OpenSource
/
dify
Observar 4
Favorito 0
Fork 0
Código Issues 0 Pull requests 0 Versões 152 Wiki Atividade
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
6866 Commits
4 Branches
Tag: 9a18911eba
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de 9a18911eba
${ noResults }
dify/api/controllers/web/app.py

app.py 4.3KB
Original Anotar Histórico

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119 
  1. import logging

  2. 

  3. from flask import request

  4. from flask_restx import Resource, marshal_with, reqparse

  5. from werkzeug.exceptions import Unauthorized

  6. 

  7. from controllers.common import fields

  8. from controllers.web import api

  9. from controllers.web.error import AppUnavailableError

  10. from controllers.web.wraps import WebApiResource

  11. from core.app.app_config.common.parameters_mapping import get_parameters_from_feature_dict

  12. from libs.passport import PassportService

  13. from models.model import App, AppMode

  14. from services.app_service import AppService

  15. from services.enterprise.enterprise_service import EnterpriseService

  16. from services.feature_service import FeatureService

  17. from services.webapp_auth_service import WebAppAuthService

  18. 

  19. 

  20. class AppParameterApi(WebApiResource):

  21.     """Resource for app variables."""

  22. 

  23.     @marshal_with(fields.parameters_fields)

  24.     def get(self, app_model: App, end_user):

  25.         """Retrieve app parameters."""

  26.         if app_model.mode in {AppMode.ADVANCED_CHAT.value, AppMode.WORKFLOW.value}:

  27.             workflow = app_model.workflow

  28.             if workflow is None:

  29.                 raise AppUnavailableError()

  30. 

  31.             features_dict = workflow.features_dict

  32.             user_input_form = workflow.user_input_form(to_old_structure=True)

  33.         else:

  34.             app_model_config = app_model.app_model_config

  35.             if app_model_config is None:

  36.                 raise AppUnavailableError()

  37. 

  38.             features_dict = app_model_config.to_dict()

  39. 

  40.             user_input_form = features_dict.get("user_input_form", [])

  41. 

  42.         return get_parameters_from_feature_dict(features_dict=features_dict, user_input_form=user_input_form)

  43. 

  44. 

  45. class AppMeta(WebApiResource):

  46.     def get(self, app_model: App, end_user):

  47.         """Get app meta"""

  48.         return AppService().get_app_meta(app_model)

  49. 

  50. 

  51. class AppAccessMode(Resource):

  52.     def get(self):

  53.         parser = reqparse.RequestParser()

  54.         parser.add_argument("appId", type=str, required=False, location="args")

  55.         parser.add_argument("appCode", type=str, required=False, location="args")

  56.         args = parser.parse_args()

  57. 

  58.         features = FeatureService.get_system_features()

  59.         if not features.webapp_auth.enabled:

  60.             return {"accessMode": "public"}

  61. 

  62.         app_id = args.get("appId")

  63.         if args.get("appCode"):

  64.             app_code = args["appCode"]

  65.             app_id = AppService.get_app_id_by_code(app_code)

  66. 

  67.         if not app_id:

  68.             raise ValueError("appId or appCode must be provided")

  69. 

  70.         res = EnterpriseService.WebAppAuth.get_app_access_mode_by_id(app_id)

  71. 

  72.         return {"accessMode": res.access_mode}

  73. 

  74. 

  75. class AppWebAuthPermission(Resource):

  76.     def get(self):

  77.         user_id = "visitor"

  78.         try:

  79.             auth_header = request.headers.get("Authorization")

  80.             if auth_header is None:

  81.                 raise Unauthorized("Authorization header is missing.")

  82.             if " " not in auth_header:

  83.                 raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")

  84. 

  85.             auth_scheme, tk = auth_header.split(None, 1)

  86.             auth_scheme = auth_scheme.lower()

  87.             if auth_scheme != "bearer":

  88.                 raise Unauthorized("Authorization scheme must be 'Bearer'")

  89. 

  90.             decoded = PassportService().verify(tk)

  91.             user_id = decoded.get("user_id", "visitor")

  92.         except Unauthorized:

  93.             raise

  94.         except Exception:

  95.             logging.exception("Unexpected error during auth verification")

  96.             raise

  97. 

  98.         features = FeatureService.get_system_features()

  99.         if not features.webapp_auth.enabled:

  100.             return {"result": True}

  101. 

  102.         parser = reqparse.RequestParser()

  103.         parser.add_argument("appId", type=str, required=True, location="args")

  104.         args = parser.parse_args()

  105. 

  106.         app_id = args["appId"]

  107.         app_code = AppService.get_app_code_by_id(app_id)

  108. 

  109.         res = True

  110.         if WebAppAuthService.is_app_require_permission_check(app_id=app_id):

  111.             res = EnterpriseService.WebAppAuth.is_user_allowed_to_access_webapp(str(user_id), app_code)

  112.         return {"result": res}

  113. 

  114. 

  115. api.add_resource(AppParameterApi, "/parameters")

  116. api.add_resource(AppMeta, "/meta")

  117. # webapp auth apis

  118. api.add_resource(AppAccessMode, "/webapp/access-mode")

  119. api.add_resource(AppWebAuthPermission, "/webapp/permission")