add service auth api in load user from request lib

1 year ago · c68c674413
parent 6cb0287069
commit c68c674413
2 changed files with 10 additions and 11 deletions
--- a/api/controllers/service_api_with_auth/auth/login.py
+++ b/api/controllers/service_api_with_auth/auth/login.py
@ -34,8 +34,6 @@ class LogoutApi(Resource):
          - user/auth
        summary: Logout User
        description: Logs out the authenticated user and invalidates the session
-        security:
-          - ApiKeyAuth: []
        responses:
          200:
            description: Successfully logged out
@ -241,8 +239,6 @@ class RefreshTokenApi(Resource):
          - user/auth
        summary: Refresh Token
        description: Refreshes an access token using a valid refresh token
-        security:
-          - ApiKeyAuth: []
        parameters:
          - in: body
            name: body
--- a/api/extensions/ext_login.py
+++ b/api/extensions/ext_login.py
@ -1,14 +1,13 @@
 import json

+import contexts
 import flask_login  # type: ignore
+from dify_app import DifyApp
 from flask import Response, request
 from flask_login import user_loaded_from_request, user_logged_in
-from werkzeug.exceptions import Unauthorized
-
-import contexts
-from dify_app import DifyApp
 from libs.passport import PassportService
 from services.account_service import AccountService
+from werkzeug.exceptions import Unauthorized

 login_manager = flask_login.LoginManager()

@ -17,7 +16,7 @@ login_manager = flask_login.LoginManager()
@login_manager.request_loader
 def load_user_from_request(request_from_flask_login):
    """Load user based on the request."""
-    if request.blueprint not in {"console", "inner_api"}:
+    if request.blueprint not in {"console", "inner_api", "service_api_with_auth"}:
        return None
    # Check if the user_id contains a dot, indicating the old format
    auth_header = request.headers.get("Authorization", "")
@ -27,11 +26,15 @@ def load_user_from_request(request_from_flask_login):
            raise Unauthorized("Invalid Authorization token.")
    else:
        if " " not in auth_header:
-            raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")
+            raise Unauthorized(
+                "Invalid Authorization header format. Expected 'Bearer <api-key>' format."
+            )
        auth_scheme, auth_token = auth_header.split(None, 1)
        auth_scheme = auth_scheme.lower()
        if auth_scheme != "bearer":
-            raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")
+            raise Unauthorized(
+                "Invalid Authorization header format. Expected 'Bearer <api-key>' format."
+            )

    decoded = PassportService().verify(auth_token)
    user_id = decoded.get("user_id")