OpenSource
/
dify
Watch 4
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 152 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7231 Commits
4 Branches
Tree: 299141ae01
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '299141ae01'
${ noResults }
dify/api/libs/login.py

login.py 2.4KB
Raw Blame History

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. from collections.abc import Callable

  2. from functools import wraps

  3. from typing import Union, cast

  4. 

  5. from flask import current_app, g, has_request_context, request

  6. from flask_login.config import EXEMPT_METHODS  # type: ignore

  7. from werkzeug.local import LocalProxy

  8. 

  9. from configs import dify_config

  10. from models.account import Account

  11. from models.model import EndUser

  12. 

  13. #: A proxy for the current user. If no user is logged in, this will be an

  14. #: anonymous user

  15. current_user = cast(Union[Account, EndUser, None], LocalProxy(lambda: _get_user()))

  16. from typing import ParamSpec, TypeVar

  17. 

  18. P = ParamSpec("P")

  19. R = TypeVar("R")

  20. 

  21. 

  22. def login_required(func: Callable[P, R]):

  23.     """

  24.     If you decorate a view with this, it will ensure that the current user is

  25.     logged in and authenticated before calling the actual view. (If they are

  26.     not, it calls the :attr:`LoginManager.unauthorized` callback.) For

  27.     example::

  28. 

  29.         @app.route('/post')

  30.         @login_required

  31.         def post():

  32.             pass

  33. 

  34.     If there are only certain times you need to require that your user is

  35.     logged in, you can do so with::

  36. 

  37.         if not current_user.is_authenticated:

  38.             return current_app.login_manager.unauthorized()

  39. 

  40.     ...which is essentially the code that this function adds to your views.

  41. 

  42.     It can be convenient to globally turn off authentication when unit testing.

  43.     To enable this, if the application configuration variable `LOGIN_DISABLED`

  44.     is set to `True`, this decorator will be ignored.

  45. 

  46.     .. Note ::

  47. 

  48.         Per `W3 guidelines for CORS preflight requests

  49.         <http://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0>`_,

  50.         HTTP ``OPTIONS`` requests are exempt from login checks.

  51. 

  52.     :param func: The view function to decorate.

  53.     :type func: function

  54.     """

  55. 

  56.     @wraps(func)

  57.     def decorated_view(*args: P.args, **kwargs: P.kwargs):

  58.         if request.method in EXEMPT_METHODS or dify_config.LOGIN_DISABLED:

  59.             pass

  60.         elif current_user is not None and not current_user.is_authenticated:

  61.             return current_app.login_manager.unauthorized()  # type: ignore

  62.         return current_app.ensure_sync(func)(*args, **kwargs)

  63. 

  64.     return decorated_view

  65. 

  66. 

  67. def _get_user() -> EndUser | Account | None:

  68.     if has_request_context():

  69.         if "_login_user" not in g:

  70.             current_app.login_manager._load_user()  # type: ignore

  71. 

  72.         return g._login_user  # type: ignore

  73. 

  74.     return None