From e0d4e5159d5fb28e26b36a8ee1f18b62690a3245 Mon Sep 17 00:00:00 2001
From: GareArc <chen4851@purdue.edu>
Date: Tue, 27 May 2025 16:28:27 +0800
Subject: [PATCH] fix: add non-sso login methods for webapp

---
 api/controllers/console/wraps.py | 16 ++++++++++++++--
 api/controllers/web/login.py     |  7 ++++++-
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/api/controllers/console/wraps.py b/api/controllers/console/wraps.py
index b8aece3beb..928ea66c43 100644
--- a/api/controllers/console/wraps.py
+++ b/api/controllers/console/wraps.py
@@ -11,7 +11,8 @@ from models.model import DifySetup
 from services.feature_service import FeatureService, LicenseStatus
 from services.operation_service import OperationService
 
-from .error import NotInitValidateError, NotSetupError, UnauthorizedAndForceLogout
+from .error import (NotInitValidateError, NotSetupError,
+                    UnauthorizedAndForceLogout)
 
 
 def account_initialization_required(view):
@@ -39,7 +40,18 @@ def only_edition_cloud(view):
     return decorated
 
 
-def only_enterprise_edition(view):
+def only_edition_enterprise(view):
+    @wraps(view)
+    def decorated(*args, **kwargs):
+        if not dify_config.ENTERPRISE_ENABLED:
+            abort(404)
+
+        return view(*args, **kwargs)
+
+    return decorated
+
+
+def only_edition_self_hosted(view):
     @wraps(view)
     def decorated(*args, **kwargs):
         if not dify_config.ENTERPRISE_ENABLED:
diff --git a/api/controllers/web/login.py b/api/controllers/web/login.py
index 4106e6a179..8c2cd0807d 100644
--- a/api/controllers/web/login.py
+++ b/api/controllers/web/login.py
@@ -7,7 +7,8 @@ from werkzeug.exceptions import BadRequest
 import services
 from controllers.console.auth.error import EmailCodeError, EmailOrPasswordMismatchError, InvalidEmailError
 from controllers.console.error import AccountBannedError, AccountNotFound
-from controllers.console.wraps import setup_required
+from controllers.console.wraps import only_edition_enterprise, setup_required
+from controllers.web import api
 from libs.helper import email
 from libs.password import valid_password
 from services.account_service import AccountService
@@ -17,6 +18,8 @@ from services.webapp_auth_service import WebAppAuthService
 class LoginApi(Resource):
     """Resource for web app email/password login."""
 
+    @setup_required
+    @only_edition_enterprise
     def post(self):
         """Authenticate user and login."""
         parser = reqparse.RequestParser()
@@ -57,6 +60,7 @@ class LoginApi(Resource):
 
 class EmailCodeLoginSendEmailApi(Resource):
     @setup_required
+    @only_edition_enterprise
     def post(self):
         parser = reqparse.RequestParser()
         parser.add_argument("email", type=email, required=True, location="json")
@@ -79,6 +83,7 @@ class EmailCodeLoginSendEmailApi(Resource):
 
 class EmailCodeLoginApi(Resource):
     @setup_required
+    @only_edition_enterprise
     def post(self):
         parser = reqparse.RequestParser()
         parser.add_argument("email", type=str, required=True, location="json")