youngkingdom/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-05-06 10:28:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor(app-asset-service): remove unused signed proxy URL generation and improve error handling for download URL

Browse Source
This commit is contained in:
Harry
2026-01-15 18:09:53 +08:00
parent 6e66e2591b
commit cd0724b827
1 changed files with 1 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
api/services/app_asset_service.py
View File

@ -3,9 +3,7 @@ import hashlib
import hmac import hmac
import io import io
import logging import logging
import os
import time import time
import urllib.parse
import zipfile import zipfile
from uuid import uuid4 from uuid import uuid4
@ -345,28 +343,7 @@ class AppAssetService:
try: try:
return storage.get_download_url(storage_key, expires_in) return storage.get_download_url(storage_key, expires_in)
except NotImplementedError: except NotImplementedError:
return AppAssetService._generate_signed_proxy_url( raise NotImplementedError("Download URL not implemented for storage, please contact administrator")
app_id=app_model.id,
node_id=node_id,
expires_in=expires_in,
)
@staticmethod
def _generate_signed_proxy_url(app_id: str, node_id: str, expires_in: int) -> str:
base_url = dify_config.FILES_URL
url = f"{base_url}/console/api/apps/{app_id}/assets/files/{node_id}/download"
timestamp = str(int(time.time()))
nonce = os.urandom(16).hex()
key = dify_config.SECRET_KEY.encode()
msg = f"app-asset-download|{app_id}|{node_id}|{timestamp}|{nonce}"
sign = hmac.new(key, msg.encode(), hashlib.sha256).digest()
encoded_sign = base64.urlsafe_b64encode(sign).decode()
query = {"timestamp": timestamp, "nonce": nonce, "sign": encoded_sign}
query_string = urllib.parse.urlencode(query)
return f"{url}?{query_string}"
@staticmethod @staticmethod
def verify_download_signature( def verify_download_signature(