OpenSource
/
dify
Segui 4
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 152 Wiki Attività
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5797 Commit
4 Rami (Branch)
Albero (Tree): d186daa131
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da 'd186daa131'
${ noResults }
dify/api/controllers/web/login.py

login.py 4.6KB
Originale Blame Cronologia

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120 
  1. from flask import request

  2. from flask_restful import Resource, reqparse

  3. from jwt import InvalidTokenError  # type: ignore

  4. from werkzeug.exceptions import BadRequest

  5. 

  6. import services

  7. from controllers.console.auth.error import EmailCodeError, EmailOrPasswordMismatchError, InvalidEmailError

  8. from controllers.console.error import AccountBannedError, AccountNotFound

  9. from controllers.console.wraps import setup_required

  10. from libs.helper import email

  11. from libs.password import valid_password

  12. from services.account_service import AccountService

  13. from services.webapp_auth_service import WebAppAuthService

  14. 

  15. 

  16. class LoginApi(Resource):

  17.     """Resource for web app email/password login."""

  18. 

  19.     def post(self):

  20.         """Authenticate user and login."""

  21.         parser = reqparse.RequestParser()

  22.         parser.add_argument("email", type=email, required=True, location="json")

  23.         parser.add_argument("password", type=valid_password, required=True, location="json")

  24.         args = parser.parse_args()

  25. 

  26.         app_code = request.headers.get("X-App-Code")

  27.         if app_code is None:

  28.             raise BadRequest("X-App-Code header is missing.")

  29. 

  30.         try:

  31.             account = WebAppAuthService.authenticate(args["email"], args["password"])

  32.         except services.errors.account.AccountLoginError:

  33.             raise AccountBannedError()

  34.         except services.errors.account.AccountPasswordError:

  35.             raise EmailOrPasswordMismatchError()

  36.         except services.errors.account.AccountNotFoundError:

  37.             raise AccountNotFound()

  38. 

  39.         WebAppAuthService._validate_user_accessibility(account=account, app_code=app_code)

  40. 

  41.         end_user = WebAppAuthService.create_end_user(email=args["email"], app_code=app_code)

  42. 

  43.         token = WebAppAuthService.login(account=account, app_code=app_code, end_user_id=end_user.id)

  44.         return {"result": "success", "token": token}

  45. 

  46. 

  47. # class LogoutApi(Resource):

  48. #     @setup_required

  49. #     def get(self):

  50. #         account = cast(Account, flask_login.current_user)

  51. #         if isinstance(account, flask_login.AnonymousUserMixin):

  52. #             return {"result": "success"}

  53. #         flask_login.logout_user()

  54. #         return {"result": "success"}

  55. 

  56. 

  57. class EmailCodeLoginSendEmailApi(Resource):

  58.     @setup_required

  59.     def post(self):

  60.         parser = reqparse.RequestParser()

  61.         parser.add_argument("email", type=email, required=True, location="json")

  62.         parser.add_argument("language", type=str, required=False, location="json")

  63.         args = parser.parse_args()

  64. 

  65.         if args["language"] is not None and args["language"] == "zh-Hans":

  66.             language = "zh-Hans"

  67.         else:

  68.             language = "en-US"

  69. 

  70.         account = WebAppAuthService.get_user_through_email(args["email"])

  71.         if account is None:

  72.             raise AccountNotFound()

  73.         else:

  74.             token = WebAppAuthService.send_email_code_login_email(account=account, language=language)

  75. 

  76.         return {"result": "success", "data": token}

  77. 

  78. 

  79. class EmailCodeLoginApi(Resource):

  80.     @setup_required

  81.     def post(self):

  82.         parser = reqparse.RequestParser()

  83.         parser.add_argument("email", type=str, required=True, location="json")

  84.         parser.add_argument("code", type=str, required=True, location="json")

  85.         parser.add_argument("token", type=str, required=True, location="json")

  86.         args = parser.parse_args()

  87. 

  88.         user_email = args["email"]

  89.         app_code = request.headers.get("X-App-Code")

  90.         if app_code is None:

  91.             raise BadRequest("X-App-Code header is missing.")

  92. 

  93.         token_data = WebAppAuthService.get_email_code_login_data(args["token"])

  94.         if token_data is None:

  95.             raise InvalidTokenError()

  96. 

  97.         if token_data["email"] != args["email"]:

  98.             raise InvalidEmailError()

  99. 

  100.         if token_data["code"] != args["code"]:

  101.             raise EmailCodeError()

  102. 

  103.         WebAppAuthService.revoke_email_code_login_token(args["token"])

  104.         account = WebAppAuthService.get_user_through_email(user_email)

  105.         if not account:

  106.             raise AccountNotFound()

  107. 

  108.         WebAppAuthService._validate_user_accessibility(account=account, app_code=app_code)

  109. 

  110.         end_user = WebAppAuthService.create_end_user(email=user_email, app_code=app_code)

  111. 

  112.         token = WebAppAuthService.login(account=account, app_code=app_code, end_user_id=end_user.id)

  113.         AccountService.reset_login_error_rate_limit(args["email"])

  114.         return {"result": "success", "token": token}

  115. 

  116. 

  117. # api.add_resource(LoginApi, "/login")

  118. # api.add_resource(LogoutApi, "/logout")

  119. # api.add_resource(EmailCodeLoginSendEmailApi, "/email-code-login")

  120. # api.add_resource(EmailCodeLoginApi, "/email-code-login/validity")