OpenSource
/
dify
Beobachten 4
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 152 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
6894 Commits
4 Branches
Struktur: cfb8d224da
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „cfb8d224da“
${ noResults }
dify/api/controllers/web/login.py

login.py 4.0KB
Originalformat Blame Verlauf

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112 
  1. from flask_restx import Resource, reqparse

  2. from jwt import InvalidTokenError  # type: ignore

  3. 

  4. import services

  5. from controllers.console.auth.error import (

  6.     AuthenticationFailedError,

  7.     EmailCodeError,

  8.     InvalidEmailError,

  9. )

  10. from controllers.console.error import AccountBannedError

  11. from controllers.console.wraps import only_edition_enterprise, setup_required

  12. from controllers.web import api

  13. from libs.helper import email

  14. from libs.password import valid_password

  15. from services.account_service import AccountService

  16. from services.webapp_auth_service import WebAppAuthService

  17. 

  18. 

  19. class LoginApi(Resource):

  20.     """Resource for web app email/password login."""

  21. 

  22.     @setup_required

  23.     @only_edition_enterprise

  24.     def post(self):

  25.         """Authenticate user and login."""

  26.         parser = reqparse.RequestParser()

  27.         parser.add_argument("email", type=email, required=True, location="json")

  28.         parser.add_argument("password", type=valid_password, required=True, location="json")

  29.         args = parser.parse_args()

  30. 

  31.         try:

  32.             account = WebAppAuthService.authenticate(args["email"], args["password"])

  33.         except services.errors.account.AccountLoginError:

  34.             raise AccountBannedError()

  35.         except services.errors.account.AccountPasswordError:

  36.             raise AuthenticationFailedError()

  37.         except services.errors.account.AccountNotFoundError:

  38.             raise AuthenticationFailedError()

  39. 

  40.         token = WebAppAuthService.login(account=account)

  41.         return {"result": "success", "data": {"access_token": token}}

  42. 

  43. 

  44. # class LogoutApi(Resource):

  45. #     @setup_required

  46. #     def get(self):

  47. #         account = cast(Account, flask_login.current_user)

  48. #         if isinstance(account, flask_login.AnonymousUserMixin):

  49. #             return {"result": "success"}

  50. #         flask_login.logout_user()

  51. #         return {"result": "success"}

  52. 

  53. 

  54. class EmailCodeLoginSendEmailApi(Resource):

  55.     @setup_required

  56.     @only_edition_enterprise

  57.     def post(self):

  58.         parser = reqparse.RequestParser()

  59.         parser.add_argument("email", type=email, required=True, location="json")

  60.         parser.add_argument("language", type=str, required=False, location="json")

  61.         args = parser.parse_args()

  62. 

  63.         if args["language"] is not None and args["language"] == "zh-Hans":

  64.             language = "zh-Hans"

  65.         else:

  66.             language = "en-US"

  67. 

  68.         account = WebAppAuthService.get_user_through_email(args["email"])

  69.         if account is None:

  70.             raise AuthenticationFailedError()

  71.         else:

  72.             token = WebAppAuthService.send_email_code_login_email(account=account, language=language)

  73. 

  74.         return {"result": "success", "data": token}

  75. 

  76. 

  77. class EmailCodeLoginApi(Resource):

  78.     @setup_required

  79.     @only_edition_enterprise

  80.     def post(self):

  81.         parser = reqparse.RequestParser()

  82.         parser.add_argument("email", type=str, required=True, location="json")

  83.         parser.add_argument("code", type=str, required=True, location="json")

  84.         parser.add_argument("token", type=str, required=True, location="json")

  85.         args = parser.parse_args()

  86. 

  87.         user_email = args["email"]

  88. 

  89.         token_data = WebAppAuthService.get_email_code_login_data(args["token"])

  90.         if token_data is None:

  91.             raise InvalidTokenError()

  92. 

  93.         if token_data["email"] != args["email"]:

  94.             raise InvalidEmailError()

  95. 

  96.         if token_data["code"] != args["code"]:

  97.             raise EmailCodeError()

  98. 

  99.         WebAppAuthService.revoke_email_code_login_token(args["token"])

  100.         account = WebAppAuthService.get_user_through_email(user_email)

  101.         if not account:

  102.             raise AuthenticationFailedError()

  103. 

  104.         token = WebAppAuthService.login(account=account)

  105.         AccountService.reset_login_error_rate_limit(args["email"])

  106.         return {"result": "success", "data": {"access_token": token}}

  107. 

  108. 

  109. api.add_resource(LoginApi, "/login")

  110. # api.add_resource(LogoutApi, "/logout")

  111. api.add_resource(EmailCodeLoginSendEmailApi, "/email-code-login")

  112. api.add_resource(EmailCodeLoginApi, "/email-code-login/validity")