diff --git a/apps/chat/serializers/chat_authentication.py b/apps/chat/serializers/chat_authentication.py index d3bcc0549..e2cccf3f4 100644 --- a/apps/chat/serializers/chat_authentication.py +++ b/apps/chat/serializers/chat_authentication.py @@ -84,17 +84,20 @@ class AnonymousAuthenticationSerializer(serializers.Serializer): access_token = self.data.get("access_token") application_access_token = QuerySet(ApplicationAccessToken).filter(access_token=access_token).first() if application_access_token is not None and application_access_token.is_active: - platform_user = self.get_platform_user(request) - if platform_user is not None: - chat_user_id = str(platform_user.id) - chat_user_type = ChatUserType.PLATFORM_USER.value - user_id = platform_user.id - else: - api_key = self.data.get('api_key') or self.get_request_api_key(request) + api_key = self.data.get('api_key') or self.get_request_api_key(request) + if api_key: application_api_key = self.validate_application_api_key(application_access_token.application_id, api_key) chat_user_id = str(application_api_key.id) chat_user_type = ChatUserType.APPLICATION_API_KEY.value user_id = None + else: + platform_user = self.get_platform_user(request) + if platform_user is not None: + chat_user_id = str(platform_user.id) + chat_user_type = ChatUserType.PLATFORM_USER.value + user_id = platform_user.id + else: + raise AppUnauthorizedFailed(401, _("Authentication information is incorrect")) _type = AuthenticationType.CHAT_ANONYMOUS_USER token = ChatUserToken(application_access_token.application_id, user_id, access_token, _type, chat_user_type, chat_user_id, ChatAuthentication(None)).to_token() @@ -116,9 +119,11 @@ class AuthProfileSerializer(serializers.Serializer): if not application_access_token.is_active: raise NotFound404(404, _("Invalid access_token")) application_id = application_access_token.application_id - if AnonymousAuthenticationSerializer.get_platform_user(request) is None: - api_key = self.data.get("api_key") or AnonymousAuthenticationSerializer.get_request_api_key(request) + api_key = self.data.get("api_key") or AnonymousAuthenticationSerializer.get_request_api_key(request) + if api_key: AnonymousAuthenticationSerializer.validate_application_api_key(application_id, api_key) + elif AnonymousAuthenticationSerializer.get_platform_user(request) is None: + raise AppUnauthorizedFailed(401, _("Authentication information is incorrect")) profile = { 'authentication': False } diff --git a/ui/src/router/chat/index.ts b/ui/src/router/chat/index.ts index b92729be5..bf205d15c 100644 --- a/ui/src/router/chat/index.ts +++ b/ui/src/router/chat/index.ts @@ -27,7 +27,19 @@ router.beforeEach( const { chatUser } = useStore() if (['login', 'chat'].includes(to.name ? to.name.toString() : '')) { chatUser.setAccessToken(to.params.accessToken.toString()) - chatUser.setApiKey(typeof to.query.api_key === 'string' ? to.query.api_key : undefined) + const apiKey = typeof to.query.api_key === 'string' ? to.query.api_key : undefined + chatUser.setApiKey(apiKey) + + if (apiKey && to.name === 'chat') { + try { + await chatUser.anonymousAuthentication() + await chatUser.applicationProfile() + next() + } catch (e: any) { + next() + } + return + } } else { next({ path: '/404',