_id)
+    if not model:
+        return jsonify({"error": "模型不存在"}), 404
+    return jsonify(model_schema.dump(model))
+
+
+@api_bp.route("/models/<int:model_id>", methods=["PUT"])
+@jwt_required()
+def update_model(model_id):
+    model = Model.query.get(model_id)
+    if not model:
+        return jsonify({"error": "模型不存在"}), 404
+
+    data = request.get_json()
+    try:
+        updated_model = ModelService.update_model(model, data)
+        return jsonify(model_schema.dump(updated_model))
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/models/<int:model_id>", methods=["DELETE"])
+@jwt_required()
+def delete_model(model_id):
+    try:
+        ModelService.delete_model(model_id)
+        return jsonify({"message": "模型已删除"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/models/default", methods=["GET"])
+@jwt_required()
+def get_default_model():
+    model = Model.query.filter_by(is_default=True, is_active=True).first()
+    if not model:
+        return jsonify({"error": "默认模型不存在"}), 404
+    return jsonify(model_schema.dump(model))
@@ -0,0 +1,45 @@
+from flask import jsonify
+from flask_jwt_extended import jwt_required
+from . import api_bp
+from ..models import Skill
+from ..schemas import SkillSchema
+from ..services import SkillService
+
+
+skill_schema = SkillSchema()
+
+
+@api_bp.route("/skills", methods=["GET"])
+@jwt_required()
+def get_skills():
+    skills = Skill.query.all()
+    return jsonify(skill_schema.dump(skills, many=True))
+
+
+@api_bp.route("/skills/<int:skill_id>", methods=["GET"])
+@jwt_required()
+def get_skill(skill_id):
+    skill = Skill.query.get(skill_id)
+    if not skill:
+        return jsonify({"error": "技能不存在"}), 404
+    return jsonify(skill_schema.dump(skill))
+
+
+@api_bp.route("/skills/<int:skill_id>/install", methods=["POST"])
+@jwt_required()
+def install_skill(skill_id):
+    try:
+        SkillService.install_skill(skill_id)
+        return jsonify({"message": "技能已安装"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/skills/<int:skill_id>/uninstall", methods=["POST"])
+@jwt_required()
+def uninstall_skill(skill_id):
+    try:
+        SkillService.uninstall_skill(skill_id)
+        return jsonify({"message": "技能已卸载"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,80 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required
+from . import api_bp
+from ..models import Tool, AgentTool
+from ..schemas import (
+    ToolSchema,
+    ToolCreateSchema,
+    AgentToolSchema,
+    AgentToolCreateSchema,
+)
+from ..services import ToolService
+
+
+tool_schema = ToolSchema()
+tool_create_schema = ToolCreateSchema()
+agent_tool_schema = AgentToolSchema()
+agent_tool_create_schema = AgentToolCreateSchema()
+
+
+@api_bp.route("/tools", methods=["GET"])
+@jwt_required()
+def get_tools():
+    tools = Tool.query.all()
+    return jsonify(tool_schema.dump(tools, many=True))
+
+
+@api_bp.route("/tools", methods=["POST"])
+@jwt_required()
+def create_tool():
+    data = request.get_json()
+    errors = tool_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        tool = ToolService.create_tool(data)
+        return jsonify(tool_schema.dump(tool)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/tools/<int:tool_id>", methods=["GET"])
+@jwt_required()
+def get_tool(tool_id):
+    tool = Tool.query.get(tool_id)
+    if not tool:
+        return jsonify({"error": "工具不存在"}), 404
+    return jsonify(tool_schema.dump(tool))
+
+
+@api_bp.route("/agents/<int:agent_id>/tools", methods=["GET"])
+@jwt_required()
+def get_agent_tools(agent_id):
+    agent_tools = AgentTool.query.filter_by(agent_id=agent_id).all()
+    return jsonify(agent_tool_schema.dump(agent_tools, many=True))
+
+
+@api_bp.route("/agents/<int:agent_id>/tools", methods=["POST"])
+@jwt_required()
+def add_agent_tool(agent_id):
+    data = request.get_json()
+    errors = agent_tool_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        agent_tool = ToolService.add_tool_to_agent(agent_id, data["tool_id"])
+        return jsonify(agent_tool_schema.dump(agent_tool)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/agents/<int:agent_id>/tools/<int:tool_id>", methods=["DELETE"])
+@jwt_required()
+def remove_agent_tool(agent_id, tool_id):
+    try:
+        ToolService.remove_tool_from_agent(agent_id, tool_id)
+        return jsonify({"message": "工具已移除"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,40 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from . import api_bp
+from ..models import User
+from ..schemas import UserSchema, UserUpdateSchema
+from ..services import UserService
+
+
+user_schema = UserSchema()
+user_update_schema = UserUpdateSchema()
+
+
+@api_bp.route("/users/me", methods=["GET"])
+@jwt_required()
+def get_current_user():
+    user_id = get_jwt_identity()
+    user = User.query.get(user_id)
+    if not user:
+        return jsonify({"error": "用户不存在"}), 404
+    return jsonify(user_schema.dump(user))
+
+
+@api_bp.route("/users/me", methods=["PUT"])
+@jwt_required()
+def update_current_user():
+    user_id = get_jwt_identity()
+    user = User.query.get(user_id)
+    if not user:
+        return jsonify({"error": "用户不存在"}), 404
+
+    data = request.get_json()
+    errors = user_update_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        updated_user = UserService.update_user(user, data)
+        return jsonify(user_schema.dump(updated_user))
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
@@ -0,0 +1,82 @@
+from flask import jsonify, request
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from . import api_bp
+from ..models import Workspace
+from ..schemas import WorkspaceSchema, WorkspaceCreateSchema, WorkspaceUpdateSchema
+from ..services import WorkspaceService
+
+
+workspace_schema = WorkspaceSchema()
+workspace_create_schema = WorkspaceCreateSchema()
+workspace_update_schema = WorkspaceUpdateSchema()
+
+
+@api_bp.route("/workspaces", methods=["GET"])
+@jwt_required()
+def get_workspaces():
+    user_id = get_jwt_identity()
+    workspaces = Workspace.query.filter_by(user_id=user_id).all()
+    return jsonify(workspace_schema.dump(workspaces, many=True))
+
+
+@api_bp.route("/workspaces", methods=["POST"])
+@jwt_required()
+def create_workspace():
+    user_id = get_jwt_identity()
+    data = request.get_json()
+    errors = workspace_create_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        workspace = WorkspaceService.create_workspace(
+            user_id, data["name"], data.get("description")
+        )
+        return jsonify(workspace_schema.dump(workspace)), 201
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/workspaces/<int:workspace_id>", methods=["GET"])
+@jwt_required()
+def get_workspace(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+    return jsonify(workspace_schema.dump(workspace))
+
+
+@api_bp.route("/workspaces/<int:workspace_id>", methods=["PUT"])
+@jwt_required()
+def update_workspace(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+
+    data = request.get_json()
+    errors = workspace_update_schema.validate(data)
+    if errors:
+        return jsonify({"error": errors}), 400
+
+    try:
+        updated_workspace = WorkspaceService.update_workspace(workspace, data)
+        return jsonify(workspace_schema.dump(updated_workspace))
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400
+
+
+@api_bp.route("/workspaces/<int:workspace_id>", methods=["DELETE"])
+@jwt_required()
+def delete_workspace(workspace_id):
+    user_id = get_jwt_identity()
+    workspace = Workspace.query.filter_by(id=workspace_id, user_id=user_id).first()
+    if not workspace:
+        return jsonify({"error": "工作空间不存在"}), 404
+
+    try:
+        WorkspaceService.delete_workspace(workspace)
+        return jsonify({"message": "工作空间已删除"})
+    except ValueError as e:
+        return jsonify({"error": str(e)}), 400