ngskcloud
/
gcgj-dify-1.7.0
17
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add service auth api in load user from request lib

Browse Source
pull/21891/head
ytqh 1 year ago
parent 6cb0287069
commit c68c674413
2 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File

4
api/controllers/service_api_with_auth/auth/login.py
Unescape Escape View File

@ -34,8 +34,6 @@ class LogoutApi(Resource):
- user/auth - user/auth
summary: Logout User summary: Logout User
description: Logs out the authenticated user and invalidates the session description: Logs out the authenticated user and invalidates the session
security:
- ApiKeyAuth: []
responses: responses:
200: 200:
description: Successfully logged out description: Successfully logged out
@ -241,8 +239,6 @@ class RefreshTokenApi(Resource):
- user/auth - user/auth
summary: Refresh Token summary: Refresh Token
description: Refreshes an access token using a valid refresh token description: Refreshes an access token using a valid refresh token
security:
- ApiKeyAuth: []
parameters: parameters:
- in: body - in: body
name: body name: body

17
api/extensions/ext_login.py
Unescape Escape View File

@ -1,14 +1,13 @@
import json import json
import contexts
import flask_login # type: ignore import flask_login # type: ignore
from dify_app import DifyApp
from flask import Response, request from flask import Response, request
from flask_login import user_loaded_from_request, user_logged_in from flask_login import user_loaded_from_request, user_logged_in
from werkzeug.exceptions import Unauthorized
import contexts
from dify_app import DifyApp
from libs.passport import PassportService from libs.passport import PassportService
from services.account_service import AccountService from services.account_service import AccountService
from werkzeug.exceptions import Unauthorized
login_manager = flask_login.LoginManager() login_manager = flask_login.LoginManager()
@ -17,7 +16,7 @@ login_manager = flask_login.LoginManager()
@login_manager.request_loader @login_manager.request_loader
def load_user_from_request(request_from_flask_login): def load_user_from_request(request_from_flask_login):
"""Load user based on the request.""" """Load user based on the request."""
if request.blueprint not in {"console", "inner_api"}: if request.blueprint not in {"console", "inner_api", "service_api_with_auth"}:
return None return None
# Check if the user_id contains a dot, indicating the old format # Check if the user_id contains a dot, indicating the old format
auth_header = request.headers.get("Authorization", "") auth_header = request.headers.get("Authorization", "")
@ -27,11 +26,15 @@ def load_user_from_request(request_from_flask_login):
raise Unauthorized("Invalid Authorization token.") raise Unauthorized("Invalid Authorization token.")
else: else:
if " " not in auth_header: if " " not in auth_header:
raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.") raise Unauthorized(
"Invalid Authorization header format. Expected 'Bearer <api-key>' format."
)
auth_scheme, auth_token = auth_header.split(None, 1) auth_scheme, auth_token = auth_header.split(None, 1)
auth_scheme = auth_scheme.lower() auth_scheme = auth_scheme.lower()
if auth_scheme != "bearer": if auth_scheme != "bearer":
raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.") raise Unauthorized(
"Invalid Authorization header format. Expected 'Bearer <api-key>' format."
)
decoded = PassportService().verify(auth_token) decoded = PassportService().verify(auth_token)
user_id = decoded.get("user_id") user_id = decoded.get("user_id")

Write Preview
Loading…
Cancel
Save