add TODO

api/controllers/console/auth/login.py

@@ -34,6 +34,7 @@ from services.errors.workspace import WorkSpaceNotAllowedCreateError
 from services.feature_service import FeatureService
 
 
+# TODO: copy as a separate auth service api
 class LoginApi(Resource):
     """Resource for user login."""
 

api/controllers/service_api/app/completion.py

@@ -1,5 +1,6 @@
 import logging
 
+from libs.login import login_required
 from flask_restful import Resource, reqparse  # type: ignore
 from werkzeug.exceptions import InternalServerError, NotFound
 
@@ -92,6 +93,7 @@ class CompletionStopApi(Resource):
 
 
 class ChatApi(Resource):
+    @login_required
     @validate_app_token(fetch_user_arg=FetchUserArg(fetch_from=WhereisUserArg.JSON, required=True))
     def post(self, app_model: App, end_user: EndUser):
         app_mode = AppMode.value_of(app_model.mode)

api/controllers/service_api/wraps.py

@@ -34,6 +34,7 @@ class FetchUserArg(BaseModel):
     required: bool = False
 
 
+# TODO: add auth jwt token check
 def validate_app_token(view: Optional[Callable] = None, *, fetch_user_arg: Optional[FetchUserArg] = None):
     def decorator(view_func):
         @wraps(view_func)

api/extensions/ext_login.py

@@ -17,8 +17,11 @@ login_manager = flask_login.LoginManager()
 @login_manager.request_loader
 def load_user_from_request(request_from_flask_login):
     """Load user based on the request."""
-    if request.blueprint not in {"console", "inner_api"}:
+    # TODO: if in the service_api, then we need to check the jwt token
+
+    if request.blueprint not in {"console", "inner_api", "service_api", "admin_api"}:
         return None
+
     # Check if the user_id contains a dot, indicating the old format
     auth_header = request.headers.get("Authorization", "")
     if not auth_header: