OpenSource
/
dify
關注 4
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 152 Wiki 活動
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6814 提交
4 分支
目錄樹: cfefe4f738
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
從 'cfefe4f738'
${ noResults }
dify/api/controllers/inner_api/wraps.py

wraps.py 2.5KB
原始文件 Blame 歷史記錄

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 
  1. from base64 import b64encode

  2. from functools import wraps

  3. from hashlib import sha1

  4. from hmac import new as hmac_new

  5. 

  6. from flask import abort, request

  7. 

  8. from configs import dify_config

  9. from extensions.ext_database import db

  10. from models.model import EndUser

  11. 

  12. 

  13. def billing_inner_api_only(view):

  14.     @wraps(view)

  15.     def decorated(*args, **kwargs):

  16.         if not dify_config.INNER_API:

  17.             abort(404)

  18. 

  19.         # get header 'X-Inner-Api-Key'

  20.         inner_api_key = request.headers.get("X-Inner-Api-Key")

  21.         if not inner_api_key or inner_api_key != dify_config.INNER_API_KEY:

  22.             abort(401)

  23. 

  24.         return view(*args, **kwargs)

  25. 

  26.     return decorated

  27. 

  28. 

  29. def enterprise_inner_api_only(view):

  30.     @wraps(view)

  31.     def decorated(*args, **kwargs):

  32.         if not dify_config.INNER_API:

  33.             abort(404)

  34. 

  35.         # get header 'X-Inner-Api-Key'

  36.         inner_api_key = request.headers.get("X-Inner-Api-Key")

  37.         if not inner_api_key or inner_api_key != dify_config.INNER_API_KEY:

  38.             abort(401)

  39. 

  40.         return view(*args, **kwargs)

  41. 

  42.     return decorated

  43. 

  44. 

  45. def enterprise_inner_api_user_auth(view):

  46.     @wraps(view)

  47.     def decorated(*args, **kwargs):

  48.         if not dify_config.INNER_API:

  49.             return view(*args, **kwargs)

  50. 

  51.         # get header 'X-Inner-Api-Key'

  52.         authorization = request.headers.get("Authorization")

  53.         if not authorization:

  54.             return view(*args, **kwargs)

  55. 

  56.         parts = authorization.split(":")

  57.         if len(parts) != 2:

  58.             return view(*args, **kwargs)

  59. 

  60.         user_id, token = parts

  61.         if " " in user_id:

  62.             user_id = user_id.split(" ")[1]

  63. 

  64.         inner_api_key = request.headers.get("X-Inner-Api-Key", "")

  65. 

  66.         data_to_sign = f"DIFY {user_id}"

  67. 

  68.         signature = hmac_new(inner_api_key.encode("utf-8"), data_to_sign.encode("utf-8"), sha1)

  69.         signature_base64 = b64encode(signature.digest()).decode("utf-8")

  70. 

  71.         if signature_base64 != token:

  72.             return view(*args, **kwargs)

  73. 

  74.         kwargs["user"] = db.session.query(EndUser).where(EndUser.id == user_id).first()

  75. 

  76.         return view(*args, **kwargs)

  77. 

  78.     return decorated

  79. 

  80. 

  81. def plugin_inner_api_only(view):

  82.     @wraps(view)

  83.     def decorated(*args, **kwargs):

  84.         if not dify_config.PLUGIN_DAEMON_KEY:

  85.             abort(404)

  86. 

  87.         # get header 'X-Inner-Api-Key'

  88.         inner_api_key = request.headers.get("X-Inner-Api-Key")

  89.         if not inner_api_key or inner_api_key != dify_config.INNER_API_KEY_FOR_PLUGIN:

  90.             abort(404)

  91. 

  92.         return view(*args, **kwargs)

  93. 

  94.     return decorated