yujunjun/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2025-10-31 10:53:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix/disable site when change code (#775)

Browse Source
This commit is contained in:
crazywoola 2023-08-08 10:00:00 +08:00 committed by GitHub
parent a8d5ef9894
commit 3d194787b4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
api/controllers/web/passport.py
View File

@ -11,13 +11,13 @@ from libs.passport import PassportService
class PassportResource(Resource): class PassportResource(Resource):
"""Base resource for passport.""" """Base resource for passport."""
def get(self): def get(self):
app_id = request.headers.get('X-App-Code') app_code = request.headers.get('X-App-Code')
if app_id is None: if app_code is None:
raise Unauthorized('X-App-Code header is missing.') raise Unauthorized('X-App-Code header is missing.')
# get site from db and check if it is normal # get site from db and check if it is normal
site = db.session.query(Site).filter( site = db.session.query(Site).filter(
Site.code == app_id, Site.code == app_code,
Site.status == 'normal' Site.status == 'normal'
).first() ).first()
if not site: if not site:
@ -41,6 +41,7 @@ class PassportResource(Resource):
"iss": site.app_id, "iss": site.app_id,
'sub': 'Web API Passport', 'sub': 'Web API Passport',
'app_id': site.app_id, 'app_id': site.app_id,
'app_code': app_code,
'end_user_id': end_user.id, 'end_user_id': end_user.id,
} }

6
api/controllers/web/wraps.py
View File

@ -6,7 +6,7 @@ from flask_restful import Resource
from werkzeug.exceptions import NotFound, Unauthorized from werkzeug.exceptions import NotFound, Unauthorized
from extensions.ext_database import db from extensions.ext_database import db
from models.model import App, EndUser from models.model import App, EndUser, Site
from libs.passport import PassportService from libs.passport import PassportService
def validate_jwt_token(view=None): def validate_jwt_token(view=None):
@ -35,9 +35,13 @@ def decode_jwt_token():
if auth_scheme != 'bearer': if auth_scheme != 'bearer':
raise Unauthorized('Invalid Authorization header format. Expected \'Bearer <api-key>\' format.') raise Unauthorized('Invalid Authorization header format. Expected \'Bearer <api-key>\' format.')
decoded = PassportService().verify(tk) decoded = PassportService().verify(tk)
app_model = db.session.query(App).filter(App.id == decoded['app_id']).first() app_model = db.session.query(App).filter(App.id == decoded['app_id']).first()
site = db.session.query(Site).filter(Site.code == decoded['app_code']).first()
if not app_model: if not app_model:
raise NotFound() raise NotFound()
if not site:
raise Unauthorized('Site URL is no longer valid.')
if app_model.enable_site is False: if app_model.enable_site is False:
raise Unauthorized('Site is disabled.') raise Unauthorized('Site is disabled.')
end_user = db.session.query(EndUser).filter(EndUser.id == decoded['end_user_id']).first() end_user = db.session.query(EndUser).filter(EndUser.id == decoded['end_user_id']).first()