youngkingdom/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-02-25 04:06:30 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,909 Commits 373 Branches 166 Tags
76d7a44585609fa47d45062c216cef26fd39e37b
Commit Graph

169 Commits

Author SHA1 Message Date
QuantumGhost
c3b7b3ed0c Merge remote-tracking branch 'upstream/main' into feat/human-input-merge-again 2026-01-28 16:21:37 +08:00
QuantumGhost
9bbe63c1d8 Implement a ratelimit for Web App Form endpoints (vibe-kanban 033e0d0d) 
Prevent adversaries from brute-frocing the form token.
 2026-01-27 07:49:50 +08:00
QuantumGhost
b59713b980 Return the form expired error code in get form definition in WEbAPp Api (vibe-kanban 758765b0) 2026-01-26 16:14:02 +08:00
Asuka Minato
6342d196e8 refactor: split changes for api/controllers/web/workflow.py (#29852) 2026-01-23 19:06:21 +09:00
Asuka Minato
5dc5709d58 refactor: split changes for api/controllers/web/login.py (#29854) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-23 19:06:04 +09:00
QuantumGhost
99d19cd3db docs(api): clarity SystemFeatureApi for webapp is unauthenticated by design (#31432) 
The `/api/system-features` is required for the web app initialization.
Authentication would create circular dependency (can't authenticate without web app loading).

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-01-23 16:03:12 +08:00
QuantumGhost
33a830cbc9 refactor(api): rename placeholder to default_value in various parts 
Previously the fields / classes are named with `placeholder`. However,
the actual purpose is to use as default values. This commit addresses
this problem by correcting names for relevant fields / classes.

- FormInputPlaceholder
- FormInput.placeholder
- HumanInputRequiredResponse.resolved_placeholder_values
- HumanInputFormDefinition.resolved_placeholder_values
- FormCreateParams.resolved_placeholder_values
- HumanInputRequired.resolved_placeholder_values
- The `resolved_placeholder_values` argument of _create_human_input_delivery_test_form
- The `resolved_placeholder_values` inside _jsonify_form_definition
 2026-01-23 15:05:18 +08:00
QuantumGhost
b085df9425 feat(api): restore node state snapshots via /events api 2026-01-19 09:58:45 +08:00
QuantumGhost
68d56415d0 Rename the placeholder_values to resolved_placeholder_values in HumanInputFormApi (vibe-kanban 4b9631d6) 
Update tests accordingly. Ensure relevant tests are green.
 2026-01-16 13:27:35 +08:00
QuantumGhost
e099a8de47 feat(api): simplify the FormDefinition API for web app 2026-01-16 09:49:45 +08:00
QuantumGhost
80139bdfb4 test(api): adjust tests for _resolve_human_input_email_delivery_enabled 2026-01-16 09:42:39 +08:00
QuantumGhost
915de2b8dd fix(api): submission return 404 for web app api 2026-01-15 18:01:13 +08:00
QuantumGhost
1114806978 fix(api): allow any form to be submitted via web app api 2026-01-15 13:37:59 +08:00
QuantumGhost
c45dd66bd7 The site field returned by HumanInputFormApi is inconsistent with the API docs (vibe-kanban e0fb38c9) 
```javascript

Expected structure:

```json
{
    "site": {
        "app_id": "e9823576-d836-4f2b-b46f-bd4df1d82230",
        "end_user_id": "b7aa295d-1560-4d87-a828-77b3f39b30d0",
        "enable_site": true,
        "site": {
            "title": "wf",
            "chat_color_theme": null,
            "chat_color_theme_inverted": false,
            "icon_type": "emoji",
            "icon": "\ud83e\udd16",
            "icon_background": "#FFEAD5",
            "icon_url": null,
            "description": null,
            "copyright": null,
            "privacy_policy": null,
            "custom_disclaimer": "",
            "default_language": "en-US",
            "prompt_public": false,
            "show_workflow_steps": true,
            "use_icon_as_answer_icon": false
        },
        "model_config": null,
        "plan": "basic",
        "can_replace_logo": false,
        "custom_config": null
    },
    // ... other fields
}

```

The current implementation of HumanInputFormApi returns the following structure:

```json

{
    "site": {
        "title": "hitl-chatflow",
        "chat_color_theme": null,
        "chat_color_theme_inverted": false,
        "icon_type": "emoji",
        "icon": "🤖",
        "icon_background": "#FFEAD5",
        "icon_url": null,
        "description": null,
        "copyright": null,
        "privacy_policy": null,
        "custom_disclaimer": "",
        "default_language": "en-US",
        "prompt_public": false,
        "show_workflow_steps": true,
        "use_icon_as_answer_icon": false
    },

    // ... other fields
}

```

\`\`\`
 2026-01-15 12:26:51 +08:00
QuantumGhost
ea90746ed7 feat(api): adjust /pause-details api, add backstage form token 2026-01-15 09:43:16 +08:00
QuantumGhost
f1b2e1cfb4 feat(api): Add app_id field to HumanInputForm model 
This ensures that `HumanInputForm` could be associated to a specific
application without relying on `WorkflowRun`, providing us a smoother
migration path if we want to implement test form.
 2026-01-14 16:58:17 +08:00
QuantumGhost
25cc2ab738 fix(api): missing site field in Web App Form Definition API 2026-01-14 14:25:57 +08:00
非法操作
491e1fd6a4 chore: case insensitive email (#29978) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com>
 2026-01-13 15:42:44 +08:00
QuantumGhost
6bcd4ad740 fix(api): Ensure is_resumption for node_started event is correctly set 2026-01-13 09:25:44 +08:00
QuantumGhost
c1215ad9ef temp(api): disable auth for webapp api 2026-01-09 00:21:58 +08:00
QuantumGhost
5d4f06fa67 feat(api): implement web app api properly 2026-01-08 10:07:16 +08:00
Xiyuan Chen
adaf0e32c0 feat: add decryption decorators for password and code fields in webapp (#30704) 2026-01-08 10:03:39 +08:00
Asuka Minato
0294555893 refactor: port api/fields/file_fields.py (#30638) 2026-01-06 22:55:58 +08:00
Asuka Minato
c0331b23a9 refactor: split changes for api/controllers/web/conversation.py (#30582) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-06 10:06:48 +08:00
Asuka Minato
ce87371bef refactor: split changes for api/controllers/web/saved_message.py (#30583) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-06 10:06:21 +08:00
QuantumGhost
184f7ab144 WIP: feat(api): always use form_token to submit human input form 2026-01-06 08:53:24 +08:00
Asuka Minato
2cef879209 refactor: more ns.model to BaseModel (#30445) 2026-01-04 17:12:28 +08:00
Asuka Minato
5b02e5dcb6 refactor: migrate some ns.model to BaseModel (#30388) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-01-01 00:38:12 +08:00
QuantumGhost
1f64281ce5 WIP: message extra contet 2025-12-26 12:34:46 +08:00
QuantumGhost
f368155995 resume test 2025-12-26 12:16:01 +08:00
QuantumGhost
c0f1aeddbe WIP: resume 2025-12-26 11:52:49 +08:00
QuantumGhost
c0e15b9e1b WIP: feat(api): human input service 2025-12-26 11:48:56 +08:00
QuantumGhost
43348ce1a6 WIP: P4 2025-12-26 11:39:28 +08:00
QuantumGhost
8b914d9116 WIP 2025-12-26 10:45:23 +08:00
Asuka Minato
037b8ae9e2 refactor: split changes for api/controllers/web/forgot_password.py (#29858) 2025-12-24 09:41:51 +08:00
Asuka Minato
de021ff3e0 refactor: split changes for api/controllers/web/remote_files.py (#29853) 2025-12-23 21:30:30 +09:00
Asuka Minato
accc91e89d refactor: split changes for api/controllers/web/message.py (#29874) 2025-12-22 21:47:24 +08:00
Asuka Minato
95c58eac83 refactor: split changes for api/controllers/web/app.py (#29857) 2025-12-22 20:09:58 +08:00
Asuka Minato
3b8650eb6b refactor: split changes for api/controllers/web/completion.py (#29855) 2025-12-19 12:16:12 +08:00
Asuka Minato
82220a645c refactor: split changes for api/controllers/web/audio.py (#29856) 
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-12-18 17:30:58 +08:00
Kevin9703
a486c47b1e fix: ensure advanced-chat workflows stop correctly (#27803) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-11-25 20:09:03 +08:00
yangzheli
a4c4d18f42 fix(api): add session_id validation for webapp JWT authentication (#28297) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-11-21 11:23:52 +08:00
mnasrautinno
2799b79e8c fix: app's ai site text to speech api (#28091) 2025-11-13 11:44:04 +08:00
Yunlu Wen
e843fe8aa6 fix: rename cookie for webapp (#27264) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-10-23 11:03:48 +08:00
-LAN-
40d3332690 fix: preserve share code headers after login redirect (#27225) 
Co-authored-by: yunlu.wen <yunlu.wen@dify.ai>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-10-22 14:59:08 +08:00
-LAN-
9a5f214623 refactor: replace localStorage with HTTP-only cookies for auth tokens (#24365) 
Signed-off-by: NeatGuyCoding <15627489+NeatGuyCoding@users.noreply.github.com>
Signed-off-by: lyzno1 <yuanyouhuilyz@gmail.com>
Signed-off-by: kenwoodjw <blackxin55+@gmail.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Yunlu Wen <wylswz@163.com>
Co-authored-by: Joel <iamjoel007@gmail.com>
Co-authored-by: GareArc <chen4851@purdue.edu>
Co-authored-by: NFish <douxc512@gmail.com>
Co-authored-by: Davide Delbianco <davide.delbianco@outlook.com>
Co-authored-by: minglu7 <1347866672@qq.com>
Co-authored-by: Ponder <ruan.lj@foxmail.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: heyszt <270985384@qq.com>
Co-authored-by: Asuka Minato <i@asukaminato.eu.org>
Co-authored-by: Guangdong Liu <liugddx@gmail.com>
Co-authored-by: Eric Guo <eric.guocz@gmail.com>
Co-authored-by: NeatGuyCoding <15627489+NeatGuyCoding@users.noreply.github.com>
Co-authored-by: XlKsyt <caixuesen@outlook.com>
Co-authored-by: Dhruv Gorasiya <80987415+DhruvGorasiya@users.noreply.github.com>
Co-authored-by: crazywoola <427733928@qq.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: lyzno1 <92089059+lyzno1@users.noreply.github.com>
Co-authored-by: hj24 <mambahj24@gmail.com>
Co-authored-by: GuanMu <ballmanjq@gmail.com>
Co-authored-by: 非法操作 <hjlarry@163.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Tonlo <123lzs123@gmail.com>
Co-authored-by: Yusuke Yamada <yamachu.dev@gmail.com>
Co-authored-by: Novice <novice12185727@gmail.com>
Co-authored-by: kenwoodjw <blackxin55+@gmail.com>
Co-authored-by: Ademílson Tonato <ademilsonft@outlook.com>
Co-authored-by: znn <jubinkumarsoni@gmail.com>
Co-authored-by: yangzheli <43645580+yangzheli@users.noreply.github.com>
 2025-10-19 21:29:04 +08:00
Asuka Minato
4488c090b2 fluent api (#27093) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-10-19 12:54:41 +09:00
Asuka Minato
cced33d068 use deco to avoid current_user (#26077) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2025-10-16 15:45:51 +09:00
Xiyuan Chen
aead192743 Fix/token exp when exchange main (#26708) 2025-10-10 01:24:36 -07:00
crazywoola
878420463c fix: Message => str (#25876) 2025-09-18 17:57:57 +08:00