OpenSource
/
ragflow
Observar 4
Favorito 0
Fork 0
Código Issues 0 Pull requests 0 Versões 33 Wiki Atividade
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
1396 Commits
7 Branches
Tag: b9fa00f341
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de b9fa00f341
${ noResults }
ragflow/api/apps/user_app.py

user_app.py 15KB
Original Anotar Histórico

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424 
  1. #

  2. #  Copyright 2024 The InfiniFlow Authors. All Rights Reserved.

  3. #

  4. #  Licensed under the Apache License, Version 2.0 (the "License");

  5. #  you may not use this file except in compliance with the License.

  6. #  You may obtain a copy of the License at

  7. #

  8. #      http://www.apache.org/licenses/LICENSE-2.0

  9. #

  10. #  Unless required by applicable law or agreed to in writing, software

  11. #  distributed under the License is distributed on an "AS IS" BASIS,

  12. #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13. #  See the License for the specific language governing permissions and

  14. #  limitations under the License.

  15. #

  16. import json

  17. import re

  18. from datetime import datetime

  19. 

  20. from flask import request, session, redirect

  21. from werkzeug.security import generate_password_hash, check_password_hash

  22. from flask_login import login_required, current_user, login_user, logout_user

  23. 

  24. from api.db.db_models import TenantLLM

  25. from api.db.services.llm_service import TenantLLMService, LLMService

  26. from api.utils.api_utils import server_error_response, validate_request, get_data_error_result

  27. from api.utils import get_uuid, get_format_time, decrypt, download_img, current_timestamp, datetime_format

  28. from api.db import UserTenantRole, LLMType, FileType

  29. from api.settings import RetCode, GITHUB_OAUTH, FEISHU_OAUTH, CHAT_MDL, EMBEDDING_MDL, ASR_MDL, IMAGE2TEXT_MDL, PARSERS, \

  30.     API_KEY, \

  31.     LLM_FACTORY, LLM_BASE_URL, RERANK_MDL

  32. from api.db.services.user_service import UserService, TenantService, UserTenantService

  33. from api.db.services.file_service import FileService

  34. from api.settings import stat_logger

  35. from api.utils.api_utils import get_json_result, construct_response

  36. 

  37. 

  38. @manager.route('/login', methods=['POST', 'GET'])

  39. def login():

  40.     if not request.json:

  41.         return get_json_result(data=False,

  42.                                retcode=RetCode.AUTHENTICATION_ERROR,

  43.                                retmsg='Unauthorized!')

  44. 

  45.     email = request.json.get('email', "")

  46.     users = UserService.query(email=email)

  47.     if not users:

  48.         return get_json_result(data=False,

  49.                                retcode=RetCode.AUTHENTICATION_ERROR,

  50.                                retmsg=f'Email: {email} is not registered!')

  51. 

  52.     password = request.json.get('password')

  53.     try:

  54.         password = decrypt(password)

  55.     except BaseException:

  56.         return get_json_result(data=False,

  57.                                retcode=RetCode.SERVER_ERROR,

  58.                                retmsg='Fail to crypt password')

  59. 

  60.     user = UserService.query_user(email, password)

  61.     if user:

  62.         response_data = user.to_json()

  63.         user.access_token = get_uuid()

  64.         login_user(user)

  65.         user.update_time = current_timestamp(),

  66.         user.update_date = datetime_format(datetime.now()),

  67.         user.save()

  68.         msg = "Welcome back!"

  69.         return construct_response(data=response_data, auth=user.get_id(), retmsg=msg)

  70.     else:

  71.         return get_json_result(data=False,

  72.                                retcode=RetCode.AUTHENTICATION_ERROR,

  73.                                retmsg='Email and password do not match!')

  74. 

  75. 

  76. @manager.route('/github_callback', methods=['GET'])

  77. def github_callback():

  78.     import requests

  79.     res = requests.post(GITHUB_OAUTH.get("url"),

  80.                         data={

  81.                             "client_id": GITHUB_OAUTH.get("client_id"),

  82.                             "client_secret": GITHUB_OAUTH.get("secret_key"),

  83.                             "code": request.args.get('code')},

  84.                         headers={"Accept": "application/json"})

  85.     res = res.json()

  86.     if "error" in res:

  87.         return redirect("/?error=%s" % res["error_description"])

  88. 

  89.     if "user:email" not in res["scope"].split(","):

  90.         return redirect("/?error=user:email not in scope")

  91. 

  92.     session["access_token"] = res["access_token"]

  93.     session["access_token_from"] = "github"

  94.     user_info = user_info_from_github(session["access_token"])

  95.     email_address = user_info["email"]

  96.     users = UserService.query(email=email_address)

  97.     user_id = get_uuid()

  98.     if not users:

  99.         # User isn't try to register

  100.         try:

  101.             try:

  102.                 avatar = download_img(user_info["avatar_url"])

  103.             except Exception as e:

  104.                 stat_logger.exception(e)

  105.                 avatar = ""

  106.             users = user_register(user_id, {

  107.                 "access_token": session["access_token"],

  108.                 "email": email_address,

  109.                 "avatar": avatar,

  110.                 "nickname": user_info["login"],

  111.                 "login_channel": "github",

  112.                 "last_login_time": get_format_time(),

  113.                 "is_superuser": False,

  114.             })

  115.             if not users:

  116.                 raise Exception(f'Fail to register {email_address}.')

  117.             if len(users) > 1:

  118.                 raise Exception(f'Same email: {email_address} exists!')

  119. 

  120.             # Try to log in

  121.             user = users[0]

  122.             login_user(user)

  123.             return redirect("/?auth=%s" % user.get_id())

  124.         except Exception as e:

  125.             rollback_user_registration(user_id)

  126.             stat_logger.exception(e)

  127.             return redirect("/?error=%s" % str(e))

  128. 

  129.     # User has already registered, try to log in

  130.     user = users[0]

  131.     user.access_token = get_uuid()

  132.     login_user(user)

  133.     user.save()

  134.     return redirect("/?auth=%s" % user.get_id())

  135. 

  136. 

  137. @manager.route('/feishu_callback', methods=['GET'])

  138. def feishu_callback():

  139.     import requests

  140.     app_access_token_res = requests.post(FEISHU_OAUTH.get("app_access_token_url"),

  141.                                          data=json.dumps({

  142.                                              "app_id": FEISHU_OAUTH.get("app_id"),

  143.                                              "app_secret": FEISHU_OAUTH.get("app_secret")

  144.                                          }),

  145.                                          headers={"Content-Type": "application/json; charset=utf-8"})

  146.     app_access_token_res = app_access_token_res.json()

  147.     if app_access_token_res['code'] != 0:

  148.         return redirect("/?error=%s" % app_access_token_res)

  149. 

  150.     res = requests.post(FEISHU_OAUTH.get("user_access_token_url"),

  151.                         data=json.dumps({

  152.                             "grant_type": FEISHU_OAUTH.get("grant_type"),

  153.                             "code": request.args.get('code')

  154.                         }),

  155.                         headers={

  156.                             "Content-Type": "application/json; charset=utf-8",

  157.                             'Authorization': f"Bearer {app_access_token_res['app_access_token']}"

  158.                         })

  159.     res = res.json()

  160.     if res['code'] != 0:

  161.         return redirect("/?error=%s" % res["message"])

  162. 

  163.     if "contact:user.email:readonly" not in res["data"]["scope"].split(" "):

  164.         return redirect("/?error=contact:user.email:readonly not in scope")

  165.     session["access_token"] = res["data"]["access_token"]

  166.     session["access_token_from"] = "feishu"

  167.     user_info = user_info_from_feishu(session["access_token"])

  168.     email_address = user_info["email"]

  169.     users = UserService.query(email=email_address)

  170.     user_id = get_uuid()

  171.     if not users:

  172.         # User isn't try to register

  173.         try:

  174.             try:

  175.                 avatar = download_img(user_info["avatar_url"])

  176.             except Exception as e:

  177.                 stat_logger.exception(e)

  178.                 avatar = ""

  179.             users = user_register(user_id, {

  180.                 "access_token": session["access_token"],

  181.                 "email": email_address,

  182.                 "avatar": avatar,

  183.                 "nickname": user_info["en_name"],

  184.                 "login_channel": "feishu",

  185.                 "last_login_time": get_format_time(),

  186.                 "is_superuser": False,

  187.             })

  188.             if not users:

  189.                 raise Exception(f'Fail to register {email_address}.')

  190.             if len(users) > 1:

  191.                 raise Exception(f'Same email: {email_address} exists!')

  192. 

  193.             # Try to log in

  194.             user = users[0]

  195.             login_user(user)

  196.             return redirect("/?auth=%s" % user.get_id())

  197.         except Exception as e:

  198.             rollback_user_registration(user_id)

  199.             stat_logger.exception(e)

  200.             return redirect("/?error=%s" % str(e))

  201. 

  202.     # User has already registered, try to log in

  203.     user = users[0]

  204.     user.access_token = get_uuid()

  205.     login_user(user)

  206.     user.save()

  207.     return redirect("/?auth=%s" % user.get_id())

  208. 

  209. 

  210. def user_info_from_feishu(access_token):

  211.     import requests

  212.     headers = {"Content-Type": "application/json; charset=utf-8",

  213.                'Authorization': f"Bearer {access_token}"}

  214.     res = requests.get(

  215.         f"https://open.feishu.cn/open-apis/authen/v1/user_info",

  216.         headers=headers)

  217.     user_info = res.json()["data"]

  218.     user_info["email"] = None if user_info.get("email") == "" else user_info["email"]

  219.     return user_info

  220. 

  221. 

  222. def user_info_from_github(access_token):

  223.     import requests

  224.     headers = {"Accept": "application/json",

  225.                'Authorization': f"token {access_token}"}

  226.     res = requests.get(

  227.         f"https://api.github.com/user?access_token={access_token}",

  228.         headers=headers)

  229.     user_info = res.json()

  230.     email_info = requests.get(

  231.         f"https://api.github.com/user/emails?access_token={access_token}",

  232.         headers=headers).json()

  233.     user_info["email"] = next(

  234.         (email for email in email_info if email['primary'] == True),

  235.         None)["email"]

  236.     return user_info

  237. 

  238. 

  239. @manager.route("/logout", methods=['GET'])

  240. @login_required

  241. def log_out():

  242.     current_user.access_token = ""

  243.     current_user.save()

  244.     logout_user()

  245.     return get_json_result(data=True)

  246. 

  247. 

  248. @manager.route("/setting", methods=["POST"])

  249. @login_required

  250. def setting_user():

  251.     update_dict = {}

  252.     request_data = request.json

  253.     if request_data.get("password"):

  254.         new_password = request_data.get("new_password")

  255.         if not check_password_hash(

  256.                 current_user.password, decrypt(request_data["password"])):

  257.             return get_json_result(data=False, retcode=RetCode.AUTHENTICATION_ERROR, retmsg='Password error!')

  258. 

  259.         if new_password:

  260.             update_dict["password"] = generate_password_hash(decrypt(new_password))

  261. 

  262.     for k in request_data.keys():

  263.         if k in ["password", "new_password"]:

  264.             continue

  265.         update_dict[k] = request_data[k]

  266. 

  267.     try:

  268.         UserService.update_by_id(current_user.id, update_dict)

  269.         return get_json_result(data=True)

  270.     except Exception as e:

  271.         stat_logger.exception(e)

  272.         return get_json_result(data=False, retmsg='Update failure!', retcode=RetCode.EXCEPTION_ERROR)

  273. 

  274. 

  275. @manager.route("/info", methods=["GET"])

  276. @login_required

  277. def user_profile():

  278.     return get_json_result(data=current_user.to_dict())

  279. 

  280. 

  281. def rollback_user_registration(user_id):

  282.     try:

  283.         UserService.delete_by_id(user_id)

  284.     except Exception as e:

  285.         pass

  286.     try:

  287.         TenantService.delete_by_id(user_id)

  288.     except Exception as e:

  289.         pass

  290.     try:

  291.         u = UserTenantService.query(tenant_id=user_id)

  292.         if u:

  293.             UserTenantService.delete_by_id(u[0].id)

  294.     except Exception as e:

  295.         pass

  296.     try:

  297.         TenantLLM.delete().where(TenantLLM.tenant_id == user_id).execute()

  298.     except Exception as e:

  299.         pass

  300. 

  301. 

  302. def user_register(user_id, user):

  303.     user["id"] = user_id

  304.     tenant = {

  305.         "id": user_id,

  306.         "name": user["nickname"] + "‘s Kingdom",

  307.         "llm_id": CHAT_MDL,

  308.         "embd_id": EMBEDDING_MDL,

  309.         "asr_id": ASR_MDL,

  310.         "parser_ids": PARSERS,

  311.         "img2txt_id": IMAGE2TEXT_MDL,

  312.         "rerank_id": RERANK_MDL

  313.     }

  314.     usr_tenant = {

  315.         "tenant_id": user_id,

  316.         "user_id": user_id,

  317.         "invited_by": user_id,

  318.         "role": UserTenantRole.OWNER

  319.     }

  320.     file_id = get_uuid()

  321.     file = {

  322.         "id": file_id,

  323.         "parent_id": file_id,

  324.         "tenant_id": user_id,

  325.         "created_by": user_id,

  326.         "name": "/",

  327.         "type": FileType.FOLDER.value,

  328.         "size": 0,

  329.         "location": "",

  330.     }

  331.     tenant_llm = []

  332.     for llm in LLMService.query(fid=LLM_FACTORY):

  333.         tenant_llm.append({"tenant_id": user_id,

  334.                            "llm_factory": LLM_FACTORY,

  335.                            "llm_name": llm.llm_name,

  336.                            "model_type": llm.model_type,

  337.                            "api_key": API_KEY,

  338.                            "api_base": LLM_BASE_URL

  339.                            })

  340. 

  341.     if not UserService.save(**user):

  342.         return

  343.     TenantService.insert(**tenant)

  344.     UserTenantService.insert(**usr_tenant)

  345.     TenantLLMService.insert_many(tenant_llm)

  346.     FileService.insert(file)

  347.     return UserService.query(email=user["email"])

  348. 

  349. 

  350. @manager.route("/register", methods=["POST"])

  351. @validate_request("nickname", "email", "password")

  352. def user_add():

  353.     req = request.json

  354.     email_address = req["email"]

  355. 

  356.     # Validate the email address

  357.     if not re.match(r"^[\w\._-]+@([\w_-]+\.)+[\w-]{2,5}$", email_address):

  358.         return get_json_result(data=False,

  359.                                retmsg=f'Invalid email address: {email_address}!',

  360.                                retcode=RetCode.OPERATING_ERROR)

  361. 

  362.     # Check if the email address is already used

  363.     if UserService.query(email=email_address):

  364.         return get_json_result(

  365.             data=False,

  366.             retmsg=f'Email: {email_address} has already registered!',

  367.             retcode=RetCode.OPERATING_ERROR)

  368. 

  369.     # Construct user info data

  370.     nickname = req["nickname"]

  371.     user_dict = {

  372.         "access_token": get_uuid(),

  373.         "email": email_address,

  374.         "nickname": nickname,

  375.         "password": decrypt(req["password"]),

  376.         "login_channel": "password",

  377.         "last_login_time": get_format_time(),

  378.         "is_superuser": False,

  379.     }

  380. 

  381.     user_id = get_uuid()

  382.     try:

  383.         users = user_register(user_id, user_dict)

  384.         if not users:

  385.             raise Exception(f'Fail to register {email_address}.')

  386.         if len(users) > 1:

  387.             raise Exception(f'Same email: {email_address} exists!')

  388.         user = users[0]

  389.         login_user(user)

  390.         return construct_response(data=user.to_json(),

  391.                                   auth=user.get_id(),

  392.                                   retmsg=f"{nickname}, welcome aboard!")

  393.     except Exception as e:

  394.         rollback_user_registration(user_id)

  395.         stat_logger.exception(e)

  396.         return get_json_result(data=False,

  397.                                retmsg=f'User registration failure, error: {str(e)}',

  398.                                retcode=RetCode.EXCEPTION_ERROR)

  399. 

  400. 

  401. @manager.route("/tenant_info", methods=["GET"])

  402. @login_required

  403. def tenant_info():

  404.     try:

  405.         tenants = TenantService.get_info_by(current_user.id)

  406.         if not tenants:

  407.             return get_data_error_result(retmsg="Tenant not found!")

  408.         return get_json_result(data=tenants[0])

  409.     except Exception as e:

  410.         return server_error_response(e)

  411. 

  412. 

  413. @manager.route("/set_tenant_info", methods=["POST"])

  414. @login_required

  415. @validate_request("tenant_id", "asr_id", "embd_id", "img2txt_id", "llm_id")

  416. def set_tenant_info():

  417.     req = request.json

  418.     try:

  419.         tid = req["tenant_id"]

  420.         del req["tenant_id"]

  421.         TenantService.update_by_id(tid, req)

  422.         return get_json_result(data=True)

  423.     except Exception as e:

  424.         return server_error_response(e)