9bbe63c1d8
Implement a ratelimit for Web App Form endpoints (vibe-kanban 033e0d0d)
...
Prevent adversaries from brute-frocing the form token.
2026-01-27 07:49:50 +08:00
b59713b980
Return the form expired error code in get form definition in WEbAPp Api (vibe-kanban 758765b0)
2026-01-26 16:14:02 +08:00
33a830cbc9
refactor(api): rename placeholder to default_value in various parts
...
Previously the fields / classes are named with `placeholder`. However,
the actual purpose is to use as default values. This commit addresses
this problem by correcting names for relevant fields / classes.
- FormInputPlaceholder
- FormInput.placeholder
- HumanInputRequiredResponse.resolved_placeholder_values
- HumanInputFormDefinition.resolved_placeholder_values
- FormCreateParams.resolved_placeholder_values
- HumanInputRequired.resolved_placeholder_values
- The `resolved_placeholder_values` argument of _create_human_input_delivery_test_form
- The `resolved_placeholder_values` inside _jsonify_form_definition
2026-01-23 15:05:18 +08:00
b085df9425
feat(api): restore node state snapshots via /events api
2026-01-19 09:58:45 +08:00
68d56415d0
Rename the placeholder_values to resolved_placeholder_values in HumanInputFormApi (vibe-kanban 4b9631d6)
...
Update tests accordingly. Ensure relevant tests are green.
2026-01-16 13:27:35 +08:00
e099a8de47
feat(api): simplify the FormDefinition API for web app
2026-01-16 09:49:45 +08:00
80139bdfb4
test(api): adjust tests for _resolve_human_input_email_delivery_enabled
2026-01-16 09:42:39 +08:00
915de2b8dd
fix(api): submission return 404 for web app api
2026-01-15 18:01:13 +08:00
1114806978
fix(api): allow any form to be submitted via web app api
2026-01-15 13:37:59 +08:00
c45dd66bd7
The site field returned by HumanInputFormApi is inconsistent with the API docs (vibe-kanban e0fb38c9)
...
```javascript
Expected structure:
```json
{
"site": {
"app_id": "e9823576-d836-4f2b-b46f-bd4df1d82230",
"end_user_id": "b7aa295d-1560-4d87-a828-77b3f39b30d0",
"enable_site": true,
"site": {
"title": "wf",
"chat_color_theme": null,
"chat_color_theme_inverted": false,
"icon_type": "emoji",
"icon": "\ud83e\udd16",
"icon_background": "#FFEAD5",
"icon_url": null,
"description": null,
"copyright": null,
"privacy_policy": null,
"custom_disclaimer": "",
"default_language": "en-US",
"prompt_public": false,
"show_workflow_steps": true,
"use_icon_as_answer_icon": false
},
"model_config": null,
"plan": "basic",
"can_replace_logo": false,
"custom_config": null
},
// ... other fields
}
```
The current implementation of HumanInputFormApi returns the following structure:
```json
{
"site": {
"title": "hitl-chatflow",
"chat_color_theme": null,
"chat_color_theme_inverted": false,
"icon_type": "emoji",
"icon": "🤖 ",
"icon_background": "#FFEAD5",
"icon_url": null,
"description": null,
"copyright": null,
"privacy_policy": null,
"custom_disclaimer": "",
"default_language": "en-US",
"prompt_public": false,
"show_workflow_steps": true,
"use_icon_as_answer_icon": false
},
// ... other fields
}
```
\`\`\`
2026-01-15 12:26:51 +08:00
ea90746ed7
feat(api): adjust /pause-details api, add backstage form token
2026-01-15 09:43:16 +08:00
f1b2e1cfb4
feat(api): Add app_id field to HumanInputForm model
...
This ensures that `HumanInputForm` could be associated to a specific
application without relying on `WorkflowRun`, providing us a smoother
migration path if we want to implement test form.
2026-01-14 16:58:17 +08:00
25cc2ab738
fix(api): missing site field in Web App Form Definition API
2026-01-14 14:25:57 +08:00
6bcd4ad740
fix(api): Ensure is_resumption for node_started event is correctly set
2026-01-13 09:25:44 +08:00
c1215ad9ef
temp(api): disable auth for webapp api
2026-01-09 00:21:58 +08:00
5d4f06fa67
feat(api): implement web app api properly
2026-01-08 10:07:16 +08:00
184f7ab144
WIP: feat(api): always use form_token to submit human input form
2026-01-06 08:53:24 +08:00
1f64281ce5
WIP: message extra contet
2025-12-26 12:34:46 +08:00
f368155995
resume test
2025-12-26 12:16:01 +08:00
c0f1aeddbe
WIP: resume
2025-12-26 11:52:49 +08:00
c0e15b9e1b
WIP: feat(api): human input service
2025-12-26 11:48:56 +08:00
43348ce1a6
WIP: P4
2025-12-26 11:39:28 +08:00
8b914d9116
WIP
2025-12-26 10:45:23 +08:00
037b8ae9e2
refactor: split changes for api/controllers/web/forgot_password.py ( #29858 )
2025-12-24 09:41:51 +08:00
de021ff3e0
refactor: split changes for api/controllers/web/remote_files.py ( #29853 )
2025-12-23 21:30:30 +09:00
accc91e89d
refactor: split changes for api/controllers/web/message.py ( #29874 )
2025-12-22 21:47:24 +08:00
95c58eac83
refactor: split changes for api/controllers/web/app.py ( #29857 )
2025-12-22 20:09:58 +08:00
3b8650eb6b
refactor: split changes for api/controllers/web/completion.py ( #29855 )
2025-12-19 12:16:12 +08:00
82220a645c
refactor: split changes for api/controllers/web/audio.py ( #29856 )
...
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-12-18 17:30:58 +08:00
a486c47b1e
fix: ensure advanced-chat workflows stop correctly ( #27803 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
2025-11-25 20:09:03 +08:00
a4c4d18f42
fix(api): add session_id validation for webapp JWT authentication ( #28297 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-11-21 11:23:52 +08:00
2799b79e8c
fix: app's ai site text to speech api ( #28091 )
2025-11-13 11:44:04 +08:00
e843fe8aa6
fix: rename cookie for webapp ( #27264 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-10-23 11:03:48 +08:00
40d3332690
fix: preserve share code headers after login redirect ( #27225 )
...
Co-authored-by: yunlu.wen <yunlu.wen@dify.ai >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-10-22 14:59:08 +08:00
9a5f214623
refactor: replace localStorage with HTTP-only cookies for auth tokens ( #24365 )
...
Signed-off-by: NeatGuyCoding <15627489+NeatGuyCoding@users.noreply.github.com >
Signed-off-by: lyzno1 <yuanyouhuilyz@gmail.com >
Signed-off-by: kenwoodjw <blackxin55+@gmail.com >
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Yunlu Wen <wylswz@163.com >
Co-authored-by: Joel <iamjoel007@gmail.com >
Co-authored-by: GareArc <chen4851@purdue.edu >
Co-authored-by: NFish <douxc512@gmail.com >
Co-authored-by: Davide Delbianco <davide.delbianco@outlook.com >
Co-authored-by: minglu7 <1347866672@qq.com >
Co-authored-by: Ponder <ruan.lj@foxmail.com >
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: heyszt <270985384@qq.com >
Co-authored-by: Asuka Minato <i@asukaminato.eu.org >
Co-authored-by: Guangdong Liu <liugddx@gmail.com >
Co-authored-by: Eric Guo <eric.guocz@gmail.com >
Co-authored-by: NeatGuyCoding <15627489+NeatGuyCoding@users.noreply.github.com >
Co-authored-by: XlKsyt <caixuesen@outlook.com >
Co-authored-by: Dhruv Gorasiya <80987415+DhruvGorasiya@users.noreply.github.com >
Co-authored-by: crazywoola <427733928@qq.com >
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: lyzno1 <92089059+lyzno1@users.noreply.github.com >
Co-authored-by: hj24 <mambahj24@gmail.com >
Co-authored-by: GuanMu <ballmanjq@gmail.com >
Co-authored-by: 非法操作 <hjlarry@163.com >
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
Co-authored-by: Tonlo <123lzs123@gmail.com >
Co-authored-by: Yusuke Yamada <yamachu.dev@gmail.com >
Co-authored-by: Novice <novice12185727@gmail.com >
Co-authored-by: kenwoodjw <blackxin55+@gmail.com >
Co-authored-by: Ademílson Tonato <ademilsonft@outlook.com >
Co-authored-by: znn <jubinkumarsoni@gmail.com >
Co-authored-by: yangzheli <43645580+yangzheli@users.noreply.github.com >
2025-10-19 21:29:04 +08:00
4488c090b2
fluent api ( #27093 )
...
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2025-10-19 12:54:41 +09:00
cced33d068
use deco to avoid current_user ( #26077 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2025-10-16 15:45:51 +09:00
aead192743
Fix/token exp when exchange main ( #26708 )
2025-10-10 01:24:36 -07:00
878420463c
fix: Message => str ( #25876 )
2025-09-18 17:57:57 +08:00
85cda47c70
feat: knowledge pipeline ( #25360 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
Co-authored-by: twwu <twwu@dify.ai >
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
Co-authored-by: jyong <718720800@qq.com >
Co-authored-by: Wu Tianwei <30284043+WTW0313@users.noreply.github.com >
Co-authored-by: QuantumGhost <obelisk.reg+git@gmail.com >
Co-authored-by: lyzno1 <yuanyouhuilyz@gmail.com >
Co-authored-by: quicksand <quicksandzn@gmail.com >
Co-authored-by: Jyong <76649700+JohnJyong@users.noreply.github.com >
Co-authored-by: lyzno1 <92089059+lyzno1@users.noreply.github.com >
Co-authored-by: zxhlyh <jasonapring2015@outlook.com >
Co-authored-by: Yongtao Huang <yongtaoh2022@gmail.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Joel <iamjoel007@gmail.com >
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
Co-authored-by: nite-knite <nkCoding@gmail.com >
Co-authored-by: Hanqing Zhao <sherry9277@gmail.com >
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Harry <xh001x@hotmail.com >
2025-09-18 12:49:10 +08:00
bab4975809
chore: add ast-grep rule to convert Optional[T] to T | None ( #25560 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-09-15 13:06:33 +08:00
67a686cf98
[Chore/Refactor] use __all__ to specify export member. ( #25681 )
2025-09-15 09:45:35 +08:00
a13d7987e0
chore: adopt StrEnum and auto() for some string-typed enums ( #25129 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
2025-09-12 21:14:26 +08:00
b51c724a94
refactor: Migrate part of the console basic API module to Flask-RESTX ( #24732 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com >
Co-authored-by: -LAN- <laipz8200@outlook.com >
2025-09-10 12:15:47 +08:00
08dd3f7b50
Fix basedpyright type errors ( #25435 )
...
Signed-off-by: -LAN- <laipz8200@outlook.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-09-10 01:54:26 +08:00
38057b1b0e
add typing to all wraps ( #25405 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-09-09 16:48:33 +08:00
f6059ef389
add more typing ( #24949 )
...
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-09-08 10:40:00 +08:00
1fff4620e6
clean console apis and rag cleans. ( #25042 )
...
Signed-off-by: zhanluxianshen <zhanluxianshen@163.com >
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2025-09-03 11:25:18 +08:00
d33dfee8a3
fix: EndUser is not bound to a Session ( #25010 )
2025-09-02 21:37:21 +08:00
39064197da
chore: cleanup unnecessary mypy suppressions on imports ( #24712 )
2025-08-28 23:17:25 +08:00
