ngskcloud
/
gcgj-dify-1.7.0
17
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

optimize token validation

Browse Source
pull/21891/head
ytqh 1 year ago
parent 085992e617
commit 1e10517dcf
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File

12
api/controllers/service_api_with_auth/wraps.py
Unescape Escape View File

@ -14,6 +14,7 @@ from libs.passport import PassportService
from models.account import Account, Tenant, TenantAccountJoin, TenantStatus from models.account import Account, Tenant, TenantAccountJoin, TenantStatus
from models.model import ApiToken, App, EndUser from models.model import ApiToken, App, EndUser
from pydantic import BaseModel # type: ignore from pydantic import BaseModel # type: ignore
from services.account_service import AccountService
from services.feature_service import FeatureService from services.feature_service import FeatureService
from sqlalchemy import select, update # type: ignore from sqlalchemy import select, update # type: ignore
from sqlalchemy.orm import Session # type: ignore from sqlalchemy.orm import Session # type: ignore
@ -54,11 +55,18 @@ def validate_user_token_and_extract_info(view: Optional[Callable] = None):
try: try:
decoded = PassportService().verify(auth_token) decoded = PassportService().verify(auth_token)
user_id = decoded.get("user_id") user_id = decoded.get("user_id")
if not user_id:
raise Unauthorized("Invalid token: missing user_id")
except Exception as e: except Exception as e:
raise Unauthorized(f"Failed to extract user_id from token: {str(e)}") raise Unauthorized(f"Failed to extract user_id from token: {str(e)}")
if not user_id:
raise Unauthorized("Invalid token: missing user_id")
account = AccountService.load_user(user_id)
if account is None:
raise Unauthorized("Invalid token: user not found")
if account.status != Account.AccountStatus.ACTIVE:
raise Unauthorized("Invalid token: account is not active")
app_id = request.headers.get("X-App-Id") app_id = request.headers.get("X-App-Id")
if not app_id: if not app_id:
app_id = dify_config.DEFAULT_APP_ID app_id = dify_config.DEFAULT_APP_ID

Write Preview
Loading…
Cancel
Save