From 48a303b8e978ed497d4475f0ca614484ab97df80 Mon Sep 17 00:00:00 2001 From: crazywoola <100913391+crazywoola@users.noreply.github.com> Date: Sun, 13 Aug 2023 17:32:23 +0800 Subject: [PATCH] Feature/fix disable site (#825) --- api/.env.example | 6 +----- api/README.md | 23 ++++++++++++++++++++++- api/controllers/web/passport.py | 7 ++++--- api/controllers/web/wraps.py | 6 +++++- 4 files changed, 32 insertions(+), 10 deletions(-) diff --git a/api/.env.example b/api/.env.example index 946e5e9afc..e8e81d993a 100644 --- a/api/.env.example +++ b/api/.env.example @@ -9,17 +9,13 @@ SECRET_KEY= # Console API base URL CONSOLE_API_URL=http://127.0.0.1:5001 - -# Console frontend web base URL CONSOLE_WEB_URL=http://127.0.0.1:3000 # Service API base URL SERVICE_API_URL=http://127.0.0.1:5001 -# Web APP API base URL +# Web APP base URL APP_API_URL=http://127.0.0.1:5001 - -# Web APP frontend web base URL APP_WEB_URL=http://127.0.0.1:3000 # celery configuration diff --git a/api/README.md b/api/README.md index d5d9bdf4fa..1e1e930832 100644 --- a/api/README.md +++ b/api/README.md @@ -33,9 +33,30 @@ ```bash flask db upgrade ``` + + ⚠️ If you encounter problems with jieba, for example + + ``` + > flask db upgrade + Error: While importing 'app', an ImportError was raised: + ``` + + Please run the following command instead. + + ``` + pip install -r requirements.txt --upgrade --force-reinstall + ``` + 6. Start backend: ```bash flask run --host 0.0.0.0 --port=5001 --debug ``` 7. Setup your application by visiting http://localhost:5001/console/api/setup or other apis... -8. If you need to debug local async processing, you can run `celery -A app.celery worker -Q dataset,generation,mail`, celery can do dataset importing and other async tasks. \ No newline at end of file +8. If you need to debug local async processing, you can run `celery -A app.celery worker -Q dataset,generation,mail`, celery can do dataset importing and other async tasks. + +8. Start frontend: + + ``` + docker run -it -d --platform linux/amd64 -p 3000:3000 -e EDITION=SELF_HOSTED -e CONSOLE_URL=http://127.0.0.1:5000 --name web-self-hosted langgenius/dify-web:latest + ``` + This will start a dify frontend, now you are all set, happy coding! \ No newline at end of file diff --git a/api/controllers/web/passport.py b/api/controllers/web/passport.py index 219f6e731f..a5d3e388ac 100644 --- a/api/controllers/web/passport.py +++ b/api/controllers/web/passport.py @@ -11,13 +11,13 @@ from libs.passport import PassportService class PassportResource(Resource): """Base resource for passport.""" def get(self): - app_id = request.headers.get('X-App-Code') - if app_id is None: + app_code = request.headers.get('X-App-Code') + if app_code is None: raise Unauthorized('X-App-Code header is missing.') # get site from db and check if it is normal site = db.session.query(Site).filter( - Site.code == app_id, + Site.code == app_code, Site.status == 'normal' ).first() if not site: @@ -41,6 +41,7 @@ class PassportResource(Resource): "iss": site.app_id, 'sub': 'Web API Passport', 'app_id': site.app_id, + 'app_code': app_code, 'end_user_id': end_user.id, } diff --git a/api/controllers/web/wraps.py b/api/controllers/web/wraps.py index 314a4099ee..14c1390d6b 100644 --- a/api/controllers/web/wraps.py +++ b/api/controllers/web/wraps.py @@ -6,7 +6,7 @@ from flask_restful import Resource from werkzeug.exceptions import NotFound, Unauthorized from extensions.ext_database import db -from models.model import App, EndUser +from models.model import App, EndUser, Site from libs.passport import PassportService def validate_jwt_token(view=None): @@ -35,9 +35,13 @@ def decode_jwt_token(): if auth_scheme != 'bearer': raise Unauthorized('Invalid Authorization header format. Expected \'Bearer \' format.') decoded = PassportService().verify(tk) + app_code = decoded.get('app_code') app_model = db.session.query(App).filter(App.id == decoded['app_id']).first() + site = db.session.query(Site).filter(Site.code == app_code).first() if not app_model: raise NotFound() + if not app_code and not site: + raise Unauthorized('Site URL is no longer valid.') if app_model.enable_site is False: raise Unauthorized('Site is disabled.') end_user = db.session.query(EndUser).filter(EndUser.id == decoded['end_user_id']).first()