opensource/dify
2
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-04-29 20:48:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: remove app code retrival in web app login

Browse Source
This commit is contained in:
GareArc 2025-05-29 11:04:05 +08:00
parent 6c3804ca49
commit 20ca9c6a3e
No known key found for this signature in database
3 changed files with 16 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
api/controllers/web/login.py
View File

@ -1,13 +1,12 @@
from flask import request
from flask_restful import Resource, reqparse
from jwt import InvalidTokenError # type: ignore
from werkzeug.exceptions import BadRequest
import services import services
from controllers.console.auth.error import EmailCodeError, EmailOrPasswordMismatchError, InvalidEmailError from controllers.console.auth.error import (EmailCodeError,
EmailOrPasswordMismatchError,
InvalidEmailError)
from controllers.console.error import AccountBannedError, AccountNotFound from controllers.console.error import AccountBannedError, AccountNotFound
from controllers.console.wraps import only_edition_enterprise, setup_required from controllers.console.wraps import only_edition_enterprise, setup_required
from controllers.web import api from controllers.web import api
from flask_restful import Resource, reqparse
from jwt import InvalidTokenError # type: ignore
from libs.helper import email from libs.helper import email
from libs.password import valid_password from libs.password import valid_password
from services.account_service import AccountService from services.account_service import AccountService
@ -26,10 +25,6 @@ class LoginApi(Resource):
parser.add_argument("password", type=valid_password, required=True, location="json") parser.add_argument("password", type=valid_password, required=True, location="json")
args = parser.parse_args() args = parser.parse_args()
app_code = request.headers.get("X-App-Code")
if app_code is None:
raise BadRequest("X-App-Code header is missing.")
try: try:
account = WebAppAuthService.authenticate(args["email"], args["password"]) account = WebAppAuthService.authenticate(args["email"], args["password"])
except services.errors.account.AccountLoginError: except services.errors.account.AccountLoginError:
@ -39,9 +34,7 @@ class LoginApi(Resource):
except services.errors.account.AccountNotFoundError: except services.errors.account.AccountNotFoundError:
raise AccountNotFound() raise AccountNotFound()
end_user = WebAppAuthService.create_end_user(email=args["email"], app_code=app_code) token = WebAppAuthService.login(account=account)
token = WebAppAuthService.login(account=account, app_code=app_code, end_user_id=end_user.id)
return {"result": "success", "token": token} return {"result": "success", "token": token}
@ -89,9 +82,6 @@ class EmailCodeLoginApi(Resource):
args = parser.parse_args() args = parser.parse_args()
user_email = args["email"] user_email = args["email"]
app_code = request.headers.get("X-App-Code")
if app_code is None:
raise BadRequest("X-App-Code header is missing.")
token_data = WebAppAuthService.get_email_code_login_data(args["token"]) token_data = WebAppAuthService.get_email_code_login_data(args["token"])
if token_data is None: if token_data is None:
@ -108,9 +98,7 @@ class EmailCodeLoginApi(Resource):
if not account: if not account:
raise AccountNotFound() raise AccountNotFound()
end_user = WebAppAuthService.create_end_user(email=user_email, app_code=app_code) token = WebAppAuthService.login(account=account)
token = WebAppAuthService.login(account=account, app_code=app_code, end_user_id=end_user.id)
AccountService.reset_login_error_rate_limit(args["email"]) AccountService.reset_login_error_rate_limit(args["email"])
return {"result": "success", "token": token} return {"result": "success", "token": token}

7
api/controllers/web/passport.py
View File

@ -1,18 +1,17 @@
import uuid import uuid
from datetime import UTC, datetime, timedelta from datetime import UTC, datetime, timedelta
from flask import request
from flask_restful import Resource
from werkzeug.exceptions import NotFound, Unauthorized
from configs import dify_config from configs import dify_config
from controllers.web import api from controllers.web import api
from controllers.web.error import WebAppAuthRequiredError from controllers.web.error import WebAppAuthRequiredError
from extensions.ext_database import db from extensions.ext_database import db
from flask import request
from flask_restful import Resource
from libs.passport import PassportService from libs.passport import PassportService
from models.model import App, EndUser, Site from models.model import App, EndUser, Site
from services.enterprise.enterprise_service import EnterpriseService from services.enterprise.enterprise_service import EnterpriseService
from services.feature_service import FeatureService from services.feature_service import FeatureService
from werkzeug.exceptions import NotFound, Unauthorized
class PassportResource(Resource): class PassportResource(Resource):

17
api/services/webapp_auth_service.py
View File

@ -2,8 +2,6 @@ import random
from datetime import UTC, datetime, timedelta from datetime import UTC, datetime, timedelta
from typing import Any, Optional, cast from typing import Any, Optional, cast
from werkzeug.exceptions import NotFound, Unauthorized
from configs import dify_config from configs import dify_config
from extensions.ext_database import db from extensions.ext_database import db
from libs.helper import TokenManager from libs.helper import TokenManager
@ -11,8 +9,10 @@ from libs.passport import PassportService
from libs.password import compare_password from libs.password import compare_password
from models.account import Account, AccountStatus from models.account import Account, AccountStatus
from models.model import App, EndUser, Site from models.model import App, EndUser, Site
from services.errors.account import AccountLoginError, AccountNotFoundError, AccountPasswordError from services.errors.account import (AccountLoginError, AccountNotFoundError,
AccountPasswordError)
from tasks.mail_email_code_login import send_email_code_login_mail_task from tasks.mail_email_code_login import send_email_code_login_mail_task
from werkzeug.exceptions import NotFound, Unauthorized
class WebAppAuthService: class WebAppAuthService:
@ -34,12 +34,8 @@ class WebAppAuthService:
return cast(Account, account) return cast(Account, account)
@classmethod @classmethod
def login(cls, account: Account, app_code: str, end_user_id: str) -> str: def login(cls, account: Account) -> str:
site = db.session.query(Site).filter(Site.code == app_code).first() access_token = cls._get_account_jwt_token(account=account)
if not site:
raise NotFound("Site not found.")
access_token = cls._get_account_jwt_token(account=account, site=site, end_user_id=end_user_id)
return access_token return access_token
@ -105,14 +101,13 @@ class WebAppAuthService:
return end_user return end_user
@classmethod @classmethod
def _get_account_jwt_token(cls, account: Account, site: Site, end_user_id: str) -> str: def _get_account_jwt_token(cls, account: Account) -> str:
exp_dt = datetime.now(UTC) + timedelta(hours=dify_config.ACCESS_TOKEN_EXPIRE_MINUTES * 24) exp_dt = datetime.now(UTC) + timedelta(hours=dify_config.ACCESS_TOKEN_EXPIRE_MINUTES * 24)
exp = int(exp_dt.timestamp()) exp = int(exp_dt.timestamp())
payload = { payload = {
"sub": "Web API Passport", "sub": "Web API Passport",
"user_id": account.id, "user_id": account.id,
"end_user_id": end_user_id,
"token_source": "webapp_login_token", "token_source": "webapp_login_token",
"exp": exp, "exp": exp,
} }