Accueil Explorer Aide
Connexion
biheng
/
dify
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: db896255d6
Branches Tags
dify
/
api
/
controllers
/
service_api
/
wraps.py

wraps.py 2.4 KB
Historique Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. # -*- coding:utf-8 -*-
    2. 

  2. from datetime import datetime
    3. 

  3. from functools import wraps
    4. 

  4. 

  5. from flask import request
    6. 

  6. from flask_restful import Resource
    7. 

  7. from werkzeug.exceptions import NotFound, Unauthorized
    8. 

  8. 

  9. from extensions.ext_database import db
    10. 

  10. from models.dataset import Dataset
    11. 

  11. from models.model import ApiToken, App
    12. 

  12. 

  13. 

  14. def validate_app_token(view=None):
    15. 

  15.     def decorator(view):
    16. 

  16.         @wraps(view)
    17. 

  17.         def decorated(*args, **kwargs):
    18. 

  18.             api_token = validate_and_get_api_token('app')
    19. 

  19. 

  20.             app_model = db.session.query(App).get(api_token.app_id)
    21. 

  21.             if not app_model:
    22. 

  22.                 raise NotFound()
    23. 

  23. 

  24.             if app_model.status != 'normal':
    25. 

  25.                 raise NotFound()
    26. 

  26. 

  27.             if not app_model.enable_api:
    28. 

  28.                 raise NotFound()
    29. 

  29. 

  30.             return view(app_model, None, *args, **kwargs)
    31. 

  31.         return decorated
    32. 

  32. 

  33.     if view:
    34. 

  34.         return decorator(view)
    35. 

  35. 

  36.     # if view is None, it means that the decorator is used without parentheses
    37. 

  37.     # use the decorator as a function for method_decorators
    38. 

  38.     return decorator
    39. 

  39. 

  40. 

  41. def validate_dataset_token(view=None):
    42. 

  42.     def decorator(view):
    43. 

  43.         @wraps(view)
    44. 

  44.         def decorated(*args, **kwargs):
    45. 

  45.             api_token = validate_and_get_api_token('dataset')
    46. 

  46. 

  47.             dataset = db.session.query(Dataset).get(api_token.dataset_id)
    48. 

  48.             if not dataset:
    49. 

  49.                 raise NotFound()
    50. 

  50. 

  51.             return view(dataset, *args, **kwargs)
    52. 

  52.         return decorated
    53. 

  53. 

  54.     if view:
    55. 

  55.         return decorator(view)
    56. 

  56. 

  57.     # if view is None, it means that the decorator is used without parentheses
    58. 

  58.     # use the decorator as a function for method_decorators
    59. 

  59.     return decorator
    60. 

  60. 

  61. 

  62. def validate_and_get_api_token(scope=None):
    63. 

  63.     """
    64. 

  64.     Validate and get API token.
    65. 

  65.     """
    66. 

  66.     auth_header = request.headers.get('Authorization')
    67. 

  67.     if auth_header is None:
    68. 

  68.         raise Unauthorized()
    69. 

  69. 

  70.     auth_scheme, auth_token = auth_header.split(None, 1)
    71. 

  71.     auth_scheme = auth_scheme.lower()
    72. 

  72. 

  73.     if auth_scheme != 'bearer':
    74. 

  74.         raise Unauthorized()
    75. 

  75. 

  76.     api_token = db.session.query(ApiToken).filter(
    77. 

  77.         ApiToken.token == auth_token,
    78. 

  78.         ApiToken.type == scope,
    79. 

  79.     ).first()
    80. 

  80. 

  81.     if not api_token:
    82. 

  82.         raise Unauthorized()
    83. 

  83. 

  84.     api_token.last_used_at = datetime.utcnow()
    85. 

  85.     db.session.commit()
    86. 

  86. 

  87.     return api_token
    88. 

  88. 

  89. 

  90. class AppApiResource(Resource):
    91. 

  91.     method_decorators = [validate_app_token]
    92. 

  92. 

  93. 

  94. class DatasetApiResource(Resource):
    95. 

  95.     method_decorators = [validate_dataset_token]
    96.