Feature/fix disable site (#825)

2025-08-11 01:18:58 +08:00 · 2023-08-13 17:32:23 +08:00 · 2023-08-13 17:32:23 +08:00 · 48a303b8e9
commit 48a303b8e9
parent 8e15ba6cd6
4 changed files with 32 additions and 10 deletions
--- a/api/.env.example
+++ b/api/.env.example
@ -9,17 +9,13 @@ SECRET_KEY=

 # Console API base URL
 CONSOLE_API_URL=http://127.0.0.1:5001
-
-# Console frontend web base URL
 CONSOLE_WEB_URL=http://127.0.0.1:3000

 # Service API base URL
 SERVICE_API_URL=http://127.0.0.1:5001

-# Web APP API base URL
+# Web APP base URL
 APP_API_URL=http://127.0.0.1:5001
-
-# Web APP frontend web base URL
 APP_WEB_URL=http://127.0.0.1:3000

 # celery configuration
--- a/api/README.md
+++ b/api/README.md
@ -33,9 +33,30 @@
   ```bash
   flask db upgrade
   ```
+
+   ⚠️ If you encounter problems with jieba, for example
+
+   ```
+   > flask db upgrade
+   Error: While importing 'app', an ImportError was raised:
+   ```
+
+   Please run the following command instead.
+
+   ```
+   pip install -r requirements.txt --upgrade --force-reinstall
+   ```
+   
 6. Start backend:
   ```bash
   flask run --host 0.0.0.0 --port=5001 --debug
   ```
 7. Setup your application by visiting http://localhost:5001/console/api/setup or other apis...
-8. If you need to debug local async processing, you can run `celery -A app.celery worker -Q dataset,generation,mail`, celery can do dataset importing and other async tasks.
+8. If you need to debug local async processing, you can run `celery -A app.celery worker -Q dataset,generation,mail`, celery can do dataset importing and other async tasks.
+
+8. Start frontend:
+
+   ```
+   docker run -it -d --platform linux/amd64 -p 3000:3000 -e EDITION=SELF_HOSTED -e CONSOLE_URL=http://127.0.0.1:5000 --name web-self-hosted langgenius/dify-web:latest
+   ```
+   This will start a dify frontend, now you are all set, happy coding!
--- a/api/controllers/web/passport.py
+++ b/api/controllers/web/passport.py
@ -11,13 +11,13 @@ from libs.passport import PassportService
 class PassportResource(Resource):
    """Base resource for passport."""
    def get(self):
-        app_id = request.headers.get('X-App-Code')
-        if app_id is None:
+        app_code = request.headers.get('X-App-Code')
+        if app_code is None:
            raise Unauthorized('X-App-Code header is missing.')

        # get site from db and check if it is normal
        site = db.session.query(Site).filter(
-            Site.code == app_id,
+            Site.code == app_code,
            Site.status == 'normal'
        ).first()
        if not site:
@ -41,6 +41,7 @@ class PassportResource(Resource):
            "iss": site.app_id,
            'sub': 'Web API Passport',
            'app_id': site.app_id,
+            'app_code': app_code,
            'end_user_id': end_user.id,
        }

--- a/api/controllers/web/wraps.py
+++ b/api/controllers/web/wraps.py
@ -6,7 +6,7 @@ from flask_restful import Resource
 from werkzeug.exceptions import NotFound, Unauthorized

 from extensions.ext_database import db
-from models.model import App, EndUser
+from models.model import App, EndUser, Site
 from libs.passport import PassportService

 def validate_jwt_token(view=None):
@ -35,9 +35,13 @@ def decode_jwt_token():
    if auth_scheme != 'bearer':
        raise Unauthorized('Invalid Authorization header format. Expected \'Bearer <api-key>\' format.')
    decoded = PassportService().verify(tk)
+    app_code = decoded.get('app_code')
    app_model = db.session.query(App).filter(App.id == decoded['app_id']).first()
+    site = db.session.query(Site).filter(Site.code == app_code).first()
    if not app_model:
        raise NotFound()
+    if not app_code and not site:
+        raise Unauthorized('Site URL is no longer valid.')
    if app_model.enable_site is False:
        raise Unauthorized('Site is disabled.')
    end_user = db.session.query(EndUser).filter(EndUser.id == decoded['end_user_id']).first()