opensource
/
dify
mirror of https://github.com/langgenius/dify.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: remove app code check in web api

This commit is contained in:
GareArc 2025-05-29 09:57:07 +08:00
parent 25f1352675
commit a321d39cb4
No known key found for this signature in database
2 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
api/controllers/web/passport.py
View File

@ -1,17 +1,18 @@
import uuid
from datetime import UTC, datetime, timedelta
from flask import request
from flask_restful import Resource
from werkzeug.exceptions import NotFound, Unauthorized
from configs import dify_config
from controllers.web import api
from controllers.web.error import WebAppAuthRequiredError
from extensions.ext_database import db
from flask import request
from flask_restful import Resource
from libs.passport import PassportService
from models.model import App, EndUser, Site
from services.enterprise.enterprise_service import EnterpriseService
from services.feature_service import FeatureService
from werkzeug.exceptions import NotFound, Unauthorized
class PassportResource(Resource):

4
api/controllers/web/wraps.py
View File

@ -44,9 +44,7 @@ def decode_jwt_token():
if auth_scheme != "bearer":
raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")
decoded = PassportService().verify(tk)
decoded_app_code = decoded.get("app_code")
if not decoded_app_code or decoded_app_code != app_code:
raise Unauthorized("Invalid app code in token.")
app_code = decoded.get("app_code")
app_model = db.session.query(App).filter(App.id == decoded["app_id"]).first()
site = db.session.query(Site).filter(Site.code == app_code).first()
if not app_model: