From cdf526bc2550b95818a02d180d1e10c93261060e Mon Sep 17 00:00:00 2001 From: panyy Date: Mon, 29 Jun 2026 16:40:14 +0800 Subject: [PATCH] =?UTF-8?q?feat:=E9=99=90=E5=88=B6=E5=BF=85=E9=A1=BBapi-ke?= =?UTF-8?q?y=E6=88=96=E7=99=BB=E5=BD=952?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/chat/serializers/chat_authentication.py | 18 +++++++--- .../handle/impl/chat_anonymous_user_token.py | 11 +++++-- .../component/APIKeyDialog.vue | 15 ++++++++- .../component/EmbedDialog.vue | 9 ++--- ui/src/views/application-overview/index.vue | 33 +++---------------- 5 files changed, 43 insertions(+), 43 deletions(-) diff --git a/apps/chat/serializers/chat_authentication.py b/apps/chat/serializers/chat_authentication.py index 6d1a20e73..d3bcc0549 100644 --- a/apps/chat/serializers/chat_authentication.py +++ b/apps/chat/serializers/chat_authentication.py @@ -51,6 +51,12 @@ class AnonymousAuthenticationSerializer(serializers.Serializer): except Exception: return None + @staticmethod + def get_request_api_key(request): + if request is None: + return None + return request.query_params.get('api_key') or request.META.get('HTTP_X_APPLICATION_API_KEY') + @staticmethod def validate_application_api_key(application_id, api_key): if not api_key: @@ -62,6 +68,7 @@ class AnonymousAuthenticationSerializer(serializers.Serializer): ).first() if application_api_key is None: raise AppUnauthorizedFailed(401, _("Authentication information is incorrect")) + return application_api_key def auth(self, request, with_valid=True): token = request.META.get('HTTP_AUTHORIZATION') @@ -83,10 +90,10 @@ class AnonymousAuthenticationSerializer(serializers.Serializer): chat_user_type = ChatUserType.PLATFORM_USER.value user_id = platform_user.id else: - api_key = self.data.get('api_key') or request.META.get('HTTP_X_APPLICATION_API_KEY') - self.validate_application_api_key(application_access_token.application_id, api_key) - chat_user_id = token_details.get('chat_user_id') or str(uuid.uuid7()) - chat_user_type = ChatUserType.ANONYMOUS_USER.value + api_key = self.data.get('api_key') or self.get_request_api_key(request) + application_api_key = self.validate_application_api_key(application_access_token.application_id, api_key) + chat_user_id = str(application_api_key.id) + chat_user_type = ChatUserType.APPLICATION_API_KEY.value user_id = None _type = AuthenticationType.CHAT_ANONYMOUS_USER token = ChatUserToken(application_access_token.application_id, user_id, access_token, _type, @@ -110,7 +117,8 @@ class AuthProfileSerializer(serializers.Serializer): raise NotFound404(404, _("Invalid access_token")) application_id = application_access_token.application_id if AnonymousAuthenticationSerializer.get_platform_user(request) is None: - AnonymousAuthenticationSerializer.validate_application_api_key(application_id, self.data.get("api_key")) + api_key = self.data.get("api_key") or AnonymousAuthenticationSerializer.get_request_api_key(request) + AnonymousAuthenticationSerializer.validate_application_api_key(application_id, api_key) profile = { 'authentication': False } diff --git a/apps/common/auth/handle/impl/chat_anonymous_user_token.py b/apps/common/auth/handle/impl/chat_anonymous_user_token.py index 7d8cc56e5..e302bace6 100644 --- a/apps/common/auth/handle/impl/chat_anonymous_user_token.py +++ b/apps/common/auth/handle/impl/chat_anonymous_user_token.py @@ -9,7 +9,7 @@ from django.db.models import QuerySet from django.utils.translation import gettext_lazy as _ -from application.models import ApplicationAccessToken +from application.models import ApplicationAccessToken, ChatUserType from common.auth.common import ChatUserToken from common.auth.handle.auth_base_handle import AuthBaseHandle from common.constants.authentication_type import AuthenticationType @@ -42,7 +42,14 @@ class ChatAnonymousUserToken(AuthBaseHandle): raise AppAuthenticationFailed(1002, _('Authentication information is incorrect')) if not application_access_token.access_token == access_token: raise AppAuthenticationFailed(1002, _('Authentication information is incorrect')) - if application_access_token.authentication and ['PE', 'EE'].__contains__(edition): + if ( + application_access_token.authentication and + ['PE', 'EE'].__contains__(edition) and + chat_user_token.chat_user_type not in [ + ChatUserType.PLATFORM_USER.value, + ChatUserType.APPLICATION_API_KEY.value + ] + ): if chat_user_token.authentication.auth_type != application_access_token.authentication_value.get('type', ''): raise AppAuthenticationFailed(1002, _('Authentication information is incorrect')) diff --git a/ui/src/views/application-overview/component/APIKeyDialog.vue b/ui/src/views/application-overview/component/APIKeyDialog.vue index e0eb1018a..fcd7c233c 100644 --- a/ui/src/views/application-overview/component/APIKeyDialog.vue +++ b/ui/src/views/application-overview/component/APIKeyDialog.vue @@ -37,7 +37,7 @@ {{ datetimeFormat(row.create_time) }} - + @@ -79,6 +84,10 @@ const apiType = computed(() => { } }) +const props = defineProps<{ + accessToken?: string +}>() + const emit = defineEmits(['addData', 'refresh']) const SettingAPIKeyDialogRef = ref() @@ -96,6 +105,10 @@ function settingApiKey(row: any) { SettingAPIKeyDialogRef.value.open(row, 'APPLICATION') } +function getApiKeyAccessUrl(row: any) { + return `${window.location.origin}${window.MaxKB.chatPrefix}/${props.accessToken}?api_key=${encodeURIComponent(row.secret_key)}` +} + function deleteApiKey(row: any) { MsgConfirm( `${t('views.applicationOverview.appInfo.APIKeyDialog.msgConfirm1')}: ${row.secret_key}?`, diff --git a/ui/src/views/application-overview/component/EmbedDialog.vue b/ui/src/views/application-overview/component/EmbedDialog.vue index d7eca4e69..52b75abc7 100644 --- a/ui/src/views/application-overview/component/EmbedDialog.vue +++ b/ui/src/views/application-overview/component/EmbedDialog.vue @@ -90,7 +90,6 @@ const { application } = useStore() const props = defineProps({ data: Object, apiInputParams: String, - apiKey: String, }) const emit = defineEmits(['addData']) @@ -102,12 +101,10 @@ const source1 = ref('') const source2 = ref('') const source3 = ref('') -const apiKeyParam = computed(() => props.apiKey ? `api_key=${encodeURIComponent(props.apiKey)}` : '') -const mergedParams = computed(() => [apiKeyParam.value, props.apiInputParams].filter(Boolean).join('&')) -const urlParams1 = computed(() => (mergedParams.value ? '?' + mergedParams.value : '')) -const urlParams2 = computed(() => (mergedParams.value ? '&' + mergedParams.value : '')) +const urlParams1 = computed(() => (props.apiInputParams ? '?' + props.apiInputParams : '')) +const urlParams2 = computed(() => (props.apiInputParams ? '&' + props.apiInputParams : '')) const urlParams3 = computed(() => - mergedParams.value ? '?mode=mobile&' + mergedParams.value : '?mode=mobile', + props.apiInputParams ? '?mode=mobile&' + props.apiInputParams : '?mode=mobile', ) watch(dialogVisible, (bool) => { if (!bool) { diff --git a/ui/src/views/application-overview/index.vue b/ui/src/views/application-overview/index.vue index 4f56df2c2..256b82ffd 100644 --- a/ui/src/views/application-overview/index.vue +++ b/ui/src/views/application-overview/index.vue @@ -184,9 +184,8 @@ ref="EmbedDialogRef" :data="detail" :api-input-params="mapToUrlParams(apiInputParams)" - :api-key="publicApiKey" /> - + @@ -239,18 +238,13 @@ const APIKeyDialogRef = ref() const EmbedDialogRef = ref() const accessToken = ref({}) -const publicApiKey = ref('') const detail = ref(null) const loading = ref(false) -const urlParams = computed(() => { - const params = [ - publicApiKey.value ? `api_key=${encodeURIComponent(publicApiKey.value)}` : '', - mapToUrlParams(apiInputParams.value), - ].filter(Boolean) - return params.length ? '?' + params.join('&') : '' -}) +const urlParams = computed(() => + mapToUrlParams(apiInputParams.value) ? '?' + mapToUrlParams(apiInputParams.value) : '', +) const shareUrl = computed( () => `${window.location.origin}${window.MaxKB.chatPrefix}/` + @@ -430,24 +424,6 @@ function openDialog() { EmbedDialogRef.value.open(accessToken.value?.access_token) } -function getPublicApiKey() { - publicApiKey.value = '' - loadSharedApi({type: 'applicationKey', systemType: apiType.value}) - .getAPIKey(id as string, loading) - .then((res: any) => { - const key = res.data?.find((item: any) => item.is_active) || res.data?.[0] - if (key) { - publicApiKey.value = key.secret_key - return - } - loadSharedApi({type: 'applicationKey', systemType: apiType.value}) - .postAPIKey(id as string, loading) - .then((apiKeyRes: any) => { - publicApiKey.value = apiKeyRes.data?.secret_key || '' - }) - }) -} - function getAccessToken() { loadSharedApi({type: 'application', systemType: apiType.value}) .getAccessToken(id, loading) @@ -492,7 +468,6 @@ function refresh() { onMounted(() => { getDetail() getAccessToken() - getPublicApiKey() changeDayHandle(history_day.value) })