chore(api): ignore google.cloud.storage in MyPy

chore(api): resolve MyPy issues
Merge remote-tracking branch 'upstream/feat/support-bool-variable-fe' into feat/boolean-type
2026-02-05 03:05:32 +08:00 · 2025-08-26 12:45:04 +08:00 · 2025-08-26 12:44:25 +08:00 · 2025-08-26 10:07:32 +08:00 · 2025-08-25 10:35:52 +08:00 · 2025-08-25 10:26:11 +08:00
1824 changed files with 16128 additions and 61475 deletions
--- a/.claude/settings.json.example
+++ b/.claude/settings.json.example
@ -1,19 +0,0 @@
-{
-    "permissions": {
-      "allow": [],
-      "deny": []
-    },
-    "env": {
-      "__comment": "Environment variables for MCP servers. Override in .claude/settings.local.json with actual values.",
-      "GITHUB_PERSONAL_ACCESS_TOKEN": "ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
-    },
-    "enabledMcpjsonServers": [
-      "context7",
-      "sequential-thinking",
-      "github",
-      "fetch",
-      "playwright",
-      "ide"
-    ],
-    "enableAllProjectMcpServers": true
-  }
--- a/.devcontainer/post_create_command.sh
+++ b/.devcontainer/post_create_command.sh
@ -1,6 +1,6 @@
 #!/bin/bash

-corepack enable
+npm add -g pnpm@10.15.0
 cd web && pnpm install
 pipx install uv

--- a/.github/actions/setup-uv/action.yml
+++ b/.github/actions/setup-uv/action.yml
@ -0,0 +1,34 @@
+name: Setup UV and Python
+
+inputs:
+  python-version:
+    description: Python version to use and the UV installed with
+    required: true
+    default: '3.12'
+  uv-version:
+    description: UV version to set up
+    required: true
+    default: '0.8.9'
+  uv-lockfile:
+    description: Path to the UV lockfile to restore cache from
+    required: true
+    default: ''
+  enable-cache:
+    required: true
+    default: true
+
+runs:
+  using: composite
+  steps:
+    - name: Set up Python ${{ inputs.python-version }}
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ inputs.python-version }}
+
+    - name: Install uv
+      uses: astral-sh/setup-uv@v6
+      with:
+        version: ${{ inputs.uv-version }}
+        python-version: ${{ inputs.python-version }}
+        enable-cache: ${{ inputs.enable-cache }}
+        cache-dependency-glob: ${{ inputs.uv-lockfile }}
--- a/.github/workflows/api-tests.yml
+++ b/.github/workflows/api-tests.yml
@ -1,7 +1,13 @@
 name: Run Pytest

 on:
-  workflow_call:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - api/**
+      - docker/**
+      - .github/workflows/api-tests.yml

 concurrency:
  group: api-tests-${{ github.head_ref || github.run_id }}
@ -27,11 +33,10 @@ jobs:
          persist-credentials: false

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@v6
+        uses: ./.github/actions/setup-uv
        with:
-          enable-cache: true
          python-version: ${{ matrix.python-version }}
-          cache-dependency-glob: api/uv.lock
+          uv-lockfile: api/uv.lock

      - name: Check UV lockfile
        run: uv lock --project api --check
@ -42,7 +47,11 @@ jobs:
      - name: Run Unit tests
        run: |
          uv run --project api bash dev/pytest/pytest_unit_tests.sh
-
+      - name: Run ty check
+        run: |
+          cd api
+          uv add --dev ty
+          uv run ty check || true
      - name: Run pyrefly check
        run: |
          cd api
@ -62,6 +71,15 @@ jobs:
      - name: Run dify config tests
        run: uv run --project api dev/pytest/pytest_config_tests.py

+      - name: MyPy Cache
+        uses: actions/cache@v4
+        with:
+          path: api/.mypy_cache
+          key: mypy-${{ matrix.python-version }}-${{ runner.os }}-${{ hashFiles('api/uv.lock') }}
+
+      - name: Run MyPy Checks
+        run: dev/mypy-check
+
      - name: Set up dotenvs
        run: |
          cp docker/.env.example docker/.env
--- a/.github/workflows/autofix.yml
+++ b/.github/workflows/autofix.yml
@ -1,7 +1,9 @@
 name: autofix.ci
 on:
+  workflow_call:
  pull_request:
-    branches: ["main"]
+  push:
+    branches: [ "main" ]
 permissions:
  contents: read

@ -13,47 +15,18 @@ jobs:
      - uses: actions/checkout@v4

      # Use uv to ensure we have the same ruff version in CI and locally.
-      - uses: astral-sh/setup-uv@v6
-        with:
-          python-version: "3.12"
+      - uses: astral-sh/setup-uv@7edac99f961f18b581bbd960d59d049f04c0002f 
      - run: |
          cd api
          uv sync --dev
          # Fix lint errors
-          uv run ruff check --fix .
+          uv run ruff check --fix-only .
          # Format code
          uv run ruff format .
-
      - name: ast-grep
        run: |
          uvx --from ast-grep-cli sg --pattern 'db.session.query($WHATEVER).filter($HERE)' --rewrite 'db.session.query($WHATEVER).where($HERE)' -l py --update-all
-          uvx --from ast-grep-cli sg --pattern 'session.query($WHATEVER).filter($HERE)' --rewrite 'session.query($WHATEVER).where($HERE)' -l py --update-all
-
-
      - name: mdformat
        run: |
          uvx mdformat .
-
-      - name: Install pnpm
-        uses: pnpm/action-setup@v4
-        with:
-          package_json_file: web/package.json
-          run_install: false
-
-      - name: Setup NodeJS
-        uses: actions/setup-node@v4
-        with:
-          node-version: 22
-          cache: pnpm
-          cache-dependency-path: ./web/package.json
-
-      - name: Web dependencies
-        working-directory: ./web
-        run: pnpm install --frozen-lockfile
-
-      - name: oxlint
-        working-directory: ./web
-        run: |
-          pnpx oxlint --fix
-
      - uses: autofix-ci/action@635ffb0c9798bd160680f18fd73371e355b85f27
--- a/.github/workflows/db-migration-test.yml
+++ b/.github/workflows/db-migration-test.yml
@ -1,7 +1,13 @@
 name: DB Migration Test

 on:
-  workflow_call:
+  pull_request:
+    branches:
+      - main
+      - plugins/beta
+    paths:
+      - api/migrations/**
+      - .github/workflows/db-migration-test.yml

 concurrency:
  group: db-migration-test-${{ github.ref }}
@ -19,20 +25,12 @@ jobs:
          persist-credentials: false

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@v6
+        uses: ./.github/actions/setup-uv
        with:
-          enable-cache: true
-          python-version: "3.12"
-          cache-dependency-glob: api/uv.lock
+          uv-lockfile: api/uv.lock

      - name: Install dependencies
        run: uv sync --project api
-      - name: Ensure Offline migration are supported
-        run: |
-          # upgrade
-          uv run --directory api flask db upgrade 'base:head' --sql
-          # downgrade
-          uv run --directory api flask db downgrade 'head:base' --sql

      - name: Prepare middleware env
        run: |
--- a/.github/workflows/deploy-enterprise.yml
+++ b/.github/workflows/deploy-enterprise.yml
@ -19,23 +19,11 @@ jobs:
      github.event.workflow_run.head_branch == 'deploy/enterprise'

    steps:
-      - name: trigger deployments
-        env:
-          DEV_ENV_ADDRS: ${{ vars.DEV_ENV_ADDRS }}
-          DEPLOY_SECRET: ${{ secrets.DEPLOY_SECRET }}
-        run: |
-          IFS=',' read -ra ENDPOINTS <<< "${DEV_ENV_ADDRS:-}"
-          BODY='{"project":"dify-api","tag":"deploy-enterprise"}'
-
-          for ENDPOINT in "${ENDPOINTS[@]}"; do
-            ENDPOINT="$(echo "$ENDPOINT" | xargs)"
-            [ -z "$ENDPOINT" ] && continue
-
-            API_SIGNATURE=$(printf '%s' "$BODY" | openssl dgst -sha256 -hmac "$DEPLOY_SECRET" | awk '{print "sha256="$2}')
-
-            curl -sSf -X POST \
-              -H "Content-Type: application/json" \
-              -H "X-Hub-Signature-256: $API_SIGNATURE" \
-              -d "$BODY" \
-              "$ENDPOINT"
-          done
+      - name: Deploy to server
+        uses: appleboy/ssh-action@v0.1.8
+        with:
+          host: ${{ secrets.ENTERPRISE_SSH_HOST }}
+          username: ${{ secrets.ENTERPRISE_SSH_USER }}
+          password: ${{ secrets.ENTERPRISE_SSH_PASSWORD }}
+          script: |
+            ${{ vars.ENTERPRISE_SSH_SCRIPT || secrets.ENTERPRISE_SSH_SCRIPT }}
--- a/.github/workflows/main-ci.yml
+++ b/.github/workflows/main-ci.yml
@ -1,78 +0,0 @@
-name: Main CI Pipeline
-
-on:
-  pull_request:
-    branches: ["main"]
-  push:
-    branches: ["main"]
-
-permissions:
-  contents: write
-  pull-requests: write
-  checks: write
-  statuses: write
-
-concurrency:
-  group: main-ci-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  # Check which paths were changed to determine which tests to run
-  check-changes:
-    name: Check Changed Files
-    runs-on: ubuntu-latest
-    outputs:
-      api-changed: ${{ steps.changes.outputs.api }}
-      web-changed: ${{ steps.changes.outputs.web }}
-      vdb-changed: ${{ steps.changes.outputs.vdb }}
-      migration-changed: ${{ steps.changes.outputs.migration }}
-    steps:
-      - uses: actions/checkout@v4
-      - uses: dorny/paths-filter@v3
-        id: changes
-        with:
-          filters: |
-            api:
-              - 'api/**'
-              - 'docker/**'
-              - '.github/workflows/api-tests.yml'
-            web:
-              - 'web/**'
-            vdb:
-              - 'api/core/rag/datasource/**'
-              - 'docker/**'
-              - '.github/workflows/vdb-tests.yml'
-              - 'api/uv.lock'
-              - 'api/pyproject.toml'
-            migration:
-              - 'api/migrations/**'
-              - '.github/workflows/db-migration-test.yml'
-
-  # Run tests in parallel
-  api-tests:
-    name: API Tests
-    needs: check-changes
-    if: needs.check-changes.outputs.api-changed == 'true'
-    uses: ./.github/workflows/api-tests.yml
-
-  web-tests:
-    name: Web Tests
-    needs: check-changes
-    if: needs.check-changes.outputs.web-changed == 'true'
-    uses: ./.github/workflows/web-tests.yml
-
-  style-check:
-    name: Style Check
-    uses: ./.github/workflows/style.yml
-
-  vdb-tests:
-    name: VDB Tests
-    needs: check-changes
-    if: needs.check-changes.outputs.vdb-changed == 'true'
-    uses: ./.github/workflows/vdb-tests.yml
-
-  db-migration-test:
-    name: DB Migration Test
-    needs: check-changes
-    if: needs.check-changes.outputs.migration-changed == 'true'
-    uses: ./.github/workflows/db-migration-test.yml
--- a/.github/workflows/style.yml
+++ b/.github/workflows/style.yml
@ -1,7 +1,9 @@
 name: Style check

 on:
-  workflow_call:
+  pull_request:
+    branches:
+      - main

 concurrency:
  group: style-${{ github.head_ref || github.run_id }}
@ -34,28 +36,30 @@ jobs:

      - name: Setup UV and Python
        if: steps.changed-files.outputs.any_changed == 'true'
-        uses: astral-sh/setup-uv@v6
+        uses: ./.github/actions/setup-uv
        with:
+          uv-lockfile: api/uv.lock
          enable-cache: false
-          python-version: "3.12"
-          cache-dependency-glob: api/uv.lock

      - name: Install dependencies
        if: steps.changed-files.outputs.any_changed == 'true'
        run: uv sync --project api --dev

-      - name: Run Basedpyright Checks
+      - name: Ruff check
        if: steps.changed-files.outputs.any_changed == 'true'
-        run: dev/basedpyright-check
-
-      - name: Run Mypy Type Checks
-        if: steps.changed-files.outputs.any_changed == 'true'
-        run: uv --directory api run mypy --exclude-gitignore --exclude 'tests/' --exclude 'migrations/' --check-untyped-defs --disable-error-code=import-untyped .
+        run: |
+          uv run --directory api ruff --version
+          uv run --directory api ruff check ./
+          uv run --directory api ruff format --check ./

      - name: Dotenv check
        if: steps.changed-files.outputs.any_changed == 'true'
        run: uv run --project api dotenv-linter ./api/.env.example ./web/.env.example

+      - name: Lint hints
+        if: failure()
+        run: echo "Please run 'dev/reformat' to fix the fixable linting errors."
+
  web-style:
    name: Web Style
    runs-on: ubuntu-latest
@ -97,9 +101,7 @@ jobs:
      - name: Web style check
        if: steps.changed-files.outputs.any_changed == 'true'
        working-directory: ./web
-        run: |
-          pnpm run lint
-          pnpm run eslint
+        run: pnpm run lint

  docker-compose-template:
    name: Docker Compose Template
--- a/.github/workflows/translate-i18n-base-on-english.yml
+++ b/.github/workflows/translate-i18n-base-on-english.yml
@ -67,22 +67,12 @@ jobs:
        working-directory: ./web
        run: pnpm run auto-gen-i18n ${{ env.FILE_ARGS }}

-      - name: Generate i18n type definitions
-        if: env.FILES_CHANGED == 'true'
-        working-directory: ./web
-        run: pnpm run gen:i18n-types
-
      - name: Create Pull Request
        if: env.FILES_CHANGED == 'true'
        uses: peter-evans/create-pull-request@v6
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
-          commit-message: Update i18n files and type definitions based on en-US changes
-          title: 'chore: translate i18n files and update type definitions'
-          body: |
-            This PR was automatically created to update i18n files and TypeScript type definitions based on changes in en-US locale.
-            
-            **Changes included:**
-            - Updated translation files for all locales
-            - Regenerated TypeScript type definitions for type safety
+          commit-message: Update i18n files based on en-US changes
+          title: 'chore: translate i18n files'
+          body: This PR was automatically created to update i18n files based on changes in en-US locale.
          branch: chore/automated-i18n-updates
--- a/.github/workflows/vdb-tests.yml
+++ b/.github/workflows/vdb-tests.yml
@ -1,7 +1,15 @@
 name: Run VDB Tests

 on:
-  workflow_call:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - api/core/rag/datasource/**
+      - docker/**
+      - .github/workflows/vdb-tests.yml
+      - api/uv.lock
+      - api/pyproject.toml

 concurrency:
  group: vdb-tests-${{ github.head_ref || github.run_id }}
@ -31,11 +39,10 @@ jobs:
          remove_tool_cache: true

      - name: Setup UV and Python
-        uses: astral-sh/setup-uv@v6
+        uses: ./.github/actions/setup-uv
        with:
-          enable-cache: true
          python-version: ${{ matrix.python-version }}
-          cache-dependency-glob: api/uv.lock
+          uv-lockfile: api/uv.lock

      - name: Check UV lockfile
        run: uv lock --project api --check
--- a/.github/workflows/web-tests.yml
+++ b/.github/workflows/web-tests.yml
@ -1,7 +1,11 @@
 name: Web Tests

 on:
-  workflow_call:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - web/**

 concurrency:
  group: web-tests-${{ github.head_ref || github.run_id }}
@ -47,11 +51,6 @@ jobs:
        working-directory: ./web
        run: pnpm install --frozen-lockfile

-      - name: Check i18n types synchronization
-        if: steps.changed-files.outputs.any_changed == 'true'
-        working-directory: ./web
-        run: pnpm run check:i18n-types
-
      - name: Run tests
        if: steps.changed-files.outputs.any_changed == 'true'
        working-directory: ./web
--- a/.gitignore
+++ b/.gitignore
@ -123,12 +123,10 @@ venv.bak/
 # mkdocs documentation
 /site

-# type checking
+# mypy
 .mypy_cache/
 .dmypy.json
 dmypy.json
-pyrightconfig.json
-!api/pyrightconfig.json

 # Pyre type checker
 .pyre/
@ -197,8 +195,8 @@ sdks/python-client/dify_client.egg-info
 .vscode/*
 !.vscode/launch.json.template
 !.vscode/README.md
+pyrightconfig.json
 api/.vscode
-web/.vscode
 # vscode Code History Extension
 .history

@ -216,18 +214,7 @@ mise.toml
 # Next.js build output
 .next/

-# PWA generated files
-web/public/sw.js
-web/public/sw.js.map
-web/public/workbox-*.js
-web/public/workbox-*.js.map
-web/public/fallback-*.js
-
 # AI Assistant
 .roo/
 api/.env.backup
 /clickzetta
-
-# Benchmark
-scripts/stress-test/setup/config/
-scripts/stress-test/reports/
--- a/.mcp.json
+++ b/.mcp.json
@ -1,34 +0,0 @@
-{
-    "mcpServers": {
-      "context7": {
-        "type": "http",
-        "url": "https://mcp.context7.com/mcp"
-      },
-      "sequential-thinking": {
-        "type": "stdio",
-        "command": "npx",
-        "args": ["-y", "@modelcontextprotocol/server-sequential-thinking"],
-        "env": {}
-      },
-      "github": {
-        "type": "stdio",
-        "command": "npx",
-        "args": ["-y", "@modelcontextprotocol/server-github"],
-        "env": {
-          "GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_PERSONAL_ACCESS_TOKEN}"
-        }
-      },
-      "fetch": {
-        "type": "stdio",
-        "command": "uvx",
-        "args": ["mcp-server-fetch"],
-        "env": {}
-      },
-      "playwright": {
-        "type": "stdio",
-        "command": "npx",
-        "args": ["-y", "@playwright/mcp@latest"],
-        "env": {}
-      }
-    }
-  }
--- a/AGENTS.md
+++ b/AGENTS.md
@ -1 +0,0 @@
-CLAUDE.md
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -32,7 +32,7 @@ uv run --project api pytest tests/integration_tests/  # Integration tests
 ./dev/reformat                    # Run all formatters and linters
 uv run --project api ruff check --fix ./    # Fix linting issues
 uv run --project api ruff format ./         # Format code
-uv run --directory api basedpyright         # Type checking
+uv run --project api mypy .                 # Type checking
 ```

 ### Frontend (Web)
@ -86,4 +86,3 @@ pnpm test                         # Run Jest tests
 ## Project-Specific Conventions

 - All async tasks use Celery with Redis as broker
- **Internationalization**: Frontend supports multiple languages with English (`web/i18n/en-US/`) as the source. All user-facing text must use i18n keys, no hardcoded strings. Edit corresponding module files in `en-US/` directory for translations.
--- a/90
+++ b/90
@ -4,72 +4,6 @@ WEB_IMAGE=$(DOCKER_REGISTRY)/dify-web
 API_IMAGE=$(DOCKER_REGISTRY)/dify-api
 VERSION=latest

-# Default target - show help
-.DEFAULT_GOAL := help
-
-# Backend Development Environment Setup
-.PHONY: dev-setup prepare-docker prepare-web prepare-api
-
-# Dev setup target
-dev-setup: prepare-docker prepare-web prepare-api
-	@echo "✅ Backend development environment setup complete!"
-
-# Step 1: Prepare Docker middleware
-prepare-docker:
-	@echo "🐳 Setting up Docker middleware..."
-	@cp -n docker/middleware.env.example docker/middleware.env 2>/dev/null || echo "Docker middleware.env already exists"
-	@cd docker && docker compose -f docker-compose.middleware.yaml --env-file middleware.env -p dify-middlewares-dev up -d
-	@echo "✅ Docker middleware started"
-
-# Step 2: Prepare web environment
-prepare-web:
-	@echo "🌐 Setting up web environment..."
-	@cp -n web/.env.example web/.env 2>/dev/null || echo "Web .env already exists"
-	@cd web && pnpm install
-	@cd web && pnpm build
-	@echo "✅ Web environment prepared (not started)"
-
-# Step 3: Prepare API environment
-prepare-api:
-	@echo "🔧 Setting up API environment..."
-	@cp -n api/.env.example api/.env 2>/dev/null || echo "API .env already exists"
-	@cd api && uv sync --dev
-	@cd api && uv run flask db upgrade
-	@echo "✅ API environment prepared (not started)"
-
-# Clean dev environment
-dev-clean:
-	@echo "⚠️  Stopping Docker containers..."
-	@cd docker && docker compose -f docker-compose.middleware.yaml --env-file middleware.env -p dify-middlewares-dev down
-	@echo "🗑️  Removing volumes..."
-	@rm -rf docker/volumes/db
-	@rm -rf docker/volumes/redis
-	@rm -rf docker/volumes/plugin_daemon
-	@rm -rf docker/volumes/weaviate
-	@rm -rf api/storage
-	@echo "✅ Cleanup complete"
-
-# Backend Code Quality Commands
-format:
-	@echo "🎨 Running ruff format..."
-	@uv run --project api --dev ruff format ./api
-	@echo "✅ Code formatting complete"
-
-check:
-	@echo "🔍 Running ruff check..."
-	@uv run --project api --dev ruff check ./api
-	@echo "✅ Code check complete"
-
-lint:
-	@echo "🔧 Running ruff format and check with fixes..."
-	@uv run --directory api --dev sh -c 'ruff format ./api && ruff check --fix ./api'
-	@echo "✅ Linting complete"
-
-type-check:
-	@echo "📝 Running type check with basedpyright..."
-	@uv run --directory api --dev basedpyright
-	@echo "✅ Type check complete"
-
 # Build Docker images
 build-web:
 	@echo "Building web Docker image: $(WEB_IMAGE):$(VERSION)..."
@ -105,27 +39,5 @@ build-push-web: build-web push-web
 build-push-all: build-all push-all
 	@echo "All Docker images have been built and pushed."

-# Help target
-help:
-	@echo "Development Setup Targets:"
-	@echo "  make dev-setup      - Run all setup steps for backend dev environment"
-	@echo "  make prepare-docker - Set up Docker middleware"
-	@echo "  make prepare-web    - Set up web environment"
-	@echo "  make prepare-api    - Set up API environment"
-	@echo "  make dev-clean      - Stop Docker middleware containers"
-	@echo ""
-	@echo "Backend Code Quality:"
-	@echo "  make format         - Format code with ruff"
-	@echo "  make check          - Check code with ruff"
-	@echo "  make lint           - Format and fix code with ruff"
-	@echo "  make type-check     - Run type checking with basedpyright"
-	@echo ""
-	@echo "Docker Build Targets:"
-	@echo "  make build-web      - Build web Docker image"
-	@echo "  make build-api      - Build API Docker image"
-	@echo "  make build-all      - Build all Docker images"
-	@echo "  make push-all       - Push all Docker images"
-	@echo "  make build-push-all - Build and push all Docker images"
-
 # Phony targets
-.PHONY: build-web build-api push-web push-api build-all push-all build-push-all dev-setup prepare-docker prepare-web prepare-api dev-clean help format check lint type-check
+.PHONY: build-web build-api push-web push-api build-all push-all build-push-all
--- a/README_CN.md
+++ b/README_CN.md
@ -180,7 +180,7 @@ docker compose up -d

 ## Contributing

-对于那些想要贡献代码的人，请参阅我们的[贡献指南](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_CN.md)。
+对于那些想要贡献代码的人，请参阅我们的[贡献指南](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md)。
 同时，请考虑通过社交媒体、活动和会议来支持 Dify 的分享。

 > 我们正在寻找贡献者来帮助将 Dify 翻译成除了中文和英文之外的其他语言。如果您有兴趣帮助，请参阅我们的[i18n README](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md)获取更多信息，并在我们的[Discord 社区服务器](https://discord.gg/8Tpq4AcN9c)的`global-users`频道中留言。
--- a/README_DE.md
+++ b/README_DE.md
@ -173,7 +173,7 @@ Stellen Sie Dify mit einem Klick in AKS bereit, indem Sie [Azure Devops Pipeline

 ## Contributing

-Falls Sie Code beitragen möchten, lesen Sie bitte unseren [Contribution Guide](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_DE.md). Gleichzeitig bitten wir Sie, Dify zu unterstützen, indem Sie es in den sozialen Medien teilen und auf Veranstaltungen und Konferenzen präsentieren.
+Falls Sie Code beitragen möchten, lesen Sie bitte unseren [Contribution Guide](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md). Gleichzeitig bitten wir Sie, Dify zu unterstützen, indem Sie es in den sozialen Medien teilen und auf Veranstaltungen und Konferenzen präsentieren.

 > Wir suchen Mitwirkende, die dabei helfen, Dify in weitere Sprachen zu übersetzen – außer Mandarin oder Englisch. Wenn Sie Interesse an einer Mitarbeit haben, lesen Sie bitte die [i18n README](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md) für weitere Informationen und hinterlassen Sie einen Kommentar im `global-users`-Kanal unseres [Discord Community Servers](https://discord.gg/8Tpq4AcN9c).

--- a/README_ES.md
+++ b/README_ES.md
@ -170,7 +170,7 @@ Implementa Dify en AKS con un clic usando [Azure Devops Pipeline Helm Chart by @

 ## Contribuir

-Para aquellos que deseen contribuir con código, consulten nuestra [Guía de contribución](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_ES.md).
+Para aquellos que deseen contribuir con código, consulten nuestra [Guía de contribución](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md).
 Al mismo tiempo, considera apoyar a Dify compartiéndolo en redes sociales y en eventos y conferencias.

 > Estamos buscando colaboradores para ayudar con la traducción de Dify a idiomas que no sean el mandarín o el inglés. Si estás interesado en ayudar, consulta el [README de i18n](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md) para obtener más información y déjanos un comentario en el canal `global-users` de nuestro [Servidor de Comunidad en Discord](https://discord.gg/8Tpq4AcN9c).
--- a/README_FR.md
+++ b/README_FR.md
@ -168,7 +168,7 @@ Déployez Dify sur AKS en un clic en utilisant [Azure Devops Pipeline Helm Chart

 ## Contribuer

-Pour ceux qui souhaitent contribuer du code, consultez notre [Guide de contribution](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_FR.md).
+Pour ceux qui souhaitent contribuer du code, consultez notre [Guide de contribution](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md).
 Dans le même temps, veuillez envisager de soutenir Dify en le partageant sur les réseaux sociaux et lors d'événements et de conférences.

 > Nous recherchons des contributeurs pour aider à traduire Dify dans des langues autres que le mandarin ou l'anglais. Si vous êtes intéressé à aider, veuillez consulter le [README i18n](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md) pour plus d'informations, et laissez-nous un commentaire dans le canal `global-users` de notre [Serveur communautaire Discord](https://discord.gg/8Tpq4AcN9c).
--- a/README_JA.md
+++ b/README_JA.md
@ -169,7 +169,7 @@ docker compose up -d

 ## 貢献

-コードに貢献したい方は、[Contribution Guide](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_JA.md)を参照してください。
+コードに貢献したい方は、[Contribution Guide](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md)を参照してください。
 同時に、DifyをSNSやイベント、カンファレンスで共有してサポートしていただけると幸いです。

 > Difyを英語または中国語以外の言語に翻訳してくれる貢献者を募集しています。興味がある場合は、詳細については[i18n README](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md)を参照してください。また、[Discordコミュニティサーバー](https://discord.gg/8Tpq4AcN9c)の`global-users`チャンネルにコメントを残してください。
--- a/README_KR.md
+++ b/README_KR.md
@ -162,7 +162,7 @@ Dify를 Kubernetes에 배포하고 프리미엄 스케일링 설정을 구성했

 ## 기여

-코드에 기여하고 싶은 분들은 [기여 가이드](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_KR.md)를 참조하세요.
+코드에 기여하고 싶은 분들은 [기여 가이드](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md)를 참조하세요.
 동시에 Dify를 소셜 미디어와 행사 및 컨퍼런스에 공유하여 지원하는 것을 고려해 주시기 바랍니다.

 > 우리는 Dify를 중국어나 영어 이외의 언어로 번역하는 데 도움을 줄 수 있는 기여자를 찾고 있습니다. 도움을 주고 싶으시다면 [i18n README](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md)에서 더 많은 정보를 확인하시고 [Discord 커뮤니티 서버](https://discord.gg/8Tpq4AcN9c)의 `global-users` 채널에 댓글을 남겨주세요.
--- a/README_PT.md
+++ b/README_PT.md
@ -168,7 +168,7 @@ Implante o Dify no AKS com um clique usando [Azure Devops Pipeline Helm Chart by

 ## Contribuindo

-Para aqueles que desejam contribuir com código, veja nosso [Guia de Contribuição](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_PT.md).
+Para aqueles que desejam contribuir com código, veja nosso [Guia de Contribuição](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md).
 Ao mesmo tempo, considere apoiar o Dify compartilhando-o nas redes sociais e em eventos e conferências.

 > Estamos buscando contribuidores para ajudar na tradução do Dify para idiomas além de Mandarim e Inglês. Se você tiver interesse em ajudar, consulte o [README i18n](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md) para mais informações e deixe-nos um comentário no canal `global-users` em nosso [Servidor da Comunidade no Discord](https://discord.gg/8Tpq4AcN9c).
--- a/README_TR.md
+++ b/README_TR.md
@ -161,7 +161,7 @@ Dify'ı bulut platformuna tek tıklamayla dağıtın [terraform](https://www.ter

 ## Katkıda Bulunma

-Kod katkısında bulunmak isteyenler için [Katkı Kılavuzumuza](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_TR.md) bakabilirsiniz.
+Kod katkısında bulunmak isteyenler için [Katkı Kılavuzumuza](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md) bakabilirsiniz.
 Aynı zamanda, lütfen Dify'ı sosyal medyada, etkinliklerde ve konferanslarda paylaşarak desteklemeyi düşünün.

 > Dify'ı Mandarin veya İngilizce dışındaki dillere çevirmemize yardımcı olacak katkıda bulunanlara ihtiyacımız var. Yardımcı olmakla ilgileniyorsanız, lütfen daha fazla bilgi için [i18n README](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md) dosyasına bakın ve [Discord Topluluk Sunucumuzdaki](https://discord.gg/8Tpq4AcN9c) `global-users` kanalında bize bir yorum bırakın.
--- a/README_TW.md
+++ b/README_TW.md
@ -173,7 +173,7 @@ Dify 的所有功能都提供相應的 API，因此您可以輕鬆地將 Dify

 ## 貢獻

-對於想要貢獻程式碼的開發者，請參閱我們的[貢獻指南](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_TW.md)。
+對於想要貢獻程式碼的開發者，請參閱我們的[貢獻指南](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md)。
 同時，也請考慮透過在社群媒體和各種活動與會議上分享 Dify 來支持我們。

 > 我們正在尋找貢獻者協助將 Dify 翻譯成中文和英文以外的語言。如果您有興趣幫忙，請查看 [i18n README](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md) 獲取更多資訊，並在我們的 [Discord 社群伺服器](https://discord.gg/8Tpq4AcN9c) 的 `global-users` 頻道留言給我們。
--- a/README_VI.md
+++ b/README_VI.md
@ -162,7 +162,7 @@ Triển khai Dify lên AKS chỉ với một cú nhấp chuột bằng [Azure De

 ## Đóng góp

-Đối với những người muốn đóng góp mã, xem [Hướng dẫn Đóng góp](https://github.com/langgenius/dify/blob/main/CONTRIBUTING_VI.md) của chúng tôi.
+Đối với những người muốn đóng góp mã, xem [Hướng dẫn Đóng góp](https://github.com/langgenius/dify/blob/main/CONTRIBUTING.md) của chúng tôi.
 Đồng thời, vui lòng xem xét hỗ trợ Dify bằng cách chia sẻ nó trên mạng xã hội và tại các sự kiện và hội nghị.

 > Chúng tôi đang tìm kiếm người đóng góp để giúp dịch Dify sang các ngôn ngữ khác ngoài tiếng Trung hoặc tiếng Anh. Nếu bạn quan tâm đến việc giúp đỡ, vui lòng xem [README i18n](https://github.com/langgenius/dify/blob/main/web/i18n-config/README.md) để biết thêm thông tin và để lại bình luận cho chúng tôi trong kênh `global-users` của [Máy chủ Cộng đồng Discord](https://discord.gg/8Tpq4AcN9c) của chúng tôi.
--- a/api/.env.example
+++ b/api/.env.example
@ -75,7 +75,6 @@ DB_PASSWORD=difyai123456
 DB_HOST=localhost
 DB_PORT=5432
 DB_DATABASE=dify
-SQLALCHEMY_POOL_PRE_PING=true

 # Storage configuration
 # use for store upload files, private keys...
@ -530,7 +529,6 @@ ENDPOINT_URL_TEMPLATE=http://localhost:5002/e/{hook_id}

 # Reset password token expiry minutes
 RESET_PASSWORD_TOKEN_EXPIRY_MINUTES=5
-EMAIL_REGISTER_TOKEN_EXPIRY_MINUTES=5
 CHANGE_EMAIL_TOKEN_EXPIRY_MINUTES=5
 OWNER_TRANSFER_TOKEN_EXPIRY_MINUTES=5

@ -566,11 +564,3 @@ QUEUE_MONITOR_THRESHOLD=200
 QUEUE_MONITOR_ALERT_EMAILS=
 # Monitor interval in minutes, default is 30 minutes
 QUEUE_MONITOR_INTERVAL=30
-
-# Swagger UI configuration
-SWAGGER_UI_ENABLED=true
-SWAGGER_UI_PATH=/swagger-ui.html
-
-# Whether to encrypt dataset IDs when exporting DSL files (default: true)
-# Set to false to export dataset IDs as plain text for easier cross-environment import
-DSL_EXPORT_ENCRYPT_DATASET_ID=true
--- a/api/.ruff.toml
+++ b/api/.ruff.toml
@ -43,9 +43,7 @@ select = [
    "S302", # suspicious-marshal-usage, disallow use of `marshal` module
    "S311", # suspicious-non-cryptographic-random-usage
    "G001", # don't use str format to logging messages
-    "G003", # don't use + in logging messages
    "G004", # don't use f-strings to format logging messages
-    "UP042", # use StrEnum
 ]

 ignore = [
--- a/api/README.md
+++ b/api/README.md
@ -97,16 +97,8 @@ uv run celery -A app.celery beat
   uv sync --dev
   ```

-1. Run the tests locally with mocked system environment variables in `tool.pytest_env` section in `pyproject.toml`, more can check [Claude.md](../CLAUDE.md)
+1. Run the tests locally with mocked system environment variables in `tool.pytest_env` section in `pyproject.toml`

   ```bash
-   uv run pytest                           # Run all tests
-   uv run pytest tests/unit_tests/         # Unit tests only
-   uv run pytest tests/integration_tests/  # Integration tests
-
-   # Code quality
-   ../dev/reformat               # Run all formatters and linters
-   uv run ruff check --fix ./    # Fix linting issues
-   uv run ruff format ./         # Format code
-   uv run basedpyright .         # Type checking
+   uv run -P api bash dev/pytest/pytest_all_tests.sh
   ```
--- a/api/app_factory.py
+++ b/api/app_factory.py
@ -5,8 +5,6 @@ from configs import dify_config
 from contexts.wrapper import RecyclableContextVar
 from dify_app import DifyApp

-logger = logging.getLogger(__name__)
-

 # ----------------------------
 # Application Factory Function
@ -25,9 +23,6 @@ def create_flask_app_with_configs() -> DifyApp:
        # add an unique identifier to each request
        RecyclableContextVar.increment_thread_recycles()

-    # Capture the decorator's return value to avoid pyright reportUnusedFunction
-    _ = before_request
-
    return dify_app


@ -37,7 +32,7 @@ def create_app() -> DifyApp:
    initialize_extensions(app)
    end_time = time.perf_counter()
    if dify_config.DEBUG:
-        logger.info("Finished create_app (%s ms)", round((end_time - start_time) * 1000, 2))
+        logging.info("Finished create_app (%s ms)", round((end_time - start_time) * 1000, 2))
    return app


@ -98,14 +93,14 @@ def initialize_extensions(app: DifyApp):
        is_enabled = ext.is_enabled() if hasattr(ext, "is_enabled") else True
        if not is_enabled:
            if dify_config.DEBUG:
-                logger.info("Skipped %s", short_name)
+                logging.info("Skipped %s", short_name)
            continue

        start_time = time.perf_counter()
        ext.init_app(app)
        end_time = time.perf_counter()
        if dify_config.DEBUG:
-            logger.info("Loaded %s (%s ms)", short_name, round((end_time - start_time) * 1000, 2))
+            logging.info("Loaded %s (%s ms)", short_name, round((end_time - start_time) * 1000, 2))


 def create_migrations_app():
--- a/api/child_class.py
+++ b/api/child_class.py
@ -0,0 +1,11 @@
+from tests.integration_tests.utils.parent_class import ParentClass
+
+
+class ChildClass(ParentClass):
+    """Test child class for module import helper tests"""
+
+    def __init__(self, name):
+        super().__init__(name)
+
+    def get_name(self):
+        return f"Child: {self.name}"
--- a/api/commands.py
+++ b/api/commands.py
@ -38,8 +38,6 @@ from services.plugin.data_migration import PluginDataMigration
 from services.plugin.plugin_migration import PluginMigration
 from tasks.remove_app_and_related_data_task import delete_draft_variables_batch

-logger = logging.getLogger(__name__)
-

@click.command("reset-password", help="Reset the account password.")
@click.option("--email", prompt=True, help="Account email to reset password for")
@ -212,9 +210,7 @@ def migrate_annotation_vector_database():
                if not dataset_collection_binding:
                    click.echo(f"App annotation collection binding not found: {app.id}")
                    continue
-                annotations = db.session.scalars(
-                    select(MessageAnnotation).where(MessageAnnotation.app_id == app.id)
-                ).all()
+                annotations = db.session.query(MessageAnnotation).where(MessageAnnotation.app_id == app.id).all()
                dataset = Dataset(
                    id=app.id,
                    tenant_id=app.tenant_id,
@ -369,25 +365,29 @@ def migrate_knowledge_vector_database():
                    )
                    raise e

-                dataset_documents = db.session.scalars(
-                    select(DatasetDocument).where(
+                dataset_documents = (
+                    db.session.query(DatasetDocument)
+                    .where(
                        DatasetDocument.dataset_id == dataset.id,
                        DatasetDocument.indexing_status == "completed",
                        DatasetDocument.enabled == True,
                        DatasetDocument.archived == False,
                    )
-                ).all()
+                    .all()
+                )

                documents = []
                segments_count = 0
                for dataset_document in dataset_documents:
-                    segments = db.session.scalars(
-                        select(DocumentSegment).where(
+                    segments = (
+                        db.session.query(DocumentSegment)
+                        .where(
                            DocumentSegment.document_id == dataset_document.id,
                            DocumentSegment.status == "completed",
                            DocumentSegment.enabled == True,
                        )
-                    ).all()
+                        .all()
+                    )

                    for segment in segments:
                        document = Document(
@ -477,12 +477,12 @@ def convert_to_agent_apps():
            click.echo(f"Converting app: {app.id}")

            try:
-                app.mode = AppMode.AGENT_CHAT
+                app.mode = AppMode.AGENT_CHAT.value
                db.session.commit()

                # update conversation mode to agent
                db.session.query(Conversation).where(Conversation.app_id == app.id).update(
-                    {Conversation.mode: AppMode.AGENT_CHAT}
+                    {Conversation.mode: AppMode.AGENT_CHAT.value}
                )

                db.session.commit()
@ -509,7 +509,7 @@ def add_qdrant_index(field: str):
        from qdrant_client.http.exceptions import UnexpectedResponse
        from qdrant_client.http.models import PayloadSchemaType

-        from core.rag.datasource.vdb.qdrant.qdrant_vector import PathQdrantParams, QdrantConfig
+        from core.rag.datasource.vdb.qdrant.qdrant_vector import QdrantConfig

        for binding in bindings:
            if dify_config.QDRANT_URL is None:
@ -523,21 +523,7 @@ def add_qdrant_index(field: str):
                prefer_grpc=dify_config.QDRANT_GRPC_ENABLED,
            )
            try:
-                params = qdrant_config.to_qdrant_params()
-                # Check the type before using
-                if isinstance(params, PathQdrantParams):
-                    # PathQdrantParams case
-                    client = qdrant_client.QdrantClient(path=params.path)
-                else:
-                    # UrlQdrantParams case - params is UrlQdrantParams
-                    client = qdrant_client.QdrantClient(
-                        url=params.url,
-                        api_key=params.api_key,
-                        timeout=int(params.timeout),
-                        verify=params.verify,
-                        grpc_port=params.grpc_port,
-                        prefer_grpc=params.prefer_grpc,
-                    )
+                client = qdrant_client.QdrantClient(**qdrant_config.to_qdrant_params())
                # create payload index
                client.create_payload_index(binding.collection_name, field, field_schema=PayloadSchemaType.KEYWORD)
                create_count += 1
@ -583,7 +569,7 @@ def old_metadata_migration():
        for document in documents:
            if document.doc_metadata:
                doc_metadata = document.doc_metadata
-                for key in doc_metadata:
+                for key, value in doc_metadata.items():
                    for field in BuiltInField:
                        if field.value == key:
                            break
@ -699,7 +685,7 @@ def upgrade_db():
            click.echo(click.style("Database migration successful!", fg="green"))

        except Exception:
-            logger.exception("Failed to execute database migration")
+            logging.exception("Failed to execute database migration")
        finally:
            lock.release()
    else:
@ -747,7 +733,7 @@ where sites.id is null limit 1000"""
                except Exception:
                    failed_app_ids.append(app_id)
                    click.echo(click.style(f"Failed to fix missing site for app {app_id}", fg="red"))
-                    logger.exception("Failed to fix app related site missing issue, app_id: %s", app_id)
+                    logging.exception("Failed to fix app related site missing issue, app_id: %s", app_id)
                    continue

            if not processed_count:
--- a/api/configs/feature/init.py
+++ b/api/configs/feature/init.py
@ -1,4 +1,4 @@
-from typing import Literal, Optional
+from typing import Annotated, Literal, Optional

 from pydantic import (
    AliasChoices,
@ -31,12 +31,6 @@ class SecurityConfig(BaseSettings):
        description="Duration in minutes for which a password reset token remains valid",
        default=5,
    )
-
-    EMAIL_REGISTER_TOKEN_EXPIRY_MINUTES: PositiveInt = Field(
-        description="Duration in minutes for which a email register token remains valid",
-        default=5,
-    )
-
    CHANGE_EMAIL_TOKEN_EXPIRY_MINUTES: PositiveInt = Field(
        description="Duration in minutes for which a change email token remains valid",
        default=5,
@ -645,11 +639,6 @@ class AuthConfig(BaseSettings):
        default=86400,
    )

-    EMAIL_REGISTER_LOCKOUT_DURATION: PositiveInt = Field(
-        description="Time (in seconds) a user must wait before retrying email register after exceeding the rate limit.",
-        default=86400,
-    )
-

 class ModerationConfig(BaseSettings):
    """
@ -807,11 +796,6 @@ class DataSetConfig(BaseSettings):
        default=30,
    )

-    DSL_EXPORT_ENCRYPT_DATASET_ID: bool = Field(
-        description="Enable or disable dataset ID encryption when exporting DSL files",
-        default=True,
-    )
-

 class WorkspaceConfig(BaseSettings):
    """
@ -992,18 +976,6 @@ class WorkflowLogConfig(BaseSettings):
    )


-class SwaggerUIConfig(BaseSettings):
-    SWAGGER_UI_ENABLED: bool = Field(
-        description="Whether to enable Swagger UI in api module",
-        default=True,
-    )
-
-    SWAGGER_UI_PATH: str = Field(
-        description="Swagger UI page path in api module",
-        default="/swagger-ui.html",
-    )
-
-
 class FeatureConfig(
    # place the configs in alphabet order
    AppExecutionConfig,
@ -1035,7 +1007,6 @@ class FeatureConfig(
    WorkspaceConfig,
    LoginConfig,
    AccountConfig,
-    SwaggerUIConfig,
    # hosted services config
    HostedServiceConfig,
    CeleryBeatConfig,
--- a/api/configs/middleware/init.py
+++ b/api/configs/middleware/init.py
@ -215,7 +215,6 @@ class DatabaseConfig(BaseSettings):
            "pool_pre_ping": self.SQLALCHEMY_POOL_PRE_PING,
            "connect_args": connect_args,
            "pool_use_lifo": self.SQLALCHEMY_POOL_USE_LIFO,
-            "pool_reset_on_return": None,
        }


@ -300,7 +299,8 @@ class DatasetQueueMonitorConfig(BaseSettings):

 class MiddlewareConfig(
    # place the configs in alphabet order
-    CeleryConfig,  # Note: CeleryConfig already inherits from DatabaseConfig
+    CeleryConfig,
+    DatabaseConfig,
    KeywordStoreConfig,
    RedisConfig,
    # configs of storage and storage providers
--- a/api/configs/middleware/vdb/clickzetta_config.py
+++ b/api/configs/middleware/vdb/clickzetta_config.py
@ -1,10 +1,9 @@
 from typing import Optional

-from pydantic import Field
-from pydantic_settings import BaseSettings
+from pydantic import BaseModel, Field


-class ClickzettaConfig(BaseSettings):
+class ClickzettaConfig(BaseModel):
    """
    Clickzetta Lakehouse vector database configuration
    """
--- a/api/configs/middleware/vdb/matrixone_config.py
+++ b/api/configs/middleware/vdb/matrixone_config.py
@ -1,8 +1,7 @@
-from pydantic import Field
-from pydantic_settings import BaseSettings
+from pydantic import BaseModel, Field


-class MatrixoneConfig(BaseSettings):
+class MatrixoneConfig(BaseModel):
    """Matrixone vector database configuration."""

    MATRIXONE_HOST: str = Field(default="localhost", description="Host address of the Matrixone server")
--- a/api/configs/middleware/vdb/opensearch_config.py
+++ b/api/configs/middleware/vdb/opensearch_config.py
@ -1,4 +1,4 @@
-from enum import Enum
+import enum
 from typing import Literal, Optional

 from pydantic import Field, PositiveInt
@ -10,7 +10,7 @@ class OpenSearchConfig(BaseSettings):
    Configuration settings for OpenSearch
    """

-    class AuthMethod(Enum):
+    class AuthMethod(enum.StrEnum):
        """
        Authentication method for OpenSearch
        """
--- a/api/configs/packaging/init.py
+++ b/api/configs/packaging/init.py
@ -1,6 +1,6 @@
 from pydantic import Field

-from configs.packaging.pyproject import PyProjectTomlConfig
+from configs.packaging.pyproject import PyProjectConfig, PyProjectTomlConfig


 class PackagingInfo(PyProjectTomlConfig):
--- a/api/configs/remote_settings_sources/apollo/client.py
+++ b/api/configs/remote_settings_sources/apollo/client.py
@ -4,9 +4,8 @@ import logging
 import os
 import threading
 import time
-from collections.abc import Callable, Mapping
+from collections.abc import Mapping
 from pathlib import Path
-from typing import Any

 from .python_3x import http_request, makedirs_wrapper
 from .utils import (
@ -26,13 +25,13 @@ logger = logging.getLogger(__name__)
 class ApolloClient:
    def __init__(
        self,
-        config_url: str,
-        app_id: str,
-        cluster: str = "default",
-        secret: str = "",
-        start_hot_update: bool = True,
-        change_listener: Callable[[str, str, str, Any], None] | None = None,
-        _notification_map: dict[str, int] | None = None,
+        config_url,
+        app_id,
+        cluster="default",
+        secret="",
+        start_hot_update=True,
+        change_listener=None,
+        _notification_map=None,
    ):
        # Core routing parameters
        self.config_url = config_url
@ -48,17 +47,17 @@ class ApolloClient:
        # Private control variables
        self._cycle_time = 5
        self._stopping = False
-        self._cache: dict[str, dict[str, Any]] = {}
-        self._no_key: dict[str, str] = {}
-        self._hash: dict[str, str] = {}
+        self._cache = {}
+        self._no_key = {}
+        self._hash = {}
        self._pull_timeout = 75
        self._cache_file_path = os.path.expanduser("~") + "/.dify/config/remote-settings/apollo/cache/"
-        self._long_poll_thread: threading.Thread | None = None
+        self._long_poll_thread = None
        self._change_listener = change_listener  # "add" "delete" "update"
        if _notification_map is None:
            _notification_map = {"application": -1}
        self._notification_map = _notification_map
-        self.last_release_key: str | None = None
+        self.last_release_key = None
        # Private startup method
        self._path_checker()
        if start_hot_update:
@ -69,7 +68,7 @@ class ApolloClient:
        heartbeat.daemon = True
        heartbeat.start()

-    def get_json_from_net(self, namespace: str = "application") -> dict[str, Any] | None:
+    def get_json_from_net(self, namespace="application"):
        url = "{}/configs/{}/{}/{}?releaseKey={}&ip={}".format(
            self.config_url, self.app_id, self.cluster, namespace, "", self.ip
        )
@ -89,7 +88,7 @@ class ApolloClient:
            logger.exception("an error occurred in get_json_from_net")
            return None

-    def get_value(self, key: str, default_val: Any = None, namespace: str = "application") -> Any:
+    def get_value(self, key, default_val=None, namespace="application"):
        try:
            # read memory configuration
            namespace_cache = self._cache.get(namespace)
@ -105,8 +104,7 @@ class ApolloClient:
            namespace_data = self.get_json_from_net(namespace)
            val = get_value_from_dict(namespace_data, key)
            if val is not None:
-                if namespace_data is not None:
-                    self._update_cache_and_file(namespace_data, namespace)
+                self._update_cache_and_file(namespace_data, namespace)
                return val

            # read the file configuration
@ -128,23 +126,23 @@ class ApolloClient:
    # to ensure the real-time correctness of the function call.
    # If the user does not have the same default val twice
    # and the default val is used here, there may be a problem.
-    def _set_local_cache_none(self, namespace: str, key: str) -> None:
+    def _set_local_cache_none(self, namespace, key):
        no_key = no_key_cache_key(namespace, key)
        self._no_key[no_key] = key

-    def _start_hot_update(self) -> None:
+    def _start_hot_update(self):
        self._long_poll_thread = threading.Thread(target=self._listener)
        # When the asynchronous thread is started, the daemon thread will automatically exit
        # when the main thread is launched.
        self._long_poll_thread.daemon = True
        self._long_poll_thread.start()

-    def stop(self) -> None:
+    def stop(self):
        self._stopping = True
        logger.info("Stopping listener...")

    # Call the set callback function, and if it is abnormal, try it out
-    def _call_listener(self, namespace: str, old_kv: dict[str, Any] | None, new_kv: dict[str, Any] | None) -> None:
+    def _call_listener(self, namespace, old_kv, new_kv):
        if self._change_listener is None:
            return
        if old_kv is None:
@ -170,12 +168,12 @@ class ApolloClient:
        except BaseException as e:
            logger.warning(str(e))

-    def _path_checker(self) -> None:
+    def _path_checker(self):
        if not os.path.isdir(self._cache_file_path):
            makedirs_wrapper(self._cache_file_path)

    # update the local cache and file cache
-    def _update_cache_and_file(self, namespace_data: dict[str, Any], namespace: str = "application") -> None:
+    def _update_cache_and_file(self, namespace_data, namespace="application"):
        # update the local cache
        self._cache[namespace] = namespace_data
        # update the file cache
@ -189,7 +187,7 @@ class ApolloClient:
            self._hash[namespace] = new_hash

    # get the configuration from the local file
-    def _get_local_cache(self, namespace: str = "application") -> dict[str, Any]:
+    def _get_local_cache(self, namespace="application"):
        cache_file_path = os.path.join(self._cache_file_path, f"{self.app_id}_configuration_{namespace}.txt")
        if os.path.isfile(cache_file_path):
            with open(cache_file_path) as f:
@ -197,8 +195,8 @@ class ApolloClient:
            return result
        return {}

-    def _long_poll(self) -> None:
-        notifications: list[dict[str, Any]] = []
+    def _long_poll(self):
+        notifications = []
        for key in self._cache:
            namespace_data = self._cache[key]
            notification_id = -1
@ -238,7 +236,7 @@ class ApolloClient:
        except Exception as e:
            logger.warning(str(e))

-    def _get_net_and_set_local(self, namespace: str, n_id: int, call_change: bool = False) -> None:
+    def _get_net_and_set_local(self, namespace, n_id, call_change=False):
        namespace_data = self.get_json_from_net(namespace)
        if not namespace_data:
            return
@ -250,7 +248,7 @@ class ApolloClient:
            new_kv = namespace_data.get(CONFIGURATIONS)
            self._call_listener(namespace, old_kv, new_kv)

-    def _listener(self) -> None:
+    def _listener(self):
        logger.info("start long_poll")
        while not self._stopping:
            self._long_poll()
@ -268,13 +266,13 @@ class ApolloClient:
        headers["Timestamp"] = time_unix_now
        return headers

-    def _heart_beat(self) -> None:
+    def _heart_beat(self):
        while not self._stopping:
            for namespace in self._notification_map:
                self._do_heart_beat(namespace)
            time.sleep(60 * 10)  # 10 minutes

-    def _do_heart_beat(self, namespace: str) -> None:
+    def _do_heart_beat(self, namespace):
        url = f"{self.config_url}/configs/{self.app_id}/{self.cluster}/{namespace}?ip={self.ip}"
        try:
            code, body = http_request(url, timeout=3, headers=self._sign_headers(url))
@ -294,7 +292,7 @@ class ApolloClient:
            logger.exception("an error occurred in _do_heart_beat")
            return None

-    def get_all_dicts(self, namespace: str) -> dict[str, Any] | None:
+    def get_all_dicts(self, namespace):
        namespace_data = self._cache.get(namespace)
        if namespace_data is None:
            net_namespace_data = self.get_json_from_net(namespace)
--- a/api/configs/remote_settings_sources/apollo/python_3x.py
+++ b/api/configs/remote_settings_sources/apollo/python_3x.py
@ -2,8 +2,6 @@ import logging
 import os
 import ssl
 import urllib.request
-from collections.abc import Mapping
-from typing import Any
 from urllib import parse
 from urllib.error import HTTPError

@ -21,9 +19,9 @@ urllib.request.install_opener(opener)
 logger = logging.getLogger(__name__)


-def http_request(url: str, timeout: int | float, headers: Mapping[str, str] = {}) -> tuple[int, str | None]:
+def http_request(url, timeout, headers={}):
    try:
-        request = urllib.request.Request(url, headers=dict(headers))
+        request = urllib.request.Request(url, headers=headers)
        res = urllib.request.urlopen(request, timeout=timeout)
        body = res.read().decode("utf-8")
        return res.code, body
@ -35,9 +33,9 @@ def http_request(url: str, timeout: int | float, headers: Mapping[str, str] = {}
        raise e


-def url_encode(params: dict[str, Any]) -> str:
+def url_encode(params):
    return parse.urlencode(params)


-def makedirs_wrapper(path: str) -> None:
+def makedirs_wrapper(path):
    os.makedirs(path, exist_ok=True)
--- a/api/configs/remote_settings_sources/apollo/utils.py
+++ b/api/configs/remote_settings_sources/apollo/utils.py
@ -1,6 +1,5 @@
 import hashlib
 import socket
-from typing import Any

 from .python_3x import url_encode

@ -11,7 +10,7 @@ NAMESPACE_NAME = "namespaceName"


 # add timestamps uris and keys
-def signature(timestamp: str, uri: str, secret: str) -> str:
+def signature(timestamp, uri, secret):
    import base64
    import hmac

@ -20,16 +19,16 @@ def signature(timestamp: str, uri: str, secret: str) -> str:
    return base64.b64encode(hmac_code).decode()


-def url_encode_wrapper(params: dict[str, Any]) -> str:
+def url_encode_wrapper(params):
    return url_encode(params)


-def no_key_cache_key(namespace: str, key: str) -> str:
+def no_key_cache_key(namespace, key):
    return f"{namespace}{len(namespace)}{key}"


 # Returns whether the obtained value is obtained, and None if it does not
-def get_value_from_dict(namespace_cache: dict[str, Any] | None, key: str) -> Any | None:
+def get_value_from_dict(namespace_cache, key):
    if namespace_cache:
        kv_data = namespace_cache.get(CONFIGURATIONS)
        if kv_data is None:
@ -39,7 +38,7 @@ def get_value_from_dict(namespace_cache: dict[str, Any] | None, key: str) -> Any
    return None


-def init_ip() -> str:
+def init_ip():
    ip = ""
    s = None
    try:
--- a/api/configs/remote_settings_sources/base.py
+++ b/api/configs/remote_settings_sources/base.py
@ -11,5 +11,5 @@ class RemoteSettingsSource:
    def get_field_value(self, field: FieldInfo, field_name: str) -> tuple[Any, str, bool]:
        raise NotImplementedError

-    def prepare_field_value(self, field_name: str, field: FieldInfo, value: Any, value_is_complex: bool):
+    def prepare_field_value(self, field_name: str, field: FieldInfo, value: Any, value_is_complex: bool) -> Any:
        return value
--- a/api/configs/remote_settings_sources/nacos/init.py
+++ b/api/configs/remote_settings_sources/nacos/init.py
@ -11,16 +11,16 @@ logger = logging.getLogger(__name__)

 from configs.remote_settings_sources.base import RemoteSettingsSource

-from .utils import parse_config
+from .utils import _parse_config


 class NacosSettingsSource(RemoteSettingsSource):
    def __init__(self, configs: Mapping[str, Any]):
        self.configs = configs
-        self.remote_configs: dict[str, str] = {}
+        self.remote_configs: dict[str, Any] = {}
        self.async_init()

-    def async_init(self) -> None:
+    def async_init(self):
        data_id = os.getenv("DIFY_ENV_NACOS_DATA_ID", "dify-api-env.properties")
        group = os.getenv("DIFY_ENV_NACOS_GROUP", "nacos-dify")
        tenant = os.getenv("DIFY_ENV_NACOS_NAMESPACE", "")
@ -29,19 +29,22 @@ class NacosSettingsSource(RemoteSettingsSource):
        try:
            content = NacosHttpClient().http_request("/nacos/v1/cs/configs", method="GET", headers={}, params=params)
            self.remote_configs = self._parse_config(content)
-        except Exception:
+        except Exception as e:
            logger.exception("[get-access-token] exception occurred")
            raise

-    def _parse_config(self, content: str) -> dict[str, str]:
+    def _parse_config(self, content: str) -> dict:
        if not content:
            return {}
        try:
-            return parse_config(content)
+            return _parse_config(self, content)
        except Exception as e:
            raise RuntimeError(f"Failed to parse config: {e}")

    def get_field_value(self, field: FieldInfo, field_name: str) -> tuple[Any, str, bool]:
+        if not isinstance(self.remote_configs, dict):
+            raise ValueError(f"remote configs is not dict, but {type(self.remote_configs)}")
+
        field_value = self.remote_configs.get(field_name)
        if field_value is None:
            return None, field_name, False
--- a/api/configs/remote_settings_sources/nacos/http_request.py
+++ b/api/configs/remote_settings_sources/nacos/http_request.py
@ -17,26 +17,20 @@ class NacosHttpClient:
        self.ak = os.getenv("DIFY_ENV_NACOS_ACCESS_KEY")
        self.sk = os.getenv("DIFY_ENV_NACOS_SECRET_KEY")
        self.server = os.getenv("DIFY_ENV_NACOS_SERVER_ADDR", "localhost:8848")
-        self.token: str | None = None
+        self.token = None
        self.token_ttl = 18000
        self.token_expire_time: float = 0

-    def http_request(
-        self, url: str, method: str = "GET", headers: dict[str, str] | None = None, params: dict[str, str] | None = None
-    ) -> str:
-        if headers is None:
-            headers = {}
-        if params is None:
-            params = {}
+    def http_request(self, url, method="GET", headers=None, params=None):
        try:
            self._inject_auth_info(headers, params)
            response = requests.request(method, url="http://" + self.server + url, headers=headers, params=params)
            response.raise_for_status()
            return response.text
-        except requests.RequestException as e:
+        except requests.exceptions.RequestException as e:
            return f"Request to Nacos failed: {e}"

-    def _inject_auth_info(self, headers: dict[str, str], params: dict[str, str], module: str = "config") -> None:
+    def _inject_auth_info(self, headers, params, module="config"):
        headers.update({"User-Agent": "Nacos-Http-Client-In-Dify:v0.0.1"})

        if module == "login":
@ -51,17 +45,16 @@ class NacosHttpClient:
            headers["timeStamp"] = ts
        if self.username and self.password:
            self.get_access_token(force_refresh=False)
-            if self.token is not None:
-                params["accessToken"] = self.token
+            params["accessToken"] = self.token

-    def __do_sign(self, sign_str: str, sk: str) -> str:
+    def __do_sign(self, sign_str, sk):
        return (
            base64.encodebytes(hmac.new(sk.encode(), sign_str.encode(), digestmod=hashlib.sha1).digest())
            .decode()
            .strip()
        )

-    def get_sign_str(self, group: str, tenant: str, ts: str) -> str:
+    def get_sign_str(self, group, tenant, ts):
        sign_str = ""
        if tenant:
            sign_str = tenant + "+"
@ -70,7 +63,7 @@ class NacosHttpClient:
        sign_str += ts  # Directly concatenate ts without conditional checks, because the nacos auth header forced it.
        return sign_str

-    def get_access_token(self, force_refresh: bool = False) -> str | None:
+    def get_access_token(self, force_refresh=False):
        current_time = time.time()
        if self.token and not force_refresh and self.token_expire_time > current_time:
            return self.token
@ -84,7 +77,6 @@ class NacosHttpClient:
            self.token = response_data.get("accessToken")
            self.token_ttl = response_data.get("tokenTtl", 18000)
            self.token_expire_time = current_time + self.token_ttl - 10
-            return self.token
-        except Exception:
+        except Exception as e:
            logger.exception("[get-access-token] exception occur")
            raise
--- a/api/configs/remote_settings_sources/nacos/utils.py
+++ b/api/configs/remote_settings_sources/nacos/utils.py
@ -1,4 +1,4 @@
-def parse_config(content: str) -> dict[str, str]:
+def _parse_config(self, content: str) -> dict[str, str]:
    config: dict[str, str] = {}
    if not content:
        return config
--- a/api/constants/init.py
+++ b/api/constants/init.py
@ -16,14 +16,14 @@ AUDIO_EXTENSIONS = ["mp3", "m4a", "wav", "amr", "mpga"]
 AUDIO_EXTENSIONS.extend([ext.upper() for ext in AUDIO_EXTENSIONS])


-_doc_extensions: list[str]
 if dify_config.ETL_TYPE == "Unstructured":
-    _doc_extensions = ["txt", "markdown", "md", "mdx", "pdf", "html", "htm", "xlsx", "xls", "vtt", "properties"]
-    _doc_extensions.extend(("doc", "docx", "csv", "eml", "msg", "pptx", "xml", "epub"))
+    DOCUMENT_EXTENSIONS = ["txt", "markdown", "md", "mdx", "pdf", "html", "htm", "xlsx", "xls", "vtt", "properties"]
+    DOCUMENT_EXTENSIONS.extend(("doc", "docx", "csv", "eml", "msg", "pptx", "xml", "epub"))
    if dify_config.UNSTRUCTURED_API_URL:
-        _doc_extensions.append("ppt")
+        DOCUMENT_EXTENSIONS.append("ppt")
+    DOCUMENT_EXTENSIONS.extend([ext.upper() for ext in DOCUMENT_EXTENSIONS])
 else:
-    _doc_extensions = [
+    DOCUMENT_EXTENSIONS = [
        "txt",
        "markdown",
        "md",
@ -38,4 +38,4 @@ else:
        "vtt",
        "properties",
    ]
-DOCUMENT_EXTENSIONS = _doc_extensions + [ext.upper() for ext in _doc_extensions]
+    DOCUMENT_EXTENSIONS.extend([ext.upper() for ext in DOCUMENT_EXTENSIONS])
--- a/api/constants/languages.py
+++ b/api/constants/languages.py
@ -19,7 +19,6 @@ language_timezone_mapping = {
    "fa-IR": "Asia/Tehran",
    "sl-SI": "Europe/Ljubljana",
    "th-TH": "Asia/Bangkok",
-    "id-ID": "Asia/Jakarta",
 }

 languages = list(language_timezone_mapping.keys())
--- a/api/constants/model_template.py
+++ b/api/constants/model_template.py
@ -7,7 +7,7 @@ default_app_templates: Mapping[AppMode, Mapping] = {
    # workflow default mode
    AppMode.WORKFLOW: {
        "app": {
-            "mode": AppMode.WORKFLOW,
+            "mode": AppMode.WORKFLOW.value,
            "enable_site": True,
            "enable_api": True,
        }
@ -15,7 +15,7 @@ default_app_templates: Mapping[AppMode, Mapping] = {
    # completion default mode
    AppMode.COMPLETION: {
        "app": {
-            "mode": AppMode.COMPLETION,
+            "mode": AppMode.COMPLETION.value,
            "enable_site": True,
            "enable_api": True,
        },
@ -44,7 +44,7 @@ default_app_templates: Mapping[AppMode, Mapping] = {
    # chat default mode
    AppMode.CHAT: {
        "app": {
-            "mode": AppMode.CHAT,
+            "mode": AppMode.CHAT.value,
            "enable_site": True,
            "enable_api": True,
        },
@ -60,7 +60,7 @@ default_app_templates: Mapping[AppMode, Mapping] = {
    # advanced-chat default mode
    AppMode.ADVANCED_CHAT: {
        "app": {
-            "mode": AppMode.ADVANCED_CHAT,
+            "mode": AppMode.ADVANCED_CHAT.value,
            "enable_site": True,
            "enable_api": True,
        },
@ -68,7 +68,7 @@ default_app_templates: Mapping[AppMode, Mapping] = {
    # agent-chat default mode
    AppMode.AGENT_CHAT: {
        "app": {
-            "mode": AppMode.AGENT_CHAT,
+            "mode": AppMode.AGENT_CHAT.value,
            "enable_site": True,
            "enable_api": True,
        },
--- a/api/contexts/init.py
+++ b/api/contexts/init.py
@ -8,6 +8,7 @@ if TYPE_CHECKING:
    from core.model_runtime.entities.model_entities import AIModelEntity
    from core.plugin.entities.plugin_daemon import PluginModelProviderEntity
    from core.tools.plugin_tool.provider import PluginToolProviderController
+    from core.workflow.entities.variable_pool import VariablePool


 """
--- a/api/controllers/console/init.py
+++ b/api/controllers/console/init.py
@ -1,5 +1,4 @@
 from flask import Blueprint
-from flask_restx import Namespace

 from libs.external_api import ExternalApi

@ -27,16 +26,7 @@ from .files import FileApi, FilePreviewApi, FileSupportTypeApi
 from .remote_files import RemoteFileInfoApi, RemoteFileUploadApi

 bp = Blueprint("console", __name__, url_prefix="/console/api")
-
-api = ExternalApi(
-    bp,
-    version="1.0",
-    title="Console API",
-    description="Console management APIs for app configuration, monitoring, and administration",
-)
-
-# Create namespace
-console_ns = Namespace("console", description="Console management API operations", path="/")
+api = ExternalApi(bp)

 # File
 api.add_resource(FileApi, "/files/upload")
@ -53,16 +43,7 @@ api.add_resource(AppImportConfirmApi, "/apps/imports/<string:import_id>/confirm"
 api.add_resource(AppImportCheckDependenciesApi, "/apps/imports/<string:app_id>/check-dependencies")

 # Import other controllers
-from . import (
-    admin,
-    apikey,
-    extension,
-    feature,
-    init_validate,
-    ping,
-    setup,
-    version,
-)
+from . import admin, apikey, extension, feature, ping, setup, version

 # Import app controllers
 from .app import (
@ -89,16 +70,7 @@ from .app import (
 )

 # Import auth controllers
-from .auth import (
-    activate,
-    data_source_bearer_auth,
-    data_source_oauth,
-    email_register,
-    forgot_password,
-    login,
-    oauth,
-    oauth_server,
-)
+from .auth import activate, data_source_bearer_auth, data_source_oauth, forgot_password, login, oauth

 # Import billing controllers
 from .billing import billing, compliance
@ -112,6 +84,7 @@ from .datasets import (
    external,
    hit_testing,
    metadata,
+    upload_file,
    website,
 )

@ -123,23 +96,6 @@ from .explore import (
    saved_message,
 )

-# Import tag controllers
-from .tag import tags
-
-# Import workspace controllers
-from .workspace import (
-    account,
-    agent_providers,
-    endpoint,
-    load_balancing_config,
-    members,
-    model_providers,
-    models,
-    plugin,
-    tool_providers,
-    workspace,
-)
-
 # Explore Audio
 api.add_resource(ChatAudioApi, "/installed-apps/<uuid:installed_app_id>/audio-to-text", endpoint="installed_app_audio")
 api.add_resource(ChatTextApi, "/installed-apps/<uuid:installed_app_id>/text-to-audio", endpoint="installed_app_text")
@ -211,71 +167,19 @@ api.add_resource(
    InstalledAppWorkflowTaskStopApi, "/installed-apps/<uuid:installed_app_id>/workflows/tasks/<string:task_id>/stop"
 )

-api.add_namespace(console_ns)
+# Import tag controllers
+from .tag import tags

-__all__ = [
-    "account",
-    "activate",
-    "admin",
-    "advanced_prompt_template",
-    "agent",
-    "agent_providers",
-    "annotation",
-    "api",
-    "apikey",
-    "app",
-    "audio",
-    "billing",
-    "bp",
-    "completion",
-    "compliance",
-    "console_ns",
-    "conversation",
-    "conversation_variables",
-    "data_source",
-    "data_source_bearer_auth",
-    "data_source_oauth",
-    "datasets",
-    "datasets_document",
-    "datasets_segments",
-    "email_register",
-    "endpoint",
-    "extension",
-    "external",
-    "feature",
-    "forgot_password",
-    "generator",
-    "hit_testing",
-    "init_validate",
-    "installed_app",
-    "load_balancing_config",
-    "login",
-    "mcp_server",
-    "members",
-    "message",
-    "metadata",
-    "model_config",
-    "model_providers",
-    "models",
-    "oauth",
-    "oauth_server",
-    "ops_trace",
-    "parameter",
-    "ping",
-    "plugin",
-    "recommended_app",
-    "saved_message",
-    "setup",
-    "site",
-    "statistic",
-    "tags",
-    "tool_providers",
-    "version",
-    "website",
-    "workflow",
-    "workflow_app_log",
-    "workflow_draft_variable",
-    "workflow_run",
-    "workflow_statistic",
-    "workspace",
-]
+# Import workspace controllers
+from .workspace import (
+    account,
+    agent_providers,
+    endpoint,
+    load_balancing_config,
+    members,
+    model_providers,
+    models,
+    plugin,
+    tool_providers,
+    workspace,
+)
--- a/api/controllers/console/admin.py
+++ b/api/controllers/console/admin.py
@ -1,26 +1,22 @@
-from collections.abc import Callable
 from functools import wraps
-from typing import ParamSpec, TypeVar

 from flask import request
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse
 from sqlalchemy import select
 from sqlalchemy.orm import Session
 from werkzeug.exceptions import NotFound, Unauthorized

-P = ParamSpec("P")
-R = TypeVar("R")
 from configs import dify_config
 from constants.languages import supported_language
-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.wraps import only_edition_cloud
 from extensions.ext_database import db
 from models.model import App, InstalledApp, RecommendedApp


-def admin_required(view: Callable[P, R]):
+def admin_required(view):
    @wraps(view)
-    def decorated(*args: P.args, **kwargs: P.kwargs):
+    def decorated(*args, **kwargs):
        if not dify_config.ADMIN_API_KEY:
            raise Unauthorized("API key is invalid.")

@ -45,28 +41,7 @@ def admin_required(view: Callable[P, R]):
    return decorated


-@console_ns.route("/admin/insert-explore-apps")
 class InsertExploreAppListApi(Resource):
-    @api.doc("insert_explore_app")
-    @api.doc(description="Insert or update an app in the explore list")
-    @api.expect(
-        api.model(
-            "InsertExploreAppRequest",
-            {
-                "app_id": fields.String(required=True, description="Application ID"),
-                "desc": fields.String(description="App description"),
-                "copyright": fields.String(description="Copyright information"),
-                "privacy_policy": fields.String(description="Privacy policy"),
-                "custom_disclaimer": fields.String(description="Custom disclaimer"),
-                "language": fields.String(required=True, description="Language code"),
-                "category": fields.String(required=True, description="App category"),
-                "position": fields.Integer(required=True, description="Display position"),
-            },
-        )
-    )
-    @api.response(200, "App updated successfully")
-    @api.response(201, "App inserted successfully")
-    @api.response(404, "App not found")
    @only_edition_cloud
    @admin_required
    def post(self):
@ -136,12 +111,7 @@ class InsertExploreAppListApi(Resource):
                return {"result": "success"}, 200


-@console_ns.route("/admin/insert-explore-apps/<uuid:app_id>")
 class InsertExploreAppApi(Resource):
-    @api.doc("delete_explore_app")
-    @api.doc(description="Remove an app from the explore list")
-    @api.doc(params={"app_id": "Application ID to remove"})
-    @api.response(204, "App removed successfully")
    @only_edition_cloud
    @admin_required
    def delete(self, app_id):
@ -160,21 +130,21 @@ class InsertExploreAppApi(Resource):
            app.is_public = False

        with Session(db.engine) as session:
-            installed_apps = (
-                session.execute(
-                    select(InstalledApp).where(
-                        InstalledApp.app_id == recommended_app.app_id,
-                        InstalledApp.tenant_id != InstalledApp.app_owner_tenant_id,
-                    )
+            installed_apps = session.execute(
+                select(InstalledApp).where(
+                    InstalledApp.app_id == recommended_app.app_id,
+                    InstalledApp.tenant_id != InstalledApp.app_owner_tenant_id,
                )
-                .scalars()
-                .all()
-            )
+            ).all()

-            for installed_app in installed_apps:
-                session.delete(installed_app)
+        for installed_app in installed_apps:
+            db.session.delete(installed_app)

        db.session.delete(recommended_app)
        db.session.commit()

        return {"result": "success"}, 204
+
+
+api.add_resource(InsertExploreAppListApi, "/admin/insert-explore-apps")
+api.add_resource(InsertExploreAppApi, "/admin/insert-explore-apps/<uuid:app_id>")
--- a/api/controllers/console/apikey.py
+++ b/api/controllers/console/apikey.py
@ -1,9 +1,8 @@
-from typing import Optional
+from typing import Any, Optional

 import flask_restx
 from flask_login import current_user
 from flask_restx import Resource, fields, marshal_with
-from flask_restx._http import HTTPStatus
 from sqlalchemy import select
 from sqlalchemy.orm import Session
 from werkzeug.exceptions import Forbidden
@ -14,7 +13,7 @@ from libs.login import login_required
 from models.dataset import Dataset
 from models.model import ApiToken, App

-from . import api, console_ns
+from . import api
 from .wraps import account_initialization_required, setup_required

 api_key_fields = {
@ -41,7 +40,7 @@ def _get_resource(resource_id, tenant_id, resource_model):
            ).scalar_one_or_none()

    if resource is None:
-        flask_restx.abort(HTTPStatus.NOT_FOUND, message=f"{resource_model.__name__} not found.")
+        flask_restx.abort(404, message=f"{resource_model.__name__} not found.")

    return resource

@ -50,7 +49,7 @@ class BaseApiKeyListResource(Resource):
    method_decorators = [account_initialization_required, login_required, setup_required]

    resource_type: str | None = None
-    resource_model: Optional[type] = None
+    resource_model: Optional[Any] = None
    resource_id_field: str | None = None
    token_prefix: str | None = None
    max_keys = 10
@ -60,11 +59,11 @@ class BaseApiKeyListResource(Resource):
        assert self.resource_id_field is not None, "resource_id_field must be set"
        resource_id = str(resource_id)
        _get_resource(resource_id, current_user.current_tenant_id, self.resource_model)
-        keys = db.session.scalars(
-            select(ApiToken).where(
-                ApiToken.type == self.resource_type, getattr(ApiToken, self.resource_id_field) == resource_id
-            )
-        ).all()
+        keys = (
+            db.session.query(ApiToken)
+            .where(ApiToken.type == self.resource_type, getattr(ApiToken, self.resource_id_field) == resource_id)
+            .all()
+        )
        return {"items": keys}

    @marshal_with(api_key_fields)
@ -83,12 +82,12 @@ class BaseApiKeyListResource(Resource):

        if current_key_count >= self.max_keys:
            flask_restx.abort(
-                HTTPStatus.BAD_REQUEST,
+                400,
                message=f"Cannot create more than {self.max_keys} API keys for this resource type.",
-                custom="max_keys_exceeded",
+                code="max_keys_exceeded",
            )

-        key = ApiToken.generate_api_key(self.token_prefix or "", 24)
+        key = ApiToken.generate_api_key(self.token_prefix, 24)
        api_token = ApiToken()
        setattr(api_token, self.resource_id_field, resource_id)
        api_token.tenant_id = current_user.current_tenant_id
@ -103,7 +102,7 @@ class BaseApiKeyResource(Resource):
    method_decorators = [account_initialization_required, login_required, setup_required]

    resource_type: str | None = None
-    resource_model: Optional[type] = None
+    resource_model: Optional[Any] = None
    resource_id_field: str | None = None

    def delete(self, resource_id, api_key_id):
@ -127,7 +126,7 @@ class BaseApiKeyResource(Resource):
        )

        if key is None:
-            flask_restx.abort(HTTPStatus.NOT_FOUND, message="API key not found")
+            flask_restx.abort(404, message="API key not found")

        db.session.query(ApiToken).where(ApiToken.id == api_key_id).delete()
        db.session.commit()
@ -135,25 +134,7 @@ class BaseApiKeyResource(Resource):
        return {"result": "success"}, 204


-@console_ns.route("/apps/<uuid:resource_id>/api-keys")
 class AppApiKeyListResource(BaseApiKeyListResource):
-    @api.doc("get_app_api_keys")
-    @api.doc(description="Get all API keys for an app")
-    @api.doc(params={"resource_id": "App ID"})
-    @api.response(200, "Success", api_key_list)
-    def get(self, resource_id):
-        """Get all API keys for an app"""
-        return super().get(resource_id)
-
-    @api.doc("create_app_api_key")
-    @api.doc(description="Create a new API key for an app")
-    @api.doc(params={"resource_id": "App ID"})
-    @api.response(201, "API key created successfully", api_key_fields)
-    @api.response(400, "Maximum keys exceeded")
-    def post(self, resource_id):
-        """Create a new API key for an app"""
-        return super().post(resource_id)
-
    def after_request(self, resp):
        resp.headers["Access-Control-Allow-Origin"] = "*"
        resp.headers["Access-Control-Allow-Credentials"] = "true"
@ -165,16 +146,7 @@ class AppApiKeyListResource(BaseApiKeyListResource):
    token_prefix = "app-"


-@console_ns.route("/apps/<uuid:resource_id>/api-keys/<uuid:api_key_id>")
 class AppApiKeyResource(BaseApiKeyResource):
-    @api.doc("delete_app_api_key")
-    @api.doc(description="Delete an API key for an app")
-    @api.doc(params={"resource_id": "App ID", "api_key_id": "API key ID"})
-    @api.response(204, "API key deleted successfully")
-    def delete(self, resource_id, api_key_id):
-        """Delete an API key for an app"""
-        return super().delete(resource_id, api_key_id)
-
    def after_request(self, resp):
        resp.headers["Access-Control-Allow-Origin"] = "*"
        resp.headers["Access-Control-Allow-Credentials"] = "true"
@ -185,25 +157,7 @@ class AppApiKeyResource(BaseApiKeyResource):
    resource_id_field = "app_id"


-@console_ns.route("/datasets/<uuid:resource_id>/api-keys")
 class DatasetApiKeyListResource(BaseApiKeyListResource):
-    @api.doc("get_dataset_api_keys")
-    @api.doc(description="Get all API keys for a dataset")
-    @api.doc(params={"resource_id": "Dataset ID"})
-    @api.response(200, "Success", api_key_list)
-    def get(self, resource_id):
-        """Get all API keys for a dataset"""
-        return super().get(resource_id)
-
-    @api.doc("create_dataset_api_key")
-    @api.doc(description="Create a new API key for a dataset")
-    @api.doc(params={"resource_id": "Dataset ID"})
-    @api.response(201, "API key created successfully", api_key_fields)
-    @api.response(400, "Maximum keys exceeded")
-    def post(self, resource_id):
-        """Create a new API key for a dataset"""
-        return super().post(resource_id)
-
    def after_request(self, resp):
        resp.headers["Access-Control-Allow-Origin"] = "*"
        resp.headers["Access-Control-Allow-Credentials"] = "true"
@ -215,16 +169,7 @@ class DatasetApiKeyListResource(BaseApiKeyListResource):
    token_prefix = "ds-"


-@console_ns.route("/datasets/<uuid:resource_id>/api-keys/<uuid:api_key_id>")
 class DatasetApiKeyResource(BaseApiKeyResource):
-    @api.doc("delete_dataset_api_key")
-    @api.doc(description="Delete an API key for a dataset")
-    @api.doc(params={"resource_id": "Dataset ID", "api_key_id": "API key ID"})
-    @api.response(204, "API key deleted successfully")
-    def delete(self, resource_id, api_key_id):
-        """Delete an API key for a dataset"""
-        return super().delete(resource_id, api_key_id)
-
    def after_request(self, resp):
        resp.headers["Access-Control-Allow-Origin"] = "*"
        resp.headers["Access-Control-Allow-Credentials"] = "true"
@ -233,3 +178,9 @@ class DatasetApiKeyResource(BaseApiKeyResource):
    resource_type = "dataset"
    resource_model = Dataset
    resource_id_field = "dataset_id"
+
+
+api.add_resource(AppApiKeyListResource, "/apps/<uuid:resource_id>/api-keys")
+api.add_resource(AppApiKeyResource, "/apps/<uuid:resource_id>/api-keys/<uuid:api_key_id>")
+api.add_resource(DatasetApiKeyListResource, "/datasets/<uuid:resource_id>/api-keys")
+api.add_resource(DatasetApiKeyResource, "/datasets/<uuid:resource_id>/api-keys/<uuid:api_key_id>")
--- a/api/controllers/console/app/advanced_prompt_template.py
+++ b/api/controllers/console/app/advanced_prompt_template.py
@ -1,26 +1,12 @@
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.wraps import account_initialization_required, setup_required
 from libs.login import login_required
 from services.advanced_prompt_template_service import AdvancedPromptTemplateService


-@console_ns.route("/app/prompt-templates")
 class AdvancedPromptTemplateList(Resource):
-    @api.doc("get_advanced_prompt_templates")
-    @api.doc(description="Get advanced prompt templates based on app mode and model configuration")
-    @api.expect(
-        api.parser()
-        .add_argument("app_mode", type=str, required=True, location="args", help="Application mode")
-        .add_argument("model_mode", type=str, required=True, location="args", help="Model mode")
-        .add_argument("has_context", type=str, default="true", location="args", help="Whether has context")
-        .add_argument("model_name", type=str, required=True, location="args", help="Model name")
-    )
-    @api.response(
-        200, "Prompt templates retrieved successfully", fields.List(fields.Raw(description="Prompt template data"))
-    )
-    @api.response(400, "Invalid request parameters")
    @setup_required
    @login_required
    @account_initialization_required
@ -33,3 +19,6 @@ class AdvancedPromptTemplateList(Resource):
        args = parser.parse_args()

        return AdvancedPromptTemplateService.get_prompt(args)
+
+
+api.add_resource(AdvancedPromptTemplateList, "/app/prompt-templates")
--- a/api/controllers/console/app/agent.py
+++ b/api/controllers/console/app/agent.py
@ -1,6 +1,6 @@
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
 from libs.helper import uuid_value
@ -9,18 +9,7 @@ from models.model import AppMode
 from services.agent_service import AgentService


-@console_ns.route("/apps/<uuid:app_id>/agent/logs")
 class AgentLogApi(Resource):
-    @api.doc("get_agent_logs")
-    @api.doc(description="Get agent execution logs for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("message_id", type=str, required=True, location="args", help="Message UUID")
-        .add_argument("conversation_id", type=str, required=True, location="args", help="Conversation UUID")
-    )
-    @api.response(200, "Agent logs retrieved successfully", fields.List(fields.Raw(description="Agent log entries")))
-    @api.response(400, "Invalid request parameters")
    @setup_required
    @login_required
    @account_initialization_required
@ -34,3 +23,6 @@ class AgentLogApi(Resource):
        args = parser.parse_args()

        return AgentService.get_agent_logs(app_model, args["conversation_id"], args["message_id"])
+
+
+api.add_resource(AgentLogApi, "/apps/<uuid:app_id>/agent/logs")
--- a/api/controllers/console/app/annotation.py
+++ b/api/controllers/console/app/annotation.py
@ -2,11 +2,11 @@ from typing import Literal

 from flask import request
 from flask_login import current_user
-from flask_restx import Resource, fields, marshal, marshal_with, reqparse
+from flask_restx import Resource, marshal, marshal_with, reqparse
 from werkzeug.exceptions import Forbidden

 from controllers.common.errors import NoFileUploadedError, TooManyFilesError
-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.wraps import (
    account_initialization_required,
    cloud_edition_billing_resource_check,
@ -21,23 +21,7 @@ from libs.login import login_required
 from services.annotation_service import AppAnnotationService


-@console_ns.route("/apps/<uuid:app_id>/annotation-reply/<string:action>")
 class AnnotationReplyActionApi(Resource):
-    @api.doc("annotation_reply_action")
-    @api.doc(description="Enable or disable annotation reply for an app")
-    @api.doc(params={"app_id": "Application ID", "action": "Action to perform (enable/disable)"})
-    @api.expect(
-        api.model(
-            "AnnotationReplyActionRequest",
-            {
-                "score_threshold": fields.Float(required=True, description="Score threshold for annotation matching"),
-                "embedding_provider_name": fields.String(required=True, description="Embedding provider name"),
-                "embedding_model_name": fields.String(required=True, description="Embedding model name"),
-            },
-        )
-    )
-    @api.response(200, "Action completed successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -59,13 +43,7 @@ class AnnotationReplyActionApi(Resource):
        return result, 200


-@console_ns.route("/apps/<uuid:app_id>/annotation-setting")
 class AppAnnotationSettingDetailApi(Resource):
-    @api.doc("get_annotation_setting")
-    @api.doc(description="Get annotation settings for an app")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(200, "Annotation settings retrieved successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -78,23 +56,7 @@ class AppAnnotationSettingDetailApi(Resource):
        return result, 200


-@console_ns.route("/apps/<uuid:app_id>/annotation-settings/<uuid:annotation_setting_id>")
 class AppAnnotationSettingUpdateApi(Resource):
-    @api.doc("update_annotation_setting")
-    @api.doc(description="Update annotation settings for an app")
-    @api.doc(params={"app_id": "Application ID", "annotation_setting_id": "Annotation setting ID"})
-    @api.expect(
-        api.model(
-            "AnnotationSettingUpdateRequest",
-            {
-                "score_threshold": fields.Float(required=True, description="Score threshold"),
-                "embedding_provider_name": fields.String(required=True, description="Embedding provider"),
-                "embedding_model_name": fields.String(required=True, description="Embedding model"),
-            },
-        )
-    )
-    @api.response(200, "Settings updated successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -113,13 +75,7 @@ class AppAnnotationSettingUpdateApi(Resource):
        return result, 200


-@console_ns.route("/apps/<uuid:app_id>/annotation-reply/<string:action>/status/<uuid:job_id>")
 class AnnotationReplyActionStatusApi(Resource):
-    @api.doc("get_annotation_reply_action_status")
-    @api.doc(description="Get status of annotation reply action job")
-    @api.doc(params={"app_id": "Application ID", "job_id": "Job ID", "action": "Action type"})
-    @api.response(200, "Job status retrieved successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -143,19 +99,7 @@ class AnnotationReplyActionStatusApi(Resource):
        return {"job_id": job_id, "job_status": job_status, "error_msg": error_msg}, 200


-@console_ns.route("/apps/<uuid:app_id>/annotations")
 class AnnotationApi(Resource):
-    @api.doc("list_annotations")
-    @api.doc(description="Get annotations for an app with pagination")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("page", type=int, location="args", default=1, help="Page number")
-        .add_argument("limit", type=int, location="args", default=20, help="Page size")
-        .add_argument("keyword", type=str, location="args", default="", help="Search keyword")
-    )
-    @api.response(200, "Annotations retrieved successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -178,21 +122,6 @@ class AnnotationApi(Resource):
        }
        return response, 200

-    @api.doc("create_annotation")
-    @api.doc(description="Create a new annotation for an app")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "CreateAnnotationRequest",
-            {
-                "question": fields.String(required=True, description="Question text"),
-                "answer": fields.String(required=True, description="Answer text"),
-                "annotation_reply": fields.Raw(description="Annotation reply data"),
-            },
-        )
-    )
-    @api.response(201, "Annotation created successfully", annotation_fields)
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -239,13 +168,7 @@ class AnnotationApi(Resource):
            return {"result": "success"}, 204


-@console_ns.route("/apps/<uuid:app_id>/annotations/export")
 class AnnotationExportApi(Resource):
-    @api.doc("export_annotations")
-    @api.doc(description="Export all annotations for an app")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(200, "Annotations exported successfully", fields.List(fields.Nested(annotation_fields)))
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -259,14 +182,7 @@ class AnnotationExportApi(Resource):
        return response, 200


-@console_ns.route("/apps/<uuid:app_id>/annotations/<uuid:annotation_id>")
 class AnnotationUpdateDeleteApi(Resource):
-    @api.doc("update_delete_annotation")
-    @api.doc(description="Update or delete an annotation")
-    @api.doc(params={"app_id": "Application ID", "annotation_id": "Annotation ID"})
-    @api.response(200, "Annotation updated successfully", annotation_fields)
-    @api.response(204, "Annotation deleted successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -298,14 +214,7 @@ class AnnotationUpdateDeleteApi(Resource):
        return {"result": "success"}, 204


-@console_ns.route("/apps/<uuid:app_id>/annotations/batch-import")
 class AnnotationBatchImportApi(Resource):
-    @api.doc("batch_import_annotations")
-    @api.doc(description="Batch import annotations from CSV file")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(200, "Batch import started successfully")
-    @api.response(403, "Insufficient permissions")
-    @api.response(400, "No file uploaded or too many files")
    @setup_required
    @login_required
    @account_initialization_required
@ -330,13 +239,7 @@ class AnnotationBatchImportApi(Resource):
        return AppAnnotationService.batch_import_app_annotations(app_id, file)


-@console_ns.route("/apps/<uuid:app_id>/annotations/batch-import-status/<uuid:job_id>")
 class AnnotationBatchImportStatusApi(Resource):
-    @api.doc("get_batch_import_status")
-    @api.doc(description="Get status of batch import job")
-    @api.doc(params={"app_id": "Application ID", "job_id": "Job ID"})
-    @api.response(200, "Job status retrieved successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -359,20 +262,7 @@ class AnnotationBatchImportStatusApi(Resource):
        return {"job_id": job_id, "job_status": job_status, "error_msg": error_msg}, 200


-@console_ns.route("/apps/<uuid:app_id>/annotations/<uuid:annotation_id>/hit-histories")
 class AnnotationHitHistoryListApi(Resource):
-    @api.doc("list_annotation_hit_histories")
-    @api.doc(description="Get hit histories for an annotation")
-    @api.doc(params={"app_id": "Application ID", "annotation_id": "Annotation ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("page", type=int, location="args", default=1, help="Page number")
-        .add_argument("limit", type=int, location="args", default=20, help="Page size")
-    )
-    @api.response(
-        200, "Hit histories retrieved successfully", fields.List(fields.Nested(annotation_hit_history_fields))
-    )
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -395,3 +285,17 @@ class AnnotationHitHistoryListApi(Resource):
            "page": page,
        }
        return response
+
+
+api.add_resource(AnnotationReplyActionApi, "/apps/<uuid:app_id>/annotation-reply/<string:action>")
+api.add_resource(
+    AnnotationReplyActionStatusApi, "/apps/<uuid:app_id>/annotation-reply/<string:action>/status/<uuid:job_id>"
+)
+api.add_resource(AnnotationApi, "/apps/<uuid:app_id>/annotations")
+api.add_resource(AnnotationExportApi, "/apps/<uuid:app_id>/annotations/export")
+api.add_resource(AnnotationUpdateDeleteApi, "/apps/<uuid:app_id>/annotations/<uuid:annotation_id>")
+api.add_resource(AnnotationBatchImportApi, "/apps/<uuid:app_id>/annotations/batch-import")
+api.add_resource(AnnotationBatchImportStatusApi, "/apps/<uuid:app_id>/annotations/batch-import-status/<uuid:job_id>")
+api.add_resource(AnnotationHitHistoryListApi, "/apps/<uuid:app_id>/annotations/<uuid:annotation_id>/hit-histories")
+api.add_resource(AppAnnotationSettingDetailApi, "/apps/<uuid:app_id>/annotation-setting")
+api.add_resource(AppAnnotationSettingUpdateApi, "/apps/<uuid:app_id>/annotation-settings/<uuid:annotation_setting_id>")
--- a/api/controllers/console/app/app.py
+++ b/api/controllers/console/app/app.py
@ -2,12 +2,12 @@ import uuid
 from typing import cast

 from flask_login import current_user
-from flask_restx import Resource, fields, inputs, marshal, marshal_with, reqparse
+from flask_restx import Resource, inputs, marshal, marshal_with, reqparse
 from sqlalchemy import select
 from sqlalchemy.orm import Session
 from werkzeug.exceptions import BadRequest, Forbidden, abort

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import (
    account_initialization_required,
@ -34,27 +34,7 @@ def _validate_description_length(description):
    return description


-@console_ns.route("/apps")
 class AppListApi(Resource):
-    @api.doc("list_apps")
-    @api.doc(description="Get list of applications with pagination and filtering")
-    @api.expect(
-        api.parser()
-        .add_argument("page", type=int, location="args", help="Page number (1-99999)", default=1)
-        .add_argument("limit", type=int, location="args", help="Page size (1-100)", default=20)
-        .add_argument(
-            "mode",
-            type=str,
-            location="args",
-            choices=["completion", "chat", "advanced-chat", "workflow", "agent-chat", "channel", "all"],
-            default="all",
-            help="App mode filter",
-        )
-        .add_argument("name", type=str, location="args", help="Filter by app name")
-        .add_argument("tag_ids", type=str, location="args", help="Comma-separated tag IDs")
-        .add_argument("is_created_by_me", type=bool, location="args", help="Filter by creator")
-    )
-    @api.response(200, "Success", app_pagination_fields)
    @setup_required
    @login_required
    @account_initialization_required
@ -111,24 +91,6 @@ class AppListApi(Resource):

        return marshal(app_pagination, app_pagination_fields), 200

-    @api.doc("create_app")
-    @api.doc(description="Create a new application")
-    @api.expect(
-        api.model(
-            "CreateAppRequest",
-            {
-                "name": fields.String(required=True, description="App name"),
-                "description": fields.String(description="App description (max 400 chars)"),
-                "mode": fields.String(required=True, enum=ALLOW_CREATE_APP_MODES, description="App mode"),
-                "icon_type": fields.String(description="Icon type"),
-                "icon": fields.String(description="Icon"),
-                "icon_background": fields.String(description="Icon background color"),
-            },
-        )
-    )
-    @api.response(201, "App created successfully", app_detail_fields)
-    @api.response(403, "Insufficient permissions")
-    @api.response(400, "Invalid request parameters")
    @setup_required
    @login_required
    @account_initialization_required
@ -153,21 +115,12 @@ class AppListApi(Resource):
            raise BadRequest("mode is required")

        app_service = AppService()
-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
-        if current_user.current_tenant_id is None:
-            raise ValueError("current_user.current_tenant_id cannot be None")
        app = app_service.create_app(current_user.current_tenant_id, args, current_user)

        return app, 201


-@console_ns.route("/apps/<uuid:app_id>")
 class AppApi(Resource):
-    @api.doc("get_app_detail")
-    @api.doc(description="Get application details")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(200, "Success", app_detail_fields_with_site)
    @setup_required
    @login_required
    @account_initialization_required
@ -186,26 +139,6 @@ class AppApi(Resource):

        return app_model

-    @api.doc("update_app")
-    @api.doc(description="Update application details")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "UpdateAppRequest",
-            {
-                "name": fields.String(required=True, description="App name"),
-                "description": fields.String(description="App description (max 400 chars)"),
-                "icon_type": fields.String(description="Icon type"),
-                "icon": fields.String(description="Icon"),
-                "icon_background": fields.String(description="Icon background color"),
-                "use_icon_as_answer_icon": fields.Boolean(description="Use icon as answer icon"),
-                "max_active_requests": fields.Integer(description="Maximum active requests"),
-            },
-        )
-    )
-    @api.response(200, "App updated successfully", app_detail_fields_with_site)
-    @api.response(403, "Insufficient permissions")
-    @api.response(400, "Invalid request parameters")
    @setup_required
    @login_required
    @account_initialization_required
@ -228,31 +161,14 @@ class AppApi(Resource):
        args = parser.parse_args()

        app_service = AppService()
-        # Construct ArgsDict from parsed arguments
-        from services.app_service import AppService as AppServiceType
-
-        args_dict: AppServiceType.ArgsDict = {
-            "name": args["name"],
-            "description": args.get("description", ""),
-            "icon_type": args.get("icon_type", ""),
-            "icon": args.get("icon", ""),
-            "icon_background": args.get("icon_background", ""),
-            "use_icon_as_answer_icon": args.get("use_icon_as_answer_icon", False),
-            "max_active_requests": args.get("max_active_requests", 0),
-        }
-        app_model = app_service.update_app(app_model, args_dict)
+        app_model = app_service.update_app(app_model, args)

        return app_model

-    @api.doc("delete_app")
-    @api.doc(description="Delete application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(204, "App deleted successfully")
-    @api.response(403, "Insufficient permissions")
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def delete(self, app_model):
        """Delete app"""
        # The role of the current user in the ta table must be admin, owner, or editor
@ -265,25 +181,7 @@ class AppApi(Resource):
        return {"result": "success"}, 204


-@console_ns.route("/apps/<uuid:app_id>/copy")
 class AppCopyApi(Resource):
-    @api.doc("copy_app")
-    @api.doc(description="Create a copy of an existing application")
-    @api.doc(params={"app_id": "Application ID to copy"})
-    @api.expect(
-        api.model(
-            "CopyAppRequest",
-            {
-                "name": fields.String(description="Name for the copied app"),
-                "description": fields.String(description="Description for the copied app"),
-                "icon_type": fields.String(description="Icon type"),
-                "icon": fields.String(description="Icon"),
-                "icon_background": fields.String(description="Icon background color"),
-            },
-        )
-    )
-    @api.response(201, "App copied successfully", app_detail_fields_with_site)
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -325,26 +223,11 @@ class AppCopyApi(Resource):
        return app, 201


-@console_ns.route("/apps/<uuid:app_id>/export")
 class AppExportApi(Resource):
-    @api.doc("export_app")
-    @api.doc(description="Export application configuration as DSL")
-    @api.doc(params={"app_id": "Application ID to export"})
-    @api.expect(
-        api.parser()
-        .add_argument("include_secret", type=bool, location="args", default=False, help="Include secrets in export")
-        .add_argument("workflow_id", type=str, location="args", help="Specific workflow ID to export")
-    )
-    @api.response(
-        200,
-        "App exported successfully",
-        api.model("AppExportResponse", {"data": fields.String(description="DSL export data")}),
-    )
-    @api.response(403, "Insufficient permissions")
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        """Export app"""
        # The role of the current user in the ta table must be admin, owner, or editor
@ -354,23 +237,12 @@ class AppExportApi(Resource):
        # Add include_secret params
        parser = reqparse.RequestParser()
        parser.add_argument("include_secret", type=inputs.boolean, default=False, location="args")
-        parser.add_argument("workflow_id", type=str, location="args")
        args = parser.parse_args()

-        return {
-            "data": AppDslService.export_dsl(
-                app_model=app_model, include_secret=args["include_secret"], workflow_id=args.get("workflow_id")
-            )
-        }
+        return {"data": AppDslService.export_dsl(app_model=app_model, include_secret=args["include_secret"])}


-@console_ns.route("/apps/<uuid:app_id>/name")
 class AppNameApi(Resource):
-    @api.doc("check_app_name")
-    @api.doc(description="Check if app name is available")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(api.parser().add_argument("name", type=str, required=True, location="args", help="Name to check"))
-    @api.response(200, "Name availability checked")
    @setup_required
    @login_required
    @account_initialization_required
@ -386,28 +258,12 @@ class AppNameApi(Resource):
        args = parser.parse_args()

        app_service = AppService()
-        app_model = app_service.update_app_name(app_model, args["name"])
+        app_model = app_service.update_app_name(app_model, args.get("name"))

        return app_model


-@console_ns.route("/apps/<uuid:app_id>/icon")
 class AppIconApi(Resource):
-    @api.doc("update_app_icon")
-    @api.doc(description="Update application icon")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "AppIconRequest",
-            {
-                "icon": fields.String(required=True, description="Icon data"),
-                "icon_type": fields.String(description="Icon type"),
-                "icon_background": fields.String(description="Icon background color"),
-            },
-        )
-    )
-    @api.response(200, "Icon updated successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -424,23 +280,12 @@ class AppIconApi(Resource):
        args = parser.parse_args()

        app_service = AppService()
-        app_model = app_service.update_app_icon(app_model, args.get("icon") or "", args.get("icon_background") or "")
+        app_model = app_service.update_app_icon(app_model, args.get("icon"), args.get("icon_background"))

        return app_model


-@console_ns.route("/apps/<uuid:app_id>/site-enable")
 class AppSiteStatus(Resource):
-    @api.doc("update_app_site_status")
-    @api.doc(description="Enable or disable app site")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "AppSiteStatusRequest", {"enable_site": fields.Boolean(required=True, description="Enable or disable site")}
-        )
-    )
-    @api.response(200, "Site status updated successfully", app_detail_fields)
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -456,23 +301,12 @@ class AppSiteStatus(Resource):
        args = parser.parse_args()

        app_service = AppService()
-        app_model = app_service.update_app_site_status(app_model, args["enable_site"])
+        app_model = app_service.update_app_site_status(app_model, args.get("enable_site"))

        return app_model


-@console_ns.route("/apps/<uuid:app_id>/api-enable")
 class AppApiStatus(Resource):
-    @api.doc("update_app_api_status")
-    @api.doc(description="Enable or disable app API")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "AppApiStatusRequest", {"enable_api": fields.Boolean(required=True, description="Enable or disable API")}
-        )
-    )
-    @api.response(200, "API status updated successfully", app_detail_fields)
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -488,17 +322,12 @@ class AppApiStatus(Resource):
        args = parser.parse_args()

        app_service = AppService()
-        app_model = app_service.update_app_api_status(app_model, args["enable_api"])
+        app_model = app_service.update_app_api_status(app_model, args.get("enable_api"))

        return app_model


-@console_ns.route("/apps/<uuid:app_id>/trace")
 class AppTraceApi(Resource):
-    @api.doc("get_app_trace")
-    @api.doc(description="Get app tracing configuration")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(200, "Trace configuration retrieved successfully")
    @setup_required
    @login_required
    @account_initialization_required
@ -508,20 +337,6 @@ class AppTraceApi(Resource):

        return app_trace_config

-    @api.doc("update_app_trace")
-    @api.doc(description="Update app tracing configuration")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "AppTraceRequest",
-            {
-                "enabled": fields.Boolean(required=True, description="Enable or disable tracing"),
-                "tracing_provider": fields.String(required=True, description="Tracing provider"),
-            },
-        )
-    )
-    @api.response(200, "Trace configuration updated successfully")
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -541,3 +356,14 @@ class AppTraceApi(Resource):
        )

        return {"result": "success"}
+
+
+api.add_resource(AppListApi, "/apps")
+api.add_resource(AppApi, "/apps/<uuid:app_id>")
+api.add_resource(AppCopyApi, "/apps/<uuid:app_id>/copy")
+api.add_resource(AppExportApi, "/apps/<uuid:app_id>/export")
+api.add_resource(AppNameApi, "/apps/<uuid:app_id>/name")
+api.add_resource(AppIconApi, "/apps/<uuid:app_id>/icon")
+api.add_resource(AppSiteStatus, "/apps/<uuid:app_id>/site-enable")
+api.add_resource(AppApiStatus, "/apps/<uuid:app_id>/api-enable")
+api.add_resource(AppTraceApi, "/apps/<uuid:app_id>/trace")
--- a/api/controllers/console/app/audio.py
+++ b/api/controllers/console/app/audio.py
@ -1,11 +1,11 @@
 import logging

 from flask import request
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse
 from werkzeug.exceptions import InternalServerError

 import services
-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.error import (
    AppUnavailableError,
    AudioTooLargeError,
@ -31,21 +31,8 @@ from services.errors.audio import (
    UnsupportedAudioTypeServiceError,
 )

-logger = logging.getLogger(__name__)

-
-@console_ns.route("/apps/<uuid:app_id>/audio-to-text")
 class ChatMessageAudioApi(Resource):
-    @api.doc("chat_message_audio_transcript")
-    @api.doc(description="Transcript audio to text for chat messages")
-    @api.doc(params={"app_id": "App ID"})
-    @api.response(
-        200,
-        "Audio transcription successful",
-        api.model("AudioTranscriptResponse", {"text": fields.String(description="Transcribed text from audio")}),
-    )
-    @api.response(400, "Bad request - No audio uploaded or unsupported type")
-    @api.response(413, "Audio file too large")
    @setup_required
    @login_required
    @account_initialization_required
@ -62,7 +49,7 @@ class ChatMessageAudioApi(Resource):

            return response
        except services.errors.app_model_config.AppModelConfigBrokenError:
-            logger.exception("App model config broken.")
+            logging.exception("App model config broken.")
            raise AppUnavailableError()
        except NoAudioUploadedServiceError:
            raise NoAudioUploadedError()
@ -83,32 +70,15 @@ class ChatMessageAudioApi(Resource):
        except ValueError as e:
            raise e
        except Exception as e:
-            logger.exception("Failed to handle post request to ChatMessageAudioApi")
+            logging.exception("Failed to handle post request to ChatMessageAudioApi")
            raise InternalServerError()


-@console_ns.route("/apps/<uuid:app_id>/text-to-audio")
 class ChatMessageTextApi(Resource):
-    @api.doc("chat_message_text_to_speech")
-    @api.doc(description="Convert text to speech for chat messages")
-    @api.doc(params={"app_id": "App ID"})
-    @api.expect(
-        api.model(
-            "TextToSpeechRequest",
-            {
-                "message_id": fields.String(description="Message ID"),
-                "text": fields.String(required=True, description="Text to convert to speech"),
-                "voice": fields.String(description="Voice to use for TTS"),
-                "streaming": fields.Boolean(description="Whether to stream the audio"),
-            },
-        )
-    )
-    @api.response(200, "Text to speech conversion successful")
-    @api.response(400, "Bad request - Invalid parameters")
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def post(self, app_model: App):
        try:
            parser = reqparse.RequestParser()
@ -127,7 +97,7 @@ class ChatMessageTextApi(Resource):
            )
            return response
        except services.errors.app_model_config.AppModelConfigBrokenError:
-            logger.exception("App model config broken.")
+            logging.exception("App model config broken.")
            raise AppUnavailableError()
        except NoAudioUploadedServiceError:
            raise NoAudioUploadedError()
@ -148,22 +118,15 @@ class ChatMessageTextApi(Resource):
        except ValueError as e:
            raise e
        except Exception as e:
-            logger.exception("Failed to handle post request to ChatMessageTextApi")
+            logging.exception("Failed to handle post request to ChatMessageTextApi")
            raise InternalServerError()


-@console_ns.route("/apps/<uuid:app_id>/text-to-audio/voices")
 class TextModesApi(Resource):
-    @api.doc("get_text_to_speech_voices")
-    @api.doc(description="Get available TTS voices for a specific language")
-    @api.doc(params={"app_id": "App ID"})
-    @api.expect(api.parser().add_argument("language", type=str, required=True, location="args", help="Language code"))
-    @api.response(200, "TTS voices retrieved successfully", fields.List(fields.Raw(description="Available voices")))
-    @api.response(400, "Invalid language parameter")
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        try:
            parser = reqparse.RequestParser()
@ -197,5 +160,10 @@ class TextModesApi(Resource):
        except ValueError as e:
            raise e
        except Exception as e:
-            logger.exception("Failed to handle get request to TextModesApi")
+            logging.exception("Failed to handle get request to TextModesApi")
            raise InternalServerError()
+
+
+api.add_resource(ChatMessageAudioApi, "/apps/<uuid:app_id>/audio-to-text")
+api.add_resource(ChatMessageTextApi, "/apps/<uuid:app_id>/text-to-audio")
+api.add_resource(TextModesApi, "/apps/<uuid:app_id>/text-to-audio/voices")
--- a/api/controllers/console/app/completion.py
+++ b/api/controllers/console/app/completion.py
@ -1,11 +1,12 @@
 import logging

+import flask_login
 from flask import request
-from flask_restx import Resource, fields, reqparse
-from werkzeug.exceptions import Forbidden, InternalServerError, NotFound
+from flask_restx import Resource, reqparse
+from werkzeug.exceptions import InternalServerError, NotFound

 import services
-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.error import (
    AppUnavailableError,
    CompletionRequestError,
@ -28,37 +29,14 @@ from core.helper.trace_id_helper import get_external_trace_id
 from core.model_runtime.errors.invoke import InvokeError
 from libs import helper
 from libs.helper import uuid_value
-from libs.login import current_user, login_required
-from models import Account
+from libs.login import login_required
 from models.model import AppMode
 from services.app_generate_service import AppGenerateService
 from services.errors.llm import InvokeRateLimitError

-logger = logging.getLogger(__name__)
-

 # define completion message api for user
-@console_ns.route("/apps/<uuid:app_id>/completion-messages")
 class CompletionMessageApi(Resource):
-    @api.doc("create_completion_message")
-    @api.doc(description="Generate completion message for debugging")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "CompletionMessageRequest",
-            {
-                "inputs": fields.Raw(required=True, description="Input variables"),
-                "query": fields.String(description="Query text", default=""),
-                "files": fields.List(fields.Raw(), description="Uploaded files"),
-                "model_config": fields.Raw(required=True, description="Model configuration"),
-                "response_mode": fields.String(enum=["blocking", "streaming"], description="Response mode"),
-                "retriever_from": fields.String(default="dev", description="Retriever source"),
-            },
-        )
-    )
-    @api.response(200, "Completion generated successfully")
-    @api.response(400, "Invalid request parameters")
-    @api.response(404, "App not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -76,11 +54,11 @@ class CompletionMessageApi(Resource):
        streaming = args["response_mode"] != "blocking"
        args["auto_generate_name"] = False

+        account = flask_login.current_user
+
        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account or EndUser instance")
            response = AppGenerateService.generate(
-                app_model=app_model, user=current_user, args=args, invoke_from=InvokeFrom.DEBUGGER, streaming=streaming
+                app_model=app_model, user=account, args=args, invoke_from=InvokeFrom.DEBUGGER, streaming=streaming
            )

            return helper.compact_generate_response(response)
@ -89,7 +67,7 @@ class CompletionMessageApi(Resource):
        except services.errors.conversation.ConversationCompletedError:
            raise ConversationCompletedError()
        except services.errors.app_model_config.AppModelConfigBrokenError:
-            logger.exception("App model config broken.")
+            logging.exception("App model config broken.")
            raise AppUnavailableError()
        except ProviderTokenNotInitError as ex:
            raise ProviderNotInitializeError(ex.description)
@ -102,62 +80,29 @@ class CompletionMessageApi(Resource):
        except ValueError as e:
            raise e
        except Exception as e:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


-@console_ns.route("/apps/<uuid:app_id>/completion-messages/<string:task_id>/stop")
 class CompletionMessageStopApi(Resource):
-    @api.doc("stop_completion_message")
-    @api.doc(description="Stop a running completion message generation")
-    @api.doc(params={"app_id": "Application ID", "task_id": "Task ID to stop"})
-    @api.response(200, "Task stopped successfully")
    @setup_required
    @login_required
    @account_initialization_required
    @get_app_model(mode=AppMode.COMPLETION)
    def post(self, app_model, task_id):
-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
-        AppQueueManager.set_stop_flag(task_id, InvokeFrom.DEBUGGER, current_user.id)
+        account = flask_login.current_user
+
+        AppQueueManager.set_stop_flag(task_id, InvokeFrom.DEBUGGER, account.id)

        return {"result": "success"}, 200


-@console_ns.route("/apps/<uuid:app_id>/chat-messages")
 class ChatMessageApi(Resource):
-    @api.doc("create_chat_message")
-    @api.doc(description="Generate chat message for debugging")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "ChatMessageRequest",
-            {
-                "inputs": fields.Raw(required=True, description="Input variables"),
-                "query": fields.String(required=True, description="User query"),
-                "files": fields.List(fields.Raw(), description="Uploaded files"),
-                "model_config": fields.Raw(required=True, description="Model configuration"),
-                "conversation_id": fields.String(description="Conversation ID"),
-                "parent_message_id": fields.String(description="Parent message ID"),
-                "response_mode": fields.String(enum=["blocking", "streaming"], description="Response mode"),
-                "retriever_from": fields.String(default="dev", description="Retriever source"),
-            },
-        )
-    )
-    @api.response(200, "Chat message generated successfully")
-    @api.response(400, "Invalid request parameters")
-    @api.response(404, "App or conversation not found")
    @setup_required
    @login_required
    @account_initialization_required
    @get_app_model(mode=[AppMode.CHAT, AppMode.AGENT_CHAT])
    def post(self, app_model):
-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
-        if not current_user.has_edit_permission:
-            raise Forbidden()
-
        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, required=True, location="json")
        parser.add_argument("query", type=str, required=True, location="json")
@ -176,11 +121,11 @@ class ChatMessageApi(Resource):
        if external_trace_id:
            args["external_trace_id"] = external_trace_id

+        account = flask_login.current_user
+
        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account or EndUser instance")
            response = AppGenerateService.generate(
-                app_model=app_model, user=current_user, args=args, invoke_from=InvokeFrom.DEBUGGER, streaming=streaming
+                app_model=app_model, user=account, args=args, invoke_from=InvokeFrom.DEBUGGER, streaming=streaming
            )

            return helper.compact_generate_response(response)
@ -189,7 +134,7 @@ class ChatMessageApi(Resource):
        except services.errors.conversation.ConversationCompletedError:
            raise ConversationCompletedError()
        except services.errors.app_model_config.AppModelConfigBrokenError:
-            logger.exception("App model config broken.")
+            logging.exception("App model config broken.")
            raise AppUnavailableError()
        except ProviderTokenNotInitError as ex:
            raise ProviderNotInitializeError(ex.description)
@ -204,23 +149,24 @@ class ChatMessageApi(Resource):
        except ValueError as e:
            raise e
        except Exception as e:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


-@console_ns.route("/apps/<uuid:app_id>/chat-messages/<string:task_id>/stop")
 class ChatMessageStopApi(Resource):
-    @api.doc("stop_chat_message")
-    @api.doc(description="Stop a running chat message generation")
-    @api.doc(params={"app_id": "Application ID", "task_id": "Task ID to stop"})
-    @api.response(200, "Task stopped successfully")
    @setup_required
    @login_required
    @account_initialization_required
    @get_app_model(mode=[AppMode.CHAT, AppMode.AGENT_CHAT, AppMode.ADVANCED_CHAT])
    def post(self, app_model, task_id):
-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
-        AppQueueManager.set_stop_flag(task_id, InvokeFrom.DEBUGGER, current_user.id)
+        account = flask_login.current_user
+
+        AppQueueManager.set_stop_flag(task_id, InvokeFrom.DEBUGGER, account.id)

        return {"result": "success"}, 200
+
+
+api.add_resource(CompletionMessageApi, "/apps/<uuid:app_id>/completion-messages")
+api.add_resource(CompletionMessageStopApi, "/apps/<uuid:app_id>/completion-messages/<string:task_id>/stop")
+api.add_resource(ChatMessageApi, "/apps/<uuid:app_id>/chat-messages")
+api.add_resource(ChatMessageStopApi, "/apps/<uuid:app_id>/chat-messages/<string:task_id>/stop")
--- a/api/controllers/console/app/conversation.py
+++ b/api/controllers/console/app/conversation.py
@ -8,7 +8,7 @@ from sqlalchemy import func, or_
 from sqlalchemy.orm import joinedload
 from werkzeug.exceptions import Forbidden, NotFound

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
 from core.app.entities.app_invoke_entities import InvokeFrom
@ -22,35 +22,13 @@ from fields.conversation_fields import (
 from libs.datetime_utils import naive_utc_now
 from libs.helper import DatetimeString
 from libs.login import login_required
-from models import Account, Conversation, EndUser, Message, MessageAnnotation
+from models import Conversation, EndUser, Message, MessageAnnotation
 from models.model import AppMode
 from services.conversation_service import ConversationService
 from services.errors.conversation import ConversationNotExistsError


-@console_ns.route("/apps/<uuid:app_id>/completion-conversations")
 class CompletionConversationApi(Resource):
-    @api.doc("list_completion_conversations")
-    @api.doc(description="Get completion conversations with pagination and filtering")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("keyword", type=str, location="args", help="Search keyword")
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-        .add_argument(
-            "annotation_status",
-            type=str,
-            location="args",
-            choices=["annotated", "not_annotated", "all"],
-            default="all",
-            help="Annotation status filter",
-        )
-        .add_argument("page", type=int, location="args", default=1, help="Page number")
-        .add_argument("limit", type=int, location="args", default=20, help="Page size (1-100)")
-    )
-    @api.response(200, "Success", conversation_pagination_fields)
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -123,14 +101,7 @@ class CompletionConversationApi(Resource):
        return conversations


-@console_ns.route("/apps/<uuid:app_id>/completion-conversations/<uuid:conversation_id>")
 class CompletionConversationDetailApi(Resource):
-    @api.doc("get_completion_conversation")
-    @api.doc(description="Get completion conversation details with messages")
-    @api.doc(params={"app_id": "Application ID", "conversation_id": "Conversation ID"})
-    @api.response(200, "Success", conversation_message_detail_fields)
-    @api.response(403, "Insufficient permissions")
-    @api.response(404, "Conversation not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -143,24 +114,16 @@ class CompletionConversationDetailApi(Resource):

        return _get_conversation(app_model, conversation_id)

-    @api.doc("delete_completion_conversation")
-    @api.doc(description="Delete a completion conversation")
-    @api.doc(params={"app_id": "Application ID", "conversation_id": "Conversation ID"})
-    @api.response(204, "Conversation deleted successfully")
-    @api.response(403, "Insufficient permissions")
-    @api.response(404, "Conversation not found")
    @setup_required
    @login_required
    @account_initialization_required
-    @get_app_model(mode=AppMode.COMPLETION)
+    @get_app_model(mode=[AppMode.CHAT, AppMode.AGENT_CHAT, AppMode.ADVANCED_CHAT])
    def delete(self, app_model, conversation_id):
        if not current_user.is_editor:
            raise Forbidden()
        conversation_id = str(conversation_id)

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            ConversationService.delete(app_model, conversation_id, current_user)
        except ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
@ -168,38 +131,7 @@ class CompletionConversationDetailApi(Resource):
        return {"result": "success"}, 204


-@console_ns.route("/apps/<uuid:app_id>/chat-conversations")
 class ChatConversationApi(Resource):
-    @api.doc("list_chat_conversations")
-    @api.doc(description="Get chat conversations with pagination, filtering and summary")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("keyword", type=str, location="args", help="Search keyword")
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-        .add_argument(
-            "annotation_status",
-            type=str,
-            location="args",
-            choices=["annotated", "not_annotated", "all"],
-            default="all",
-            help="Annotation status filter",
-        )
-        .add_argument("message_count_gte", type=int, location="args", help="Minimum message count")
-        .add_argument("page", type=int, location="args", default=1, help="Page number")
-        .add_argument("limit", type=int, location="args", default=20, help="Page size (1-100)")
-        .add_argument(
-            "sort_by",
-            type=str,
-            location="args",
-            choices=["created_at", "-created_at", "updated_at", "-updated_at"],
-            default="-updated_at",
-            help="Sort field and direction",
-        )
-    )
-    @api.response(200, "Success", conversation_with_summary_pagination_fields)
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -307,7 +239,7 @@ class ChatConversationApi(Resource):
                .having(func.count(Message.id) >= args["message_count_gte"])
            )

-        if app_model.mode == AppMode.ADVANCED_CHAT:
+        if app_model.mode == AppMode.ADVANCED_CHAT.value:
            query = query.where(Conversation.invoke_from != InvokeFrom.DEBUGGER.value)

        match args["sort_by"]:
@ -327,14 +259,7 @@ class ChatConversationApi(Resource):
        return conversations


-@console_ns.route("/apps/<uuid:app_id>/chat-conversations/<uuid:conversation_id>")
 class ChatConversationDetailApi(Resource):
-    @api.doc("get_chat_conversation")
-    @api.doc(description="Get chat conversation details")
-    @api.doc(params={"app_id": "Application ID", "conversation_id": "Conversation ID"})
-    @api.response(200, "Success", conversation_detail_fields)
-    @api.response(403, "Insufficient permissions")
-    @api.response(404, "Conversation not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -347,12 +272,6 @@ class ChatConversationDetailApi(Resource):

        return _get_conversation(app_model, conversation_id)

-    @api.doc("delete_chat_conversation")
-    @api.doc(description="Delete a chat conversation")
-    @api.doc(params={"app_id": "Application ID", "conversation_id": "Conversation ID"})
-    @api.response(204, "Conversation deleted successfully")
-    @api.response(403, "Insufficient permissions")
-    @api.response(404, "Conversation not found")
    @setup_required
    @login_required
    @get_app_model(mode=[AppMode.CHAT, AppMode.AGENT_CHAT, AppMode.ADVANCED_CHAT])
@ -363,8 +282,6 @@ class ChatConversationDetailApi(Resource):
        conversation_id = str(conversation_id)

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            ConversationService.delete(app_model, conversation_id, current_user)
        except ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
@ -372,6 +289,12 @@ class ChatConversationDetailApi(Resource):
        return {"result": "success"}, 204


+api.add_resource(CompletionConversationApi, "/apps/<uuid:app_id>/completion-conversations")
+api.add_resource(CompletionConversationDetailApi, "/apps/<uuid:app_id>/completion-conversations/<uuid:conversation_id>")
+api.add_resource(ChatConversationApi, "/apps/<uuid:app_id>/chat-conversations")
+api.add_resource(ChatConversationDetailApi, "/apps/<uuid:app_id>/chat-conversations/<uuid:conversation_id>")
+
+
 def _get_conversation(app_model, conversation_id):
    conversation = (
        db.session.query(Conversation)
--- a/api/controllers/console/app/conversation_variables.py
+++ b/api/controllers/console/app/conversation_variables.py
@ -2,7 +2,7 @@ from flask_restx import Resource, marshal_with, reqparse
 from sqlalchemy import select
 from sqlalchemy.orm import Session

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
 from extensions.ext_database import db
@ -12,17 +12,7 @@ from models import ConversationVariable
 from models.model import AppMode


-@console_ns.route("/apps/<uuid:app_id>/conversation-variables")
 class ConversationVariablesApi(Resource):
-    @api.doc("get_conversation_variables")
-    @api.doc(description="Get conversation variables for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser().add_argument(
-            "conversation_id", type=str, location="args", help="Conversation ID to filter variables"
-        )
-    )
-    @api.response(200, "Conversation variables retrieved successfully", paginated_conversation_variable_fields)
    @setup_required
    @login_required
    @account_initialization_required
@ -65,3 +55,6 @@ class ConversationVariablesApi(Resource):
                for row in rows
            ],
        }
+
+
+api.add_resource(ConversationVariablesApi, "/apps/<uuid:app_id>/conversation-variables")
--- a/api/controllers/console/app/generator.py
+++ b/api/controllers/console/app/generator.py
@ -1,9 +1,9 @@
 from collections.abc import Sequence

 from flask_login import current_user
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.error import (
    CompletionRequestError,
    ProviderModelCurrentlyNotSupportError,
@ -19,23 +19,7 @@ from core.model_runtime.errors.invoke import InvokeError
 from libs.login import login_required


-@console_ns.route("/rule-generate")
 class RuleGenerateApi(Resource):
-    @api.doc("generate_rule_config")
-    @api.doc(description="Generate rule configuration using LLM")
-    @api.expect(
-        api.model(
-            "RuleGenerateRequest",
-            {
-                "instruction": fields.String(required=True, description="Rule generation instruction"),
-                "model_config": fields.Raw(required=True, description="Model configuration"),
-                "no_variable": fields.Boolean(required=True, default=False, description="Whether to exclude variables"),
-            },
-        )
-    )
-    @api.response(200, "Rule configuration generated successfully")
-    @api.response(400, "Invalid request parameters")
-    @api.response(402, "Provider quota exceeded")
    @setup_required
    @login_required
    @account_initialization_required
@ -66,26 +50,7 @@ class RuleGenerateApi(Resource):
        return rules


-@console_ns.route("/rule-code-generate")
 class RuleCodeGenerateApi(Resource):
-    @api.doc("generate_rule_code")
-    @api.doc(description="Generate code rules using LLM")
-    @api.expect(
-        api.model(
-            "RuleCodeGenerateRequest",
-            {
-                "instruction": fields.String(required=True, description="Code generation instruction"),
-                "model_config": fields.Raw(required=True, description="Model configuration"),
-                "no_variable": fields.Boolean(required=True, default=False, description="Whether to exclude variables"),
-                "code_language": fields.String(
-                    default="javascript", description="Programming language for code generation"
-                ),
-            },
-        )
-    )
-    @api.response(200, "Code rules generated successfully")
-    @api.response(400, "Invalid request parameters")
-    @api.response(402, "Provider quota exceeded")
    @setup_required
    @login_required
    @account_initialization_required
@ -117,22 +82,7 @@ class RuleCodeGenerateApi(Resource):
        return code_result


-@console_ns.route("/rule-structured-output-generate")
 class RuleStructuredOutputGenerateApi(Resource):
-    @api.doc("generate_structured_output")
-    @api.doc(description="Generate structured output rules using LLM")
-    @api.expect(
-        api.model(
-            "StructuredOutputGenerateRequest",
-            {
-                "instruction": fields.String(required=True, description="Structured output generation instruction"),
-                "model_config": fields.Raw(required=True, description="Model configuration"),
-            },
-        )
-    )
-    @api.response(200, "Structured output generated successfully")
-    @api.response(400, "Invalid request parameters")
-    @api.response(402, "Provider quota exceeded")
    @setup_required
    @login_required
    @account_initialization_required
@ -161,27 +111,7 @@ class RuleStructuredOutputGenerateApi(Resource):
        return structured_output


-@console_ns.route("/instruction-generate")
 class InstructionGenerateApi(Resource):
-    @api.doc("generate_instruction")
-    @api.doc(description="Generate instruction for workflow nodes or general use")
-    @api.expect(
-        api.model(
-            "InstructionGenerateRequest",
-            {
-                "flow_id": fields.String(required=True, description="Workflow/Flow ID"),
-                "node_id": fields.String(description="Node ID for workflow context"),
-                "current": fields.String(description="Current instruction text"),
-                "language": fields.String(default="javascript", description="Programming language (javascript/python)"),
-                "instruction": fields.String(required=True, description="Instruction for generation"),
-                "model_config": fields.Raw(required=True, description="Model configuration"),
-                "ideal_output": fields.String(description="Expected ideal output"),
-            },
-        )
-    )
-    @api.response(200, "Instruction generated successfully")
-    @api.response(400, "Invalid request parameters or flow/workflow not found")
-    @api.response(402, "Provider quota exceeded")
    @setup_required
    @login_required
    @account_initialization_required
@ -273,25 +203,11 @@ class InstructionGenerateApi(Resource):
            raise CompletionRequestError(e.description)


-@console_ns.route("/instruction-generate/template")
 class InstructionGenerationTemplateApi(Resource):
-    @api.doc("get_instruction_template")
-    @api.doc(description="Get instruction generation template")
-    @api.expect(
-        api.model(
-            "InstructionTemplateRequest",
-            {
-                "instruction": fields.String(required=True, description="Template instruction"),
-                "ideal_output": fields.String(description="Expected ideal output"),
-            },
-        )
-    )
-    @api.response(200, "Template retrieved successfully")
-    @api.response(400, "Invalid request parameters")
    @setup_required
    @login_required
    @account_initialization_required
-    def post(self):
+    def post(self) -> dict:
        parser = reqparse.RequestParser()
        parser.add_argument("type", type=str, required=True, default=False, location="json")
        args = parser.parse_args()
@ -306,3 +222,10 @@ class InstructionGenerationTemplateApi(Resource):
                return {"data": INSTRUCTION_GENERATE_TEMPLATE_CODE}
            case _:
                raise ValueError(f"Invalid type: {args['type']}")
+
+
+api.add_resource(RuleGenerateApi, "/rule-generate")
+api.add_resource(RuleCodeGenerateApi, "/rule-code-generate")
+api.add_resource(RuleStructuredOutputGenerateApi, "/rule-structured-output-generate")
+api.add_resource(InstructionGenerateApi, "/instruction-generate")
+api.add_resource(InstructionGenerationTemplateApi, "/instruction-generate/template")
--- a/api/controllers/console/app/mcp_server.py
+++ b/api/controllers/console/app/mcp_server.py
@ -2,10 +2,10 @@ import json
 from enum import StrEnum

 from flask_login import current_user
-from flask_restx import Resource, fields, marshal_with, reqparse
+from flask_restx import Resource, marshal_with, reqparse
 from werkzeug.exceptions import NotFound

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
 from extensions.ext_database import db
@ -19,12 +19,7 @@ class AppMCPServerStatus(StrEnum):
    INACTIVE = "inactive"


-@console_ns.route("/apps/<uuid:app_id>/server")
 class AppMCPServerController(Resource):
-    @api.doc("get_app_mcp_server")
-    @api.doc(description="Get MCP server configuration for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(200, "MCP server configuration retrieved successfully", app_server_fields)
    @setup_required
    @login_required
    @account_initialization_required
@ -34,20 +29,6 @@ class AppMCPServerController(Resource):
        server = db.session.query(AppMCPServer).where(AppMCPServer.app_id == app_model.id).first()
        return server

-    @api.doc("create_app_mcp_server")
-    @api.doc(description="Create MCP server configuration for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "MCPServerCreateRequest",
-            {
-                "description": fields.String(description="Server description"),
-                "parameters": fields.Raw(required=True, description="Server parameters configuration"),
-            },
-        )
-    )
-    @api.response(201, "MCP server configuration created successfully", app_server_fields)
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -78,23 +59,6 @@ class AppMCPServerController(Resource):
        db.session.commit()
        return server

-    @api.doc("update_app_mcp_server")
-    @api.doc(description="Update MCP server configuration for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "MCPServerUpdateRequest",
-            {
-                "id": fields.String(required=True, description="Server ID"),
-                "description": fields.String(description="Server description"),
-                "parameters": fields.Raw(required=True, description="Server parameters configuration"),
-                "status": fields.String(description="Server status"),
-            },
-        )
-    )
-    @api.response(200, "MCP server configuration updated successfully", app_server_fields)
-    @api.response(403, "Insufficient permissions")
-    @api.response(404, "Server not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -130,14 +94,7 @@ class AppMCPServerController(Resource):
        return server


-@console_ns.route("/apps/<uuid:server_id>/server/refresh")
 class AppMCPServerRefreshController(Resource):
-    @api.doc("refresh_app_mcp_server")
-    @api.doc(description="Refresh MCP server configuration and regenerate server code")
-    @api.doc(params={"server_id": "Server ID"})
-    @api.response(200, "MCP server refreshed successfully", app_server_fields)
-    @api.response(403, "Insufficient permissions")
-    @api.response(404, "Server not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -156,3 +113,7 @@ class AppMCPServerRefreshController(Resource):
        server.server_code = AppMCPServer.generate_server_code(16)
        db.session.commit()
        return server
+
+
+api.add_resource(AppMCPServerController, "/apps/<uuid:app_id>/server")
+api.add_resource(AppMCPServerRefreshController, "/apps/<uuid:server_id>/server/refresh")
--- a/api/controllers/console/app/message.py
+++ b/api/controllers/console/app/message.py
@ -1,11 +1,11 @@
 import logging

+from flask_login import current_user
 from flask_restx import Resource, fields, marshal_with, reqparse
 from flask_restx.inputs import int_range
-from sqlalchemy import exists, select
 from werkzeug.exceptions import Forbidden, InternalServerError, NotFound

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.error import (
    CompletionRequestError,
    ProviderModelCurrentlyNotSupportError,
@ -26,18 +26,14 @@ from extensions.ext_database import db
 from fields.conversation_fields import annotation_fields, message_detail_fields
 from libs.helper import uuid_value
 from libs.infinite_scroll_pagination import InfiniteScrollPagination
-from libs.login import current_user, login_required
-from models.account import Account
+from libs.login import login_required
 from models.model import AppMode, Conversation, Message, MessageAnnotation, MessageFeedback
 from services.annotation_service import AppAnnotationService
 from services.errors.conversation import ConversationNotExistsError
 from services.errors.message import MessageNotExistsError, SuggestedQuestionsAfterAnswerDisabledError
 from services.message_service import MessageService

-logger = logging.getLogger(__name__)

-
-@console_ns.route("/apps/<uuid:app_id>/chat-messages")
 class ChatMessageListApi(Resource):
    message_infinite_scroll_pagination_fields = {
        "limit": fields.Integer,
@ -45,17 +41,6 @@ class ChatMessageListApi(Resource):
        "data": fields.List(fields.Nested(message_detail_fields)),
    }

-    @api.doc("list_chat_messages")
-    @api.doc(description="Get chat messages for a conversation with pagination")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("conversation_id", type=str, required=True, location="args", help="Conversation ID")
-        .add_argument("first_id", type=str, location="args", help="First message ID for pagination")
-        .add_argument("limit", type=int, location="args", default=20, help="Number of messages to return (1-100)")
-    )
-    @api.response(200, "Success", message_infinite_scroll_pagination_fields)
-    @api.response(404, "Conversation not found")
    @setup_required
    @login_required
    @get_app_model(mode=[AppMode.CHAT, AppMode.AGENT_CHAT, AppMode.ADVANCED_CHAT])
@ -107,53 +92,33 @@ class ChatMessageListApi(Resource):
                .all()
            )

-        # Initialize has_more based on whether we have a full page
+        has_more = False
        if len(history_messages) == args["limit"]:
            current_page_first_message = history_messages[-1]
-            # Check if there are more messages before the current page
-            has_more = db.session.scalar(
-                select(
-                    exists().where(
-                        Message.conversation_id == conversation.id,
-                        Message.created_at < current_page_first_message.created_at,
-                        Message.id != current_page_first_message.id,
-                    )
+            rest_count = (
+                db.session.query(Message)
+                .where(
+                    Message.conversation_id == conversation.id,
+                    Message.created_at < current_page_first_message.created_at,
+                    Message.id != current_page_first_message.id,
                )
+                .count()
            )
-        else:
-            # If we don't have a full page, there are no more messages
-            has_more = False
+
+            if rest_count > 0:
+                has_more = True

        history_messages = list(reversed(history_messages))

        return InfiniteScrollPagination(data=history_messages, limit=args["limit"], has_more=has_more)


-@console_ns.route("/apps/<uuid:app_id>/feedbacks")
 class MessageFeedbackApi(Resource):
-    @api.doc("create_message_feedback")
-    @api.doc(description="Create or update message feedback (like/dislike)")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "MessageFeedbackRequest",
-            {
-                "message_id": fields.String(required=True, description="Message ID"),
-                "rating": fields.String(enum=["like", "dislike"], description="Feedback rating"),
-            },
-        )
-    )
-    @api.response(200, "Feedback updated successfully")
-    @api.response(404, "Message not found")
-    @api.response(403, "Insufficient permissions")
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def post(self, app_model):
-        if current_user is None:
-            raise Forbidden()
-
        parser = reqparse.RequestParser()
        parser.add_argument("message_id", required=True, type=uuid_value, location="json")
        parser.add_argument("rating", type=str, choices=["like", "dislike", None], location="json")
@ -161,7 +126,7 @@ class MessageFeedbackApi(Resource):

        message_id = str(args["message_id"])

-        message = db.session.query(Message).where(Message.id == message_id, Message.app_id == app_model.id).first()
+        message = db.session.query(Message).filter(Message.id == message_id, Message.app_id == app_model.id).first()

        if not message:
            raise NotFound("Message Not Exists.")
@ -190,24 +155,7 @@ class MessageFeedbackApi(Resource):
        return {"result": "success"}


-@console_ns.route("/apps/<uuid:app_id>/annotations")
 class MessageAnnotationApi(Resource):
-    @api.doc("create_message_annotation")
-    @api.doc(description="Create message annotation")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "MessageAnnotationRequest",
-            {
-                "message_id": fields.String(description="Message ID"),
-                "question": fields.String(required=True, description="Question text"),
-                "answer": fields.String(required=True, description="Answer text"),
-                "annotation_reply": fields.Raw(description="Annotation reply"),
-            },
-        )
-    )
-    @api.response(200, "Annotation created successfully", annotation_fields)
-    @api.response(403, "Insufficient permissions")
    @setup_required
    @login_required
    @account_initialization_required
@ -215,9 +163,7 @@ class MessageAnnotationApi(Resource):
    @get_app_model
    @marshal_with(annotation_fields)
    def post(self, app_model):
-        if not isinstance(current_user, Account):
-            raise Forbidden()
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()

        parser = reqparse.RequestParser()
@ -231,37 +177,18 @@ class MessageAnnotationApi(Resource):
        return annotation


-@console_ns.route("/apps/<uuid:app_id>/annotations/count")
 class MessageAnnotationCountApi(Resource):
-    @api.doc("get_annotation_count")
-    @api.doc(description="Get count of message annotations for the app")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(
-        200,
-        "Annotation count retrieved successfully",
-        api.model("AnnotationCountResponse", {"count": fields.Integer(description="Number of annotations")}),
-    )
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        count = db.session.query(MessageAnnotation).where(MessageAnnotation.app_id == app_model.id).count()

        return {"count": count}


-@console_ns.route("/apps/<uuid:app_id>/chat-messages/<uuid:message_id>/suggested-questions")
 class MessageSuggestedQuestionApi(Resource):
-    @api.doc("get_message_suggested_questions")
-    @api.doc(description="Get suggested questions for a message")
-    @api.doc(params={"app_id": "Application ID", "message_id": "Message ID"})
-    @api.response(
-        200,
-        "Suggested questions retrieved successfully",
-        api.model("SuggestedQuestionsResponse", {"data": fields.List(fields.String(description="Suggested question"))}),
-    )
-    @api.response(404, "Message or conversation not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -288,19 +215,13 @@ class MessageSuggestedQuestionApi(Resource):
        except SuggestedQuestionsAfterAnswerDisabledError:
            raise AppSuggestedQuestionsAfterAnswerDisabledError()
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()

        return {"data": questions}


-@console_ns.route("/apps/<uuid:app_id>/messages/<uuid:message_id>")
 class MessageApi(Resource):
-    @api.doc("get_message")
-    @api.doc(description="Get message details by ID")
-    @api.doc(params={"app_id": "Application ID", "message_id": "Message ID"})
-    @api.response(200, "Message retrieved successfully", message_detail_fields)
-    @api.response(404, "Message not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -315,3 +236,11 @@ class MessageApi(Resource):
            raise NotFound("Message Not Exists.")

        return message
+
+
+api.add_resource(MessageSuggestedQuestionApi, "/apps/<uuid:app_id>/chat-messages/<uuid:message_id>/suggested-questions")
+api.add_resource(ChatMessageListApi, "/apps/<uuid:app_id>/chat-messages", endpoint="console_chat_messages")
+api.add_resource(MessageFeedbackApi, "/apps/<uuid:app_id>/feedbacks")
+api.add_resource(MessageAnnotationApi, "/apps/<uuid:app_id>/annotations")
+api.add_resource(MessageAnnotationCountApi, "/apps/<uuid:app_id>/annotations/count")
+api.add_resource(MessageApi, "/apps/<uuid:app_id>/messages/<uuid:message_id>", endpoint="console_message")
--- a/api/controllers/console/app/model_config.py
+++ b/api/controllers/console/app/model_config.py
@ -3,10 +3,9 @@ from typing import cast

 from flask import request
 from flask_login import current_user
-from flask_restx import Resource, fields
-from werkzeug.exceptions import Forbidden
+from flask_restx import Resource

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
 from core.agent.entities import AgentToolEntity
@ -15,51 +14,17 @@ from core.tools.utils.configuration import ToolParameterConfigurationManager
 from events.app_event import app_model_config_was_updated
 from extensions.ext_database import db
 from libs.login import login_required
-from models.account import Account
 from models.model import AppMode, AppModelConfig
 from services.app_model_config_service import AppModelConfigService


-@console_ns.route("/apps/<uuid:app_id>/model-config")
 class ModelConfigResource(Resource):
-    @api.doc("update_app_model_config")
-    @api.doc(description="Update application model configuration")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "ModelConfigRequest",
-            {
-                "provider": fields.String(description="Model provider"),
-                "model": fields.String(description="Model name"),
-                "configs": fields.Raw(description="Model configuration parameters"),
-                "opening_statement": fields.String(description="Opening statement"),
-                "suggested_questions": fields.List(fields.String(), description="Suggested questions"),
-                "more_like_this": fields.Raw(description="More like this configuration"),
-                "speech_to_text": fields.Raw(description="Speech to text configuration"),
-                "text_to_speech": fields.Raw(description="Text to speech configuration"),
-                "retrieval_model": fields.Raw(description="Retrieval model configuration"),
-                "tools": fields.List(fields.Raw(), description="Available tools"),
-                "dataset_configs": fields.Raw(description="Dataset configurations"),
-                "agent_mode": fields.Raw(description="Agent mode configuration"),
-            },
-        )
-    )
-    @api.response(200, "Model configuration updated successfully")
-    @api.response(400, "Invalid configuration")
-    @api.response(404, "App not found")
    @setup_required
    @login_required
    @account_initialization_required
    @get_app_model(mode=[AppMode.AGENT_CHAT, AppMode.CHAT, AppMode.COMPLETION])
    def post(self, app_model):
        """Modify app model config"""
-        if not isinstance(current_user, Account):
-            raise Forbidden()
-
-        if not current_user.has_edit_permission:
-            raise Forbidden()
-
-        assert current_user.current_tenant_id is not None, "The tenant information should be loaded."
        # validate config
        model_configuration = AppModelConfigService.validate_configuration(
            tenant_id=current_user.current_tenant_id,
@ -74,7 +39,7 @@ class ModelConfigResource(Resource):
        )
        new_app_model_config = new_app_model_config.from_model_config_dict(model_configuration)

-        if app_model.mode == AppMode.AGENT_CHAT or app_model.is_agent:
+        if app_model.mode == AppMode.AGENT_CHAT.value or app_model.is_agent:
            # get original app model config
            original_app_model_config = (
                db.session.query(AppModelConfig).where(AppModelConfig.id == app_model.app_model_config_id).first()
@ -177,3 +142,6 @@ class ModelConfigResource(Resource):
        app_model_config_was_updated.send(app_model, app_model_config=new_app_model_config)

        return {"result": "success"}
+
+
+api.add_resource(ModelConfigResource, "/apps/<uuid:app_id>/model-config")
--- a/api/controllers/console/app/ops_trace.py
+++ b/api/controllers/console/app/ops_trace.py
@ -1,31 +1,18 @@
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse
 from werkzeug.exceptions import BadRequest

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.error import TracingConfigCheckError, TracingConfigIsExist, TracingConfigNotExist
 from controllers.console.wraps import account_initialization_required, setup_required
 from libs.login import login_required
 from services.ops_service import OpsService


-@console_ns.route("/apps/<uuid:app_id>/trace-config")
 class TraceAppConfigApi(Resource):
    """
    Manage trace app configurations
    """

-    @api.doc("get_trace_app_config")
-    @api.doc(description="Get tracing configuration for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser().add_argument(
-            "tracing_provider", type=str, required=True, location="args", help="Tracing provider name"
-        )
-    )
-    @api.response(
-        200, "Tracing configuration retrieved successfully", fields.Raw(description="Tracing configuration data")
-    )
-    @api.response(400, "Invalid request parameters")
    @setup_required
    @login_required
    @account_initialization_required
@ -42,22 +29,6 @@ class TraceAppConfigApi(Resource):
        except Exception as e:
            raise BadRequest(str(e))

-    @api.doc("create_trace_app_config")
-    @api.doc(description="Create a new tracing configuration for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "TraceConfigCreateRequest",
-            {
-                "tracing_provider": fields.String(required=True, description="Tracing provider name"),
-                "tracing_config": fields.Raw(required=True, description="Tracing configuration data"),
-            },
-        )
-    )
-    @api.response(
-        201, "Tracing configuration created successfully", fields.Raw(description="Created configuration data")
-    )
-    @api.response(400, "Invalid request parameters or configuration already exists")
    @setup_required
    @login_required
    @account_initialization_required
@ -80,20 +51,6 @@ class TraceAppConfigApi(Resource):
        except Exception as e:
            raise BadRequest(str(e))

-    @api.doc("update_trace_app_config")
-    @api.doc(description="Update an existing tracing configuration for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "TraceConfigUpdateRequest",
-            {
-                "tracing_provider": fields.String(required=True, description="Tracing provider name"),
-                "tracing_config": fields.Raw(required=True, description="Updated tracing configuration data"),
-            },
-        )
-    )
-    @api.response(200, "Tracing configuration updated successfully", fields.Raw(description="Success response"))
-    @api.response(400, "Invalid request parameters or configuration not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -114,16 +71,6 @@ class TraceAppConfigApi(Resource):
        except Exception as e:
            raise BadRequest(str(e))

-    @api.doc("delete_trace_app_config")
-    @api.doc(description="Delete an existing tracing configuration for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser().add_argument(
-            "tracing_provider", type=str, required=True, location="args", help="Tracing provider name"
-        )
-    )
-    @api.response(204, "Tracing configuration deleted successfully")
-    @api.response(400, "Invalid request parameters or configuration not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -140,3 +87,6 @@ class TraceAppConfigApi(Resource):
            return {"result": "success"}, 204
        except Exception as e:
            raise BadRequest(str(e))
+
+
+api.add_resource(TraceAppConfigApi, "/apps/<uuid:app_id>/trace-config")
--- a/api/controllers/console/app/site.py
+++ b/api/controllers/console/app/site.py
@ -1,16 +1,16 @@
 from flask_login import current_user
-from flask_restx import Resource, fields, marshal_with, reqparse
+from flask_restx import Resource, marshal_with, reqparse
 from werkzeug.exceptions import Forbidden, NotFound

 from constants.languages import supported_language
-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
 from extensions.ext_database import db
 from fields.app_fields import app_site_fields
 from libs.datetime_utils import naive_utc_now
 from libs.login import login_required
-from models import Account, Site
+from models import Site


 def parse_app_site_args():
@ -36,39 +36,7 @@ def parse_app_site_args():
    return parser.parse_args()


-@console_ns.route("/apps/<uuid:app_id>/site")
 class AppSite(Resource):
-    @api.doc("update_app_site")
-    @api.doc(description="Update application site configuration")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.model(
-            "AppSiteRequest",
-            {
-                "title": fields.String(description="Site title"),
-                "icon_type": fields.String(description="Icon type"),
-                "icon": fields.String(description="Icon"),
-                "icon_background": fields.String(description="Icon background color"),
-                "description": fields.String(description="Site description"),
-                "default_language": fields.String(description="Default language"),
-                "chat_color_theme": fields.String(description="Chat color theme"),
-                "chat_color_theme_inverted": fields.Boolean(description="Inverted chat color theme"),
-                "customize_domain": fields.String(description="Custom domain"),
-                "copyright": fields.String(description="Copyright text"),
-                "privacy_policy": fields.String(description="Privacy policy"),
-                "custom_disclaimer": fields.String(description="Custom disclaimer"),
-                "customize_token_strategy": fields.String(
-                    enum=["must", "allow", "not_allow"], description="Token strategy"
-                ),
-                "prompt_public": fields.Boolean(description="Make prompt public"),
-                "show_workflow_steps": fields.Boolean(description="Show workflow steps"),
-                "use_icon_as_answer_icon": fields.Boolean(description="Use icon as answer icon"),
-            },
-        )
-    )
-    @api.response(200, "Site configuration updated successfully", app_site_fields)
-    @api.response(403, "Insufficient permissions")
-    @api.response(404, "App not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -107,8 +75,6 @@ class AppSite(Resource):
            if value is not None:
                setattr(site, attr_name, value)

-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        site.updated_by = current_user.id
        site.updated_at = naive_utc_now()
        db.session.commit()
@ -116,14 +82,7 @@ class AppSite(Resource):
        return site


-@console_ns.route("/apps/<uuid:app_id>/site/access-token-reset")
 class AppSiteAccessTokenReset(Resource):
-    @api.doc("reset_app_site_access_token")
-    @api.doc(description="Reset access token for application site")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.response(200, "Access token reset successfully", app_site_fields)
-    @api.response(403, "Insufficient permissions (admin/owner required)")
-    @api.response(404, "App or site not found")
    @setup_required
    @login_required
    @account_initialization_required
@ -140,10 +99,12 @@ class AppSiteAccessTokenReset(Resource):
            raise NotFound

        site.code = Site.generate_code(16)
-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        site.updated_by = current_user.id
        site.updated_at = naive_utc_now()
        db.session.commit()

        return site
+
+
+api.add_resource(AppSite, "/apps/<uuid:app_id>/site")
+api.add_resource(AppSiteAccessTokenReset, "/apps/<uuid:app_id>/site/access-token-reset")
--- a/api/controllers/console/app/statistic.py
+++ b/api/controllers/console/app/statistic.py
@ -5,9 +5,9 @@ import pytz
 import sqlalchemy as sa
 from flask import jsonify
 from flask_login import current_user
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse

-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
 from core.app.entities.app_invoke_entities import InvokeFrom
@ -17,25 +17,11 @@ from libs.login import login_required
 from models import AppMode, Message


-@console_ns.route("/apps/<uuid:app_id>/statistics/daily-messages")
 class DailyMessageStatistic(Resource):
-    @api.doc("get_daily_message_statistics")
-    @api.doc(description="Get daily message statistics for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-    )
-    @api.response(
-        200,
-        "Daily message statistics retrieved successfully",
-        fields.List(fields.Raw(description="Daily message count data")),
-    )
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

@ -88,25 +74,11 @@ WHERE
        return jsonify({"data": response_data})


-@console_ns.route("/apps/<uuid:app_id>/statistics/daily-conversations")
 class DailyConversationStatistic(Resource):
-    @api.doc("get_daily_conversation_statistics")
-    @api.doc(description="Get daily conversation statistics for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-    )
-    @api.response(
-        200,
-        "Daily conversation statistics retrieved successfully",
-        fields.List(fields.Raw(description="Daily conversation count data")),
-    )
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

@ -154,25 +126,11 @@ class DailyConversationStatistic(Resource):
        return jsonify({"data": response_data})


-@console_ns.route("/apps/<uuid:app_id>/statistics/daily-end-users")
 class DailyTerminalsStatistic(Resource):
-    @api.doc("get_daily_terminals_statistics")
-    @api.doc(description="Get daily terminal/end-user statistics for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-    )
-    @api.response(
-        200,
-        "Daily terminal statistics retrieved successfully",
-        fields.List(fields.Raw(description="Daily terminal count data")),
-    )
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

@ -225,25 +183,11 @@ WHERE
        return jsonify({"data": response_data})


-@console_ns.route("/apps/<uuid:app_id>/statistics/token-costs")
 class DailyTokenCostStatistic(Resource):
-    @api.doc("get_daily_token_cost_statistics")
-    @api.doc(description="Get daily token cost statistics for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-    )
-    @api.response(
-        200,
-        "Daily token cost statistics retrieved successfully",
-        fields.List(fields.Raw(description="Daily token cost data")),
-    )
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

@ -299,21 +243,7 @@ WHERE
        return jsonify({"data": response_data})


-@console_ns.route("/apps/<uuid:app_id>/statistics/average-session-interactions")
 class AverageSessionInteractionStatistic(Resource):
-    @api.doc("get_average_session_interaction_statistics")
-    @api.doc(description="Get average session interaction statistics for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-    )
-    @api.response(
-        200,
-        "Average session interaction statistics retrieved successfully",
-        fields.List(fields.Raw(description="Average session interaction data")),
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -389,25 +319,11 @@ ORDER BY
        return jsonify({"data": response_data})


-@console_ns.route("/apps/<uuid:app_id>/statistics/user-satisfaction-rate")
 class UserSatisfactionRateStatistic(Resource):
-    @api.doc("get_user_satisfaction_rate_statistics")
-    @api.doc(description="Get user satisfaction rate statistics for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-    )
-    @api.response(
-        200,
-        "User satisfaction rate statistics retrieved successfully",
-        fields.List(fields.Raw(description="User satisfaction rate data")),
-    )
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

@ -469,21 +385,7 @@ WHERE
        return jsonify({"data": response_data})


-@console_ns.route("/apps/<uuid:app_id>/statistics/average-response-time")
 class AverageResponseTimeStatistic(Resource):
-    @api.doc("get_average_response_time_statistics")
-    @api.doc(description="Get average response time statistics for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-    )
-    @api.response(
-        200,
-        "Average response time statistics retrieved successfully",
-        fields.List(fields.Raw(description="Average response time data")),
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -540,25 +442,11 @@ WHERE
        return jsonify({"data": response_data})


-@console_ns.route("/apps/<uuid:app_id>/statistics/tokens-per-second")
 class TokensPerSecondStatistic(Resource):
-    @api.doc("get_tokens_per_second_statistics")
-    @api.doc(description="Get tokens per second statistics for an application")
-    @api.doc(params={"app_id": "Application ID"})
-    @api.expect(
-        api.parser()
-        .add_argument("start", type=str, location="args", help="Start date (YYYY-MM-DD HH:MM)")
-        .add_argument("end", type=str, location="args", help="End date (YYYY-MM-DD HH:MM)")
-    )
-    @api.response(
-        200,
-        "Tokens per second statistics retrieved successfully",
-        fields.List(fields.Raw(description="Tokens per second data")),
-    )
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

@ -612,3 +500,13 @@ WHERE
                response_data.append({"date": str(i.date), "tps": round(i.tokens_per_second, 4)})

        return jsonify({"data": response_data})
+
+
+api.add_resource(DailyMessageStatistic, "/apps/<uuid:app_id>/statistics/daily-messages")
+api.add_resource(DailyConversationStatistic, "/apps/<uuid:app_id>/statistics/daily-conversations")
+api.add_resource(DailyTerminalsStatistic, "/apps/<uuid:app_id>/statistics/daily-end-users")
+api.add_resource(DailyTokenCostStatistic, "/apps/<uuid:app_id>/statistics/token-costs")
+api.add_resource(AverageSessionInteractionStatistic, "/apps/<uuid:app_id>/statistics/average-session-interactions")
+api.add_resource(UserSatisfactionRateStatistic, "/apps/<uuid:app_id>/statistics/user-satisfaction-rate")
+api.add_resource(AverageResponseTimeStatistic, "/apps/<uuid:app_id>/statistics/average-response-time")
+api.add_resource(TokensPerSecondStatistic, "/apps/<uuid:app_id>/statistics/tokens-per-second")
--- a/api/controllers/console/app/workflow.py
+++ b/api/controllers/console/app/workflow.py
@ -11,7 +11,11 @@ from werkzeug.exceptions import Forbidden, InternalServerError, NotFound
 import services
 from configs import dify_config
 from controllers.console import api
-from controllers.console.app.error import ConversationCompletedError, DraftWorkflowNotExist, DraftWorkflowNotSync
+from controllers.console.app.error import (
+    ConversationCompletedError,
+    DraftWorkflowNotExist,
+    DraftWorkflowNotSync,
+)
 from controllers.console.app.wraps import get_app_model
 from controllers.console.wraps import account_initialization_required, setup_required
 from controllers.web.error import InvokeRateLimitError as InvokeRateLimitHttpError
@ -68,8 +72,7 @@ class DraftWorkflowApi(Resource):
        Get draft workflow
        """
        # The role of the current user in the ta table must be admin, owner, or editor
-        assert isinstance(current_user, Account)
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()

        # fetch draft workflow by app_model
@ -91,8 +94,7 @@ class DraftWorkflowApi(Resource):
        Sync draft workflow
        """
        # The role of the current user in the ta table must be admin, owner, or editor
-        assert isinstance(current_user, Account)
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()

        content_type = request.headers.get("Content-Type", "")
@ -169,8 +171,7 @@ class AdvancedChatDraftWorkflowRunApi(Resource):
        Run draft workflow
        """
        # The role of the current user in the ta table must be admin, owner, or editor
-        assert isinstance(current_user, Account)
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()

        if not isinstance(current_user, Account):
@ -204,7 +205,7 @@ class AdvancedChatDraftWorkflowRunApi(Resource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -217,10 +218,11 @@ class AdvancedChatDraftRunIterationNodeApi(Resource):
        """
        Run draft workflow iteration node
        """
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
+            raise Forbidden()
+
+        if not isinstance(current_user, Account):
            raise Forbidden()

        parser = reqparse.RequestParser()
@ -240,7 +242,7 @@ class AdvancedChatDraftRunIterationNodeApi(Resource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -254,9 +256,10 @@ class WorkflowDraftRunIterationNodeApi(Resource):
        Run draft workflow iteration node
        """
        # The role of the current user in the ta table must be admin, owner, or editor
-        if not isinstance(current_user, Account):
+        if not current_user.is_editor:
            raise Forbidden()
-        if not current_user.has_edit_permission:
+
+        if not isinstance(current_user, Account):
            raise Forbidden()

        parser = reqparse.RequestParser()
@ -276,7 +279,7 @@ class WorkflowDraftRunIterationNodeApi(Resource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -289,12 +292,12 @@ class AdvancedChatDraftRunLoopNodeApi(Resource):
        """
        Run draft workflow loop node
        """
+        # The role of the current user in the ta table must be admin, owner, or editor
+        if not current_user.is_editor:
+            raise Forbidden()

        if not isinstance(current_user, Account):
            raise Forbidden()
-        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
-            raise Forbidden()

        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, location="json")
@ -313,7 +316,7 @@ class AdvancedChatDraftRunLoopNodeApi(Resource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -326,12 +329,12 @@ class WorkflowDraftRunLoopNodeApi(Resource):
        """
        Run draft workflow loop node
        """
+        # The role of the current user in the ta table must be admin, owner, or editor
+        if not current_user.is_editor:
+            raise Forbidden()

        if not isinstance(current_user, Account):
            raise Forbidden()
-        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
-            raise Forbidden()

        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, location="json")
@ -350,7 +353,7 @@ class WorkflowDraftRunLoopNodeApi(Resource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -363,12 +366,12 @@ class DraftWorkflowRunApi(Resource):
        """
        Run draft workflow
        """
+        # The role of the current user in the ta table must be admin, owner, or editor
+        if not current_user.is_editor:
+            raise Forbidden()

        if not isinstance(current_user, Account):
            raise Forbidden()
-        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
-            raise Forbidden()

        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, required=True, nullable=False, location="json")
@ -402,11 +405,8 @@ class WorkflowTaskStopApi(Resource):
        """
        Stop workflow task
        """
-
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()

        AppQueueManager.set_stop_flag(task_id, InvokeFrom.DEBUGGER, current_user.id)
@ -424,12 +424,12 @@ class DraftWorkflowNodeRunApi(Resource):
        """
        Run draft workflow node
        """
+        # The role of the current user in the ta table must be admin, owner, or editor
+        if not current_user.is_editor:
+            raise Forbidden()

        if not isinstance(current_user, Account):
            raise Forbidden()
-        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
-            raise Forbidden()

        parser = reqparse.RequestParser()
        parser.add_argument("inputs", type=dict, required=True, nullable=False, location="json")
@ -472,11 +472,8 @@ class PublishedWorkflowApi(Resource):
        """
        Get published workflow
        """
-
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()

        # fetch published workflow by app_model
@ -494,10 +491,11 @@ class PublishedWorkflowApi(Resource):
        """
        Publish workflow
        """
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
+            raise Forbidden()
+
+        if not isinstance(current_user, Account):
            raise Forbidden()

        parser = reqparse.RequestParser()
@ -522,7 +520,7 @@ class PublishedWorkflowApi(Resource):
            )

            app_model.workflow_id = workflow.id
-            db.session.commit()  # NOTE: this is necessary for update app_model.workflow_id
+            db.session.commit()

            workflow_created_at = TimestampField().format(workflow.created_at)

@ -543,11 +541,8 @@ class DefaultBlockConfigsApi(Resource):
        """
        Get default block config
        """
-
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()

        # Get default block configs
@ -564,10 +559,11 @@ class DefaultBlockConfigApi(Resource):
        """
        Get default block config
        """
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
+            raise Forbidden()
+
+        if not isinstance(current_user, Account):
            raise Forbidden()

        parser = reqparse.RequestParser()
@ -599,10 +595,11 @@ class ConvertToWorkflowApi(Resource):
        Convert expert mode of chatbot app to workflow mode
        Convert Completion App to Workflow App
        """
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # The role of the current user in the ta table must be admin, owner, or editor
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
+            raise Forbidden()
+
+        if not isinstance(current_user, Account):
            raise Forbidden()

        if request.data:
@ -648,10 +645,7 @@ class PublishedAllWorkflowApi(Resource):
        """
        Get published workflows
        """
-
-        if not isinstance(current_user, Account):
-            raise Forbidden()
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()

        parser = reqparse.RequestParser()
@ -699,10 +693,11 @@ class WorkflowByIdApi(Resource):
        """
        Update workflow attributes
        """
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # Check permission
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
+            raise Forbidden()
+
+        if not isinstance(current_user, Account):
            raise Forbidden()

        parser = reqparse.RequestParser()
@ -715,6 +710,7 @@ class WorkflowByIdApi(Resource):
            raise ValueError("Marked name cannot exceed 20 characters")
        if args.marked_comment and len(args.marked_comment) > 100:
            raise ValueError("Marked comment cannot exceed 100 characters")
+        args = parser.parse_args()

        # Prepare update data
        update_data = {}
@ -754,10 +750,11 @@ class WorkflowByIdApi(Resource):
        """
        Delete workflow
        """
-        if not isinstance(current_user, Account):
-            raise Forbidden()
        # Check permission
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
+            raise Forbidden()
+
+        if not isinstance(current_user, Account):
            raise Forbidden()

        workflow_service = WorkflowService()
--- a/api/controllers/console/app/workflow_app_log.py
+++ b/api/controllers/console/app/workflow_app_log.py
@ -27,9 +27,7 @@ class WorkflowAppLogApi(Resource):
        """
        parser = reqparse.RequestParser()
        parser.add_argument("keyword", type=str, location="args")
-        parser.add_argument(
-            "status", type=str, choices=["succeeded", "failed", "stopped", "partial-succeeded"], location="args"
-        )
+        parser.add_argument("status", type=str, choices=["succeeded", "failed", "stopped"], location="args")
        parser.add_argument(
            "created_at__before", type=str, location="args", help="Filter logs created before this timestamp"
        )
--- a/api/controllers/console/app/workflow_draft_variable.py
+++ b/api/controllers/console/app/workflow_draft_variable.py
@ -1,5 +1,5 @@
 import logging
-from typing import NoReturn
+from typing import Any, NoReturn

 from flask import Response
 from flask_restx import Resource, fields, inputs, marshal, marshal_with, reqparse
@ -21,7 +21,6 @@ from factories.file_factory import build_from_mapping, build_from_mappings
 from factories.variable_factory import build_segment_with_type
 from libs.login import current_user, login_required
 from models import App, AppMode, db
-from models.account import Account
 from models.workflow import WorkflowDraftVariable
 from services.workflow_draft_variable_service import WorkflowDraftVariableList, WorkflowDraftVariableService
 from services.workflow_service import WorkflowService
@ -29,7 +28,7 @@ from services.workflow_service import WorkflowService
 logger = logging.getLogger(__name__)


-def _convert_values_to_json_serializable_object(value: Segment):
+def _convert_values_to_json_serializable_object(value: Segment) -> Any:
    if isinstance(value, FileSegment):
        return value.value.model_dump()
    elif isinstance(value, ArrayFileSegment):
@ -40,7 +39,7 @@ def _convert_values_to_json_serializable_object(value: Segment):
        return value.value


-def _serialize_var_value(variable: WorkflowDraftVariable):
+def _serialize_var_value(variable: WorkflowDraftVariable) -> Any:
    value = variable.get_value()
    # create a copy of the value to avoid affecting the model cache.
    value = value.model_copy(deep=True)
@ -136,8 +135,7 @@ def _api_prerequisite(f):
    @account_initialization_required
    @get_app_model(mode=[AppMode.ADVANCED_CHAT, AppMode.WORKFLOW])
    def wrapper(*args, **kwargs):
-        assert isinstance(current_user, Account)
-        if not current_user.has_edit_permission:
+        if not current_user.is_editor:
            raise Forbidden()
        return f(*args, **kwargs)

--- a/api/controllers/console/app/workflow_statistic.py
+++ b/api/controllers/console/app/workflow_statistic.py
@ -18,10 +18,10 @@ from models.model import AppMode


 class WorkflowDailyRunsStatistic(Resource):
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

@ -80,10 +80,10 @@ WHERE


 class WorkflowDailyTerminalsStatistic(Resource):
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

@ -142,10 +142,10 @@ WHERE


 class WorkflowDailyTokenCostStatistic(Resource):
-    @get_app_model
    @setup_required
    @login_required
    @account_initialization_required
+    @get_app_model
    def get(self, app_model):
        account = current_user

--- a/api/controllers/console/app/wraps.py
+++ b/api/controllers/console/app/wraps.py
@ -1,19 +1,14 @@
 from collections.abc import Callable
 from functools import wraps
-from typing import Optional, ParamSpec, TypeVar, Union
+from typing import Optional, Union

 from controllers.console.app.error import AppNotFoundError
 from extensions.ext_database import db
 from libs.login import current_user
 from models import App, AppMode
-from models.account import Account
-
-P = ParamSpec("P")
-R = TypeVar("R")


 def _load_app_model(app_id: str) -> Optional[App]:
-    assert isinstance(current_user, Account)
    app_model = (
        db.session.query(App)
        .where(App.id == app_id, App.tenant_id == current_user.current_tenant_id, App.status == "normal")
@ -22,10 +17,10 @@ def _load_app_model(app_id: str) -> Optional[App]:
    return app_model


-def get_app_model(view: Optional[Callable[P, R]] = None, *, mode: Union[AppMode, list[AppMode], None] = None):
-    def decorator(view_func: Callable[P, R]):
+def get_app_model(view: Optional[Callable] = None, *, mode: Union[AppMode, list[AppMode], None] = None):
+    def decorator(view_func):
        @wraps(view_func)
-        def decorated_view(*args: P.args, **kwargs: P.kwargs):
+        def decorated_view(*args, **kwargs):
            if not kwargs.get("app_id"):
                raise ValueError("missing app_id in path parameters")

--- a/api/controllers/console/auth/activate.py
+++ b/api/controllers/console/auth/activate.py
@ -1,8 +1,8 @@
 from flask import request
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse

 from constants.languages import supported_language
-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.error import AlreadyActivateError
 from extensions.ext_database import db
 from libs.datetime_utils import naive_utc_now
@ -10,36 +10,14 @@ from libs.helper import StrLen, email, extract_remote_ip, timezone
 from models.account import AccountStatus
 from services.account_service import AccountService, RegisterService

-active_check_parser = reqparse.RequestParser()
-active_check_parser.add_argument(
-    "workspace_id", type=str, required=False, nullable=True, location="args", help="Workspace ID"
-)
-active_check_parser.add_argument(
-    "email", type=email, required=False, nullable=True, location="args", help="Email address"
-)
-active_check_parser.add_argument(
-    "token", type=str, required=True, nullable=False, location="args", help="Activation token"
-)

-
-@console_ns.route("/activate/check")
 class ActivateCheckApi(Resource):
-    @api.doc("check_activation_token")
-    @api.doc(description="Check if activation token is valid")
-    @api.expect(active_check_parser)
-    @api.response(
-        200,
-        "Success",
-        api.model(
-            "ActivationCheckResponse",
-            {
-                "is_valid": fields.Boolean(description="Whether token is valid"),
-                "data": fields.Raw(description="Activation data if valid"),
-            },
-        ),
-    )
    def get(self):
-        args = active_check_parser.parse_args()
+        parser = reqparse.RequestParser()
+        parser.add_argument("workspace_id", type=str, required=False, nullable=True, location="args")
+        parser.add_argument("email", type=email, required=False, nullable=True, location="args")
+        parser.add_argument("token", type=str, required=True, nullable=False, location="args")
+        args = parser.parse_args()

        workspaceId = args["workspace_id"]
        reg_email = args["email"]
@ -60,36 +38,18 @@ class ActivateCheckApi(Resource):
            return {"is_valid": False}


-active_parser = reqparse.RequestParser()
-active_parser.add_argument("workspace_id", type=str, required=False, nullable=True, location="json")
-active_parser.add_argument("email", type=email, required=False, nullable=True, location="json")
-active_parser.add_argument("token", type=str, required=True, nullable=False, location="json")
-active_parser.add_argument("name", type=StrLen(30), required=True, nullable=False, location="json")
-active_parser.add_argument(
-    "interface_language", type=supported_language, required=True, nullable=False, location="json"
-)
-active_parser.add_argument("timezone", type=timezone, required=True, nullable=False, location="json")
-
-
-@console_ns.route("/activate")
 class ActivateApi(Resource):
-    @api.doc("activate_account")
-    @api.doc(description="Activate account with invitation token")
-    @api.expect(active_parser)
-    @api.response(
-        200,
-        "Account activated successfully",
-        api.model(
-            "ActivationResponse",
-            {
-                "result": fields.String(description="Operation result"),
-                "data": fields.Raw(description="Login token data"),
-            },
-        ),
-    )
-    @api.response(400, "Already activated or invalid token")
    def post(self):
-        args = active_parser.parse_args()
+        parser = reqparse.RequestParser()
+        parser.add_argument("workspace_id", type=str, required=False, nullable=True, location="json")
+        parser.add_argument("email", type=email, required=False, nullable=True, location="json")
+        parser.add_argument("token", type=str, required=True, nullable=False, location="json")
+        parser.add_argument("name", type=StrLen(30), required=True, nullable=False, location="json")
+        parser.add_argument(
+            "interface_language", type=supported_language, required=True, nullable=False, location="json"
+        )
+        parser.add_argument("timezone", type=timezone, required=True, nullable=False, location="json")
+        args = parser.parse_args()

        invitation = RegisterService.get_invitation_if_token_valid(args["workspace_id"], args["email"], args["token"])
        if invitation is None:
@ -110,3 +70,7 @@ class ActivateApi(Resource):
        token_pair = AccountService.login(account, ip_address=extract_remote_ip(request))

        return {"result": "success", "data": token_pair.model_dump()}
+
+
+api.add_resource(ActivateCheckApi, "/activate/check")
+api.add_resource(ActivateApi, "/activate")
--- a/api/controllers/console/auth/data_source_oauth.py
+++ b/api/controllers/console/auth/data_source_oauth.py
@ -3,18 +3,16 @@ import logging
 import requests
 from flask import current_app, redirect, request
 from flask_login import current_user
-from flask_restx import Resource, fields
+from flask_restx import Resource
 from werkzeug.exceptions import Forbidden

 from configs import dify_config
-from controllers.console import api, console_ns
+from controllers.console import api
 from libs.login import login_required
 from libs.oauth_data_source import NotionOAuth

 from ..wraps import account_initialization_required, setup_required

-logger = logging.getLogger(__name__)
-

 def get_oauth_providers():
    with current_app.app_context():
@ -28,21 +26,7 @@ def get_oauth_providers():
        return OAUTH_PROVIDERS


-@console_ns.route("/oauth/data-source/<string:provider>")
 class OAuthDataSource(Resource):
-    @api.doc("oauth_data_source")
-    @api.doc(description="Get OAuth authorization URL for data source provider")
-    @api.doc(params={"provider": "Data source provider name (notion)"})
-    @api.response(
-        200,
-        "Authorization URL or internal setup success",
-        api.model(
-            "OAuthDataSourceResponse",
-            {"data": fields.Raw(description="Authorization URL or 'internal' for internal setup")},
-        ),
-    )
-    @api.response(400, "Invalid provider")
-    @api.response(403, "Admin privileges required")
    def get(self, provider: str):
        # The role of the current user in the table must be admin or owner
        if not current_user.is_admin_or_owner:
@ -63,19 +47,7 @@ class OAuthDataSource(Resource):
            return {"data": auth_url}, 200


-@console_ns.route("/oauth/data-source/callback/<string:provider>")
 class OAuthDataSourceCallback(Resource):
-    @api.doc("oauth_data_source_callback")
-    @api.doc(description="Handle OAuth callback from data source provider")
-    @api.doc(
-        params={
-            "provider": "Data source provider name (notion)",
-            "code": "Authorization code from OAuth provider",
-            "error": "Error message from OAuth provider",
-        }
-    )
-    @api.response(302, "Redirect to console with result")
-    @api.response(400, "Invalid provider")
    def get(self, provider: str):
        OAUTH_DATASOURCE_PROVIDERS = get_oauth_providers()
        with current_app.app_context():
@ -94,19 +66,7 @@ class OAuthDataSourceCallback(Resource):
            return redirect(f"{dify_config.CONSOLE_WEB_URL}?type=notion&error=Access denied")


-@console_ns.route("/oauth/data-source/binding/<string:provider>")
 class OAuthDataSourceBinding(Resource):
-    @api.doc("oauth_data_source_binding")
-    @api.doc(description="Bind OAuth data source with authorization code")
-    @api.doc(
-        params={"provider": "Data source provider name (notion)", "code": "Authorization code from OAuth provider"}
-    )
-    @api.response(
-        200,
-        "Data source binding success",
-        api.model("OAuthDataSourceBindingResponse", {"result": fields.String(description="Operation result")}),
-    )
-    @api.response(400, "Invalid provider or code")
    def get(self, provider: str):
        OAUTH_DATASOURCE_PROVIDERS = get_oauth_providers()
        with current_app.app_context():
@ -119,8 +79,8 @@ class OAuthDataSourceBinding(Resource):
                return {"error": "Invalid code"}, 400
            try:
                oauth_provider.get_access_token(code)
-            except requests.HTTPError as e:
-                logger.exception(
+            except requests.exceptions.HTTPError as e:
+                logging.exception(
                    "An error occurred during the OAuthCallback process with %s: %s", provider, e.response.text
                )
                return {"error": "OAuth data source process failed"}, 400
@ -128,17 +88,7 @@ class OAuthDataSourceBinding(Resource):
            return {"result": "success"}, 200


-@console_ns.route("/oauth/data-source/<string:provider>/<uuid:binding_id>/sync")
 class OAuthDataSourceSync(Resource):
-    @api.doc("oauth_data_source_sync")
-    @api.doc(description="Sync data from OAuth data source")
-    @api.doc(params={"provider": "Data source provider name (notion)", "binding_id": "Data source binding ID"})
-    @api.response(
-        200,
-        "Data source sync success",
-        api.model("OAuthDataSourceSyncResponse", {"result": fields.String(description="Operation result")}),
-    )
-    @api.response(400, "Invalid provider or sync failed")
    @setup_required
    @login_required
    @account_initialization_required
@ -152,10 +102,16 @@ class OAuthDataSourceSync(Resource):
            return {"error": "Invalid provider"}, 400
        try:
            oauth_provider.sync_data_source(binding_id)
-        except requests.HTTPError as e:
-            logger.exception(
+        except requests.exceptions.HTTPError as e:
+            logging.exception(
                "An error occurred during the OAuthCallback process with %s: %s", provider, e.response.text
            )
            return {"error": "OAuth data source process failed"}, 400

        return {"result": "success"}, 200
+
+
+api.add_resource(OAuthDataSource, "/oauth/data-source/<string:provider>")
+api.add_resource(OAuthDataSourceCallback, "/oauth/data-source/callback/<string:provider>")
+api.add_resource(OAuthDataSourceBinding, "/oauth/data-source/binding/<string:provider>")
+api.add_resource(OAuthDataSourceSync, "/oauth/data-source/<string:provider>/<uuid:binding_id>/sync")
--- a/api/controllers/console/auth/email_register.py
+++ b/api/controllers/console/auth/email_register.py
@ -1,155 +0,0 @@
-from flask import request
-from flask_restx import Resource, reqparse
-from sqlalchemy import select
-from sqlalchemy.orm import Session
-
-from configs import dify_config
-from constants.languages import languages
-from controllers.console import api
-from controllers.console.auth.error import (
-    EmailAlreadyInUseError,
-    EmailCodeError,
-    EmailRegisterLimitError,
-    InvalidEmailError,
-    InvalidTokenError,
-    PasswordMismatchError,
-)
-from controllers.console.error import AccountInFreezeError, EmailSendIpLimitError
-from controllers.console.wraps import email_password_login_enabled, email_register_enabled, setup_required
-from extensions.ext_database import db
-from libs.helper import email, extract_remote_ip
-from libs.password import valid_password
-from models.account import Account
-from services.account_service import AccountService
-from services.billing_service import BillingService
-from services.errors.account import AccountNotFoundError, AccountRegisterError
-
-
-class EmailRegisterSendEmailApi(Resource):
-    @setup_required
-    @email_password_login_enabled
-    @email_register_enabled
-    def post(self):
-        parser = reqparse.RequestParser()
-        parser.add_argument("email", type=email, required=True, location="json")
-        parser.add_argument("language", type=str, required=False, location="json")
-        args = parser.parse_args()
-
-        ip_address = extract_remote_ip(request)
-        if AccountService.is_email_send_ip_limit(ip_address):
-            raise EmailSendIpLimitError()
-        language = "en-US"
-        if args["language"] in languages:
-            language = args["language"]
-
-        if dify_config.BILLING_ENABLED and BillingService.is_email_in_freeze(args["email"]):
-            raise AccountInFreezeError()
-
-        with Session(db.engine) as session:
-            account = session.execute(select(Account).filter_by(email=args["email"])).scalar_one_or_none()
-        token = None
-        token = AccountService.send_email_register_email(email=args["email"], account=account, language=language)
-        return {"result": "success", "data": token}
-
-
-class EmailRegisterCheckApi(Resource):
-    @setup_required
-    @email_password_login_enabled
-    @email_register_enabled
-    def post(self):
-        parser = reqparse.RequestParser()
-        parser.add_argument("email", type=str, required=True, location="json")
-        parser.add_argument("code", type=str, required=True, location="json")
-        parser.add_argument("token", type=str, required=True, nullable=False, location="json")
-        args = parser.parse_args()
-
-        user_email = args["email"]
-
-        is_email_register_error_rate_limit = AccountService.is_email_register_error_rate_limit(args["email"])
-        if is_email_register_error_rate_limit:
-            raise EmailRegisterLimitError()
-
-        token_data = AccountService.get_email_register_data(args["token"])
-        if token_data is None:
-            raise InvalidTokenError()
-
-        if user_email != token_data.get("email"):
-            raise InvalidEmailError()
-
-        if args["code"] != token_data.get("code"):
-            AccountService.add_email_register_error_rate_limit(args["email"])
-            raise EmailCodeError()
-
-        # Verified, revoke the first token
-        AccountService.revoke_email_register_token(args["token"])
-
-        # Refresh token data by generating a new token
-        _, new_token = AccountService.generate_email_register_token(
-            user_email, code=args["code"], additional_data={"phase": "register"}
-        )
-
-        AccountService.reset_email_register_error_rate_limit(args["email"])
-        return {"is_valid": True, "email": token_data.get("email"), "token": new_token}
-
-
-class EmailRegisterResetApi(Resource):
-    @setup_required
-    @email_password_login_enabled
-    @email_register_enabled
-    def post(self):
-        parser = reqparse.RequestParser()
-        parser.add_argument("token", type=str, required=True, nullable=False, location="json")
-        parser.add_argument("new_password", type=valid_password, required=True, nullable=False, location="json")
-        parser.add_argument("password_confirm", type=valid_password, required=True, nullable=False, location="json")
-        args = parser.parse_args()
-
-        # Validate passwords match
-        if args["new_password"] != args["password_confirm"]:
-            raise PasswordMismatchError()
-
-        # Validate token and get register data
-        register_data = AccountService.get_email_register_data(args["token"])
-        if not register_data:
-            raise InvalidTokenError()
-        # Must use token in reset phase
-        if register_data.get("phase", "") != "register":
-            raise InvalidTokenError()
-
-        # Revoke token to prevent reuse
-        AccountService.revoke_email_register_token(args["token"])
-
-        email = register_data.get("email", "")
-
-        with Session(db.engine) as session:
-            account = session.execute(select(Account).filter_by(email=email)).scalar_one_or_none()
-
-            if account:
-                raise EmailAlreadyInUseError()
-            else:
-                account = self._create_new_account(email, args["password_confirm"])
-                if not account:
-                    raise AccountNotFoundError()
-                token_pair = AccountService.login(account=account, ip_address=extract_remote_ip(request))
-                AccountService.reset_login_error_rate_limit(email)
-
-        return {"result": "success", "data": token_pair.model_dump()}
-
-    def _create_new_account(self, email, password) -> Account | None:
-        # Create new account if allowed
-        account = None
-        try:
-            account = AccountService.create_account_and_tenant(
-                email=email,
-                name=email,
-                password=password,
-                interface_language=languages[0],
-            )
-        except AccountRegisterError:
-            raise AccountInFreezeError()
-
-        return account
-
-
-api.add_resource(EmailRegisterSendEmailApi, "/email-register/send-email")
-api.add_resource(EmailRegisterCheckApi, "/email-register/validity")
-api.add_resource(EmailRegisterResetApi, "/email-register")
--- a/api/controllers/console/auth/error.py
+++ b/api/controllers/console/auth/error.py
@ -27,43 +27,21 @@ class InvalidTokenError(BaseHTTPException):

 class PasswordResetRateLimitExceededError(BaseHTTPException):
    error_code = "password_reset_rate_limit_exceeded"
-    description = "Too many password reset emails have been sent. Please try again in {minutes} minutes."
+    description = "Too many password reset emails have been sent. Please try again in 1 minute."
    code = 429

-    def __init__(self, minutes: int = 1):
-        description = self.description.format(minutes=int(minutes)) if self.description else None
-        super().__init__(description=description)
-
-
-class EmailRegisterRateLimitExceededError(BaseHTTPException):
-    error_code = "email_register_rate_limit_exceeded"
-    description = "Too many email register emails have been sent. Please try again in {minutes} minutes."
-    code = 429
-
-    def __init__(self, minutes: int = 1):
-        description = self.description.format(minutes=int(minutes)) if self.description else None
-        super().__init__(description=description)
-

 class EmailChangeRateLimitExceededError(BaseHTTPException):
    error_code = "email_change_rate_limit_exceeded"
-    description = "Too many email change emails have been sent. Please try again in {minutes} minutes."
+    description = "Too many email change emails have been sent. Please try again in 1 minute."
    code = 429

-    def __init__(self, minutes: int = 1):
-        description = self.description.format(minutes=int(minutes)) if self.description else None
-        super().__init__(description=description)
-

 class OwnerTransferRateLimitExceededError(BaseHTTPException):
    error_code = "owner_transfer_rate_limit_exceeded"
-    description = "Too many owner transfer emails have been sent. Please try again in {minutes} minutes."
+    description = "Too many owner transfer emails have been sent. Please try again in 1 minute."
    code = 429

-    def __init__(self, minutes: int = 1):
-        description = self.description.format(minutes=int(minutes)) if self.description else None
-        super().__init__(description=description)
-

 class EmailCodeError(BaseHTTPException):
    error_code = "email_code_error"
@ -77,12 +55,6 @@ class EmailOrPasswordMismatchError(BaseHTTPException):
    code = 400


-class AuthenticationFailedError(BaseHTTPException):
-    error_code = "authentication_failed"
-    description = "Invalid email or password."
-    code = 401
-
-
 class EmailPasswordLoginLimitError(BaseHTTPException):
    error_code = "email_code_login_limit"
    description = "Too many incorrect password attempts. Please try again later."
@ -91,23 +63,15 @@ class EmailPasswordLoginLimitError(BaseHTTPException):

 class EmailCodeLoginRateLimitExceededError(BaseHTTPException):
    error_code = "email_code_login_rate_limit_exceeded"
-    description = "Too many login emails have been sent. Please try again in {minutes} minutes."
+    description = "Too many login emails have been sent. Please try again in 5 minutes."
    code = 429

-    def __init__(self, minutes: int = 5):
-        description = self.description.format(minutes=int(minutes)) if self.description else None
-        super().__init__(description=description)
-

 class EmailCodeAccountDeletionRateLimitExceededError(BaseHTTPException):
    error_code = "email_code_account_deletion_rate_limit_exceeded"
-    description = "Too many account deletion emails have been sent. Please try again in {minutes} minutes."
+    description = "Too many account deletion emails have been sent. Please try again in 5 minutes."
    code = 429

-    def __init__(self, minutes: int = 5):
-        description = self.description.format(minutes=int(minutes)) if self.description else None
-        super().__init__(description=description)
-

 class EmailPasswordResetLimitError(BaseHTTPException):
    error_code = "email_password_reset_limit"
@ -115,12 +79,6 @@ class EmailPasswordResetLimitError(BaseHTTPException):
    code = 429


-class EmailRegisterLimitError(BaseHTTPException):
-    error_code = "email_register_limit"
-    description = "Too many failed email register attempts. Please try again in 24 hours."
-    code = 429
-
-
 class EmailChangeLimitError(BaseHTTPException):
    error_code = "email_change_limit"
    description = "Too many failed email change attempts. Please try again in 24 hours."
--- a/api/controllers/console/auth/forgot_password.py
+++ b/api/controllers/console/auth/forgot_password.py
@ -2,11 +2,12 @@ import base64
 import secrets

 from flask import request
-from flask_restx import Resource, fields, reqparse
+from flask_restx import Resource, reqparse
 from sqlalchemy import select
 from sqlalchemy.orm import Session

-from controllers.console import api, console_ns
+from constants.languages import languages
+from controllers.console import api
 from controllers.console.auth.error import (
    EmailCodeError,
    EmailPasswordResetLimitError,
@ -14,7 +15,7 @@ from controllers.console.auth.error import (
    InvalidTokenError,
    PasswordMismatchError,
 )
-from controllers.console.error import AccountNotFound, EmailSendIpLimitError
+from controllers.console.error import AccountInFreezeError, AccountNotFound, EmailSendIpLimitError
 from controllers.console.wraps import email_password_login_enabled, setup_required
 from events.tenant_event import tenant_was_created
 from extensions.ext_database import db
@ -22,35 +23,12 @@ from libs.helper import email, extract_remote_ip
 from libs.password import hash_password, valid_password
 from models.account import Account
 from services.account_service import AccountService, TenantService
+from services.errors.account import AccountRegisterError
+from services.errors.workspace import WorkSpaceNotAllowedCreateError, WorkspacesLimitExceededError
 from services.feature_service import FeatureService


-@console_ns.route("/forgot-password")
 class ForgotPasswordSendEmailApi(Resource):
-    @api.doc("send_forgot_password_email")
-    @api.doc(description="Send password reset email")
-    @api.expect(
-        api.model(
-            "ForgotPasswordEmailRequest",
-            {
-                "email": fields.String(required=True, description="Email address"),
-                "language": fields.String(description="Language for email (zh-Hans/en-US)"),
-            },
-        )
-    )
-    @api.response(
-        200,
-        "Email sent successfully",
-        api.model(
-            "ForgotPasswordEmailResponse",
-            {
-                "result": fields.String(description="Operation result"),
-                "data": fields.String(description="Reset token"),
-                "code": fields.String(description="Error code if account not found"),
-            },
-        ),
-    )
-    @api.response(400, "Invalid email or rate limit exceeded")
    @setup_required
    @email_password_login_enabled
    def post(self):
@ -70,44 +48,20 @@ class ForgotPasswordSendEmailApi(Resource):

        with Session(db.engine) as session:
            account = session.execute(select(Account).filter_by(email=args["email"])).scalar_one_or_none()
-
-        token = AccountService.send_reset_password_email(
-            account=account,
-            email=args["email"],
-            language=language,
-            is_allow_register=FeatureService.get_system_features().is_allow_register,
-        )
+        token = None
+        if account is None:
+            if FeatureService.get_system_features().is_allow_register:
+                token = AccountService.send_reset_password_email(email=args["email"], language=language)
+                return {"result": "fail", "data": token, "code": "account_not_found"}
+            else:
+                raise AccountNotFound()
+        else:
+            token = AccountService.send_reset_password_email(account=account, email=args["email"], language=language)

        return {"result": "success", "data": token}


-@console_ns.route("/forgot-password/validity")
 class ForgotPasswordCheckApi(Resource):
-    @api.doc("check_forgot_password_code")
-    @api.doc(description="Verify password reset code")
-    @api.expect(
-        api.model(
-            "ForgotPasswordCheckRequest",
-            {
-                "email": fields.String(required=True, description="Email address"),
-                "code": fields.String(required=True, description="Verification code"),
-                "token": fields.String(required=True, description="Reset token"),
-            },
-        )
-    )
-    @api.response(
-        200,
-        "Code verified successfully",
-        api.model(
-            "ForgotPasswordCheckResponse",
-            {
-                "is_valid": fields.Boolean(description="Whether code is valid"),
-                "email": fields.String(description="Email address"),
-                "token": fields.String(description="New reset token"),
-            },
-        ),
-    )
-    @api.response(400, "Invalid code or token")
    @setup_required
    @email_password_login_enabled
    def post(self):
@ -146,26 +100,7 @@ class ForgotPasswordCheckApi(Resource):
        return {"is_valid": True, "email": token_data.get("email"), "token": new_token}


-@console_ns.route("/forgot-password/resets")
 class ForgotPasswordResetApi(Resource):
-    @api.doc("reset_password")
-    @api.doc(description="Reset password with verification token")
-    @api.expect(
-        api.model(
-            "ForgotPasswordResetRequest",
-            {
-                "token": fields.String(required=True, description="Verification token"),
-                "new_password": fields.String(required=True, description="New password"),
-                "password_confirm": fields.String(required=True, description="Password confirmation"),
-            },
-        )
-    )
-    @api.response(
-        200,
-        "Password reset successfully",
-        api.model("ForgotPasswordResetResponse", {"result": fields.String(description="Operation result")}),
-    )
-    @api.response(400, "Invalid token or password mismatch")
    @setup_required
    @email_password_login_enabled
    def post(self):
@ -202,7 +137,7 @@ class ForgotPasswordResetApi(Resource):
            if account:
                self._update_existing_account(account, password_hashed, salt, session)
            else:
-                raise AccountNotFound()
+                self._create_new_account(email, args["password_confirm"])

        return {"result": "success"}

@ -222,6 +157,22 @@ class ForgotPasswordResetApi(Resource):
            account.current_tenant = tenant
            tenant_was_created.send(tenant)

+    def _create_new_account(self, email, password):
+        # Create new account if allowed
+        try:
+            AccountService.create_account_and_tenant(
+                email=email,
+                name=email,
+                password=password,
+                interface_language=languages[0],
+            )
+        except WorkSpaceNotAllowedCreateError:
+            pass
+        except WorkspacesLimitExceededError:
+            pass
+        except AccountRegisterError:
+            raise AccountInFreezeError()
+

 api.add_resource(ForgotPasswordSendEmailApi, "/forgot-password")
 api.add_resource(ForgotPasswordCheckApi, "/forgot-password/validity")
--- a/api/controllers/console/auth/login.py
+++ b/api/controllers/console/auth/login.py
@ -9,8 +9,8 @@ from configs import dify_config
 from constants.languages import languages
 from controllers.console import api
 from controllers.console.auth.error import (
-    AuthenticationFailedError,
    EmailCodeError,
+    EmailOrPasswordMismatchError,
    EmailPasswordLoginLimitError,
    InvalidEmailError,
    InvalidTokenError,
@ -26,6 +26,7 @@ from controllers.console.error import (
 from controllers.console.wraps import email_password_login_enabled, setup_required
 from events.tenant_event import tenant_was_created
 from libs.helper import email, extract_remote_ip
+from libs.password import valid_password
 from models.account import Account
 from services.account_service import AccountService, RegisterService, TenantService
 from services.billing_service import BillingService
@ -43,9 +44,10 @@ class LoginApi(Resource):
        """Authenticate user and login."""
        parser = reqparse.RequestParser()
        parser.add_argument("email", type=email, required=True, location="json")
-        parser.add_argument("password", type=str, required=True, location="json")
+        parser.add_argument("password", type=valid_password, required=True, location="json")
        parser.add_argument("remember_me", type=bool, required=False, default=False, location="json")
        parser.add_argument("invite_token", type=str, required=False, default=None, location="json")
+        parser.add_argument("language", type=str, required=False, default="en-US", location="json")
        args = parser.parse_args()

        if dify_config.BILLING_ENABLED and BillingService.is_email_in_freeze(args["email"]):
@ -59,6 +61,11 @@ class LoginApi(Resource):
        if invitation:
            invitation = RegisterService.get_invitation_if_token_valid(None, args["email"], invitation)

+        if args["language"] is not None and args["language"] == "zh-Hans":
+            language = "zh-Hans"
+        else:
+            language = "en-US"
+
        try:
            if invitation:
                data = invitation.get("data", {})
@ -72,7 +79,13 @@ class LoginApi(Resource):
            raise AccountBannedError()
        except services.errors.account.AccountPasswordError:
            AccountService.add_login_error_rate_limit(args["email"])
-            raise AuthenticationFailedError()
+            raise EmailOrPasswordMismatchError()
+        except services.errors.account.AccountNotFoundError:
+            if FeatureService.get_system_features().is_allow_register:
+                token = AccountService.send_reset_password_email(email=args["email"], language=language)
+                return {"result": "fail", "data": token, "code": "account_not_found"}
+            else:
+                raise AccountNotFound()
        # SELF_HOSTED only have one workspace
        tenants = TenantService.get_join_tenants(account)
        if len(tenants) == 0:
@ -117,15 +130,15 @@ class ResetPasswordSendEmailApi(Resource):
            language = "en-US"
        try:
            account = AccountService.get_user_through_email(args["email"])
-        except AccountRegisterError:
+        except AccountRegisterError as are:
            raise AccountInFreezeError()
-
-        token = AccountService.send_reset_password_email(
-            email=args["email"],
-            account=account,
-            language=language,
-            is_allow_register=FeatureService.get_system_features().is_allow_register,
-        )
+        if account is None:
+            if FeatureService.get_system_features().is_allow_register:
+                token = AccountService.send_reset_password_email(email=args["email"], language=language)
+            else:
+                raise AccountNotFound()
+        else:
+            token = AccountService.send_reset_password_email(account=account, language=language)

        return {"result": "success", "data": token}

@ -148,7 +161,7 @@ class EmailCodeLoginSendEmailApi(Resource):
            language = "en-US"
        try:
            account = AccountService.get_user_through_email(args["email"])
-        except AccountRegisterError:
+        except AccountRegisterError as are:
            raise AccountInFreezeError()

        if account is None:
@ -186,7 +199,7 @@ class EmailCodeLoginApi(Resource):
        AccountService.revoke_email_code_login_token(args["token"])
        try:
            account = AccountService.get_user_through_email(user_email)
-        except AccountRegisterError:
+        except AccountRegisterError as are:
            raise AccountInFreezeError()
        if account:
            tenants = TenantService.get_join_tenants(account)
@ -208,8 +221,8 @@ class EmailCodeLoginApi(Resource):
                    email=user_email, name=user_email, interface_language=languages[0]
                )
            except WorkSpaceNotAllowedCreateError:
-                raise NotAllowedCreateWorkspace()
-            except AccountRegisterError:
+                return NotAllowedCreateWorkspace()
+            except AccountRegisterError as are:
                raise AccountInFreezeError()
            except WorkspacesLimitExceededError:
                raise WorkspacesLimitExceeded()
--- a/api/controllers/console/auth/oauth.py
+++ b/api/controllers/console/auth/oauth.py
@ -18,14 +18,11 @@ from libs.oauth import GitHubOAuth, GoogleOAuth, OAuthUserInfo
 from models import Account
 from models.account import AccountStatus
 from services.account_service import AccountService, RegisterService, TenantService
-from services.billing_service import BillingService
 from services.errors.account import AccountNotFoundError, AccountRegisterError
 from services.errors.workspace import WorkSpaceNotAllowedCreateError, WorkSpaceNotFoundError
 from services.feature_service import FeatureService

-from .. import api, console_ns
-
-logger = logging.getLogger(__name__)
+from .. import api


 def get_oauth_providers():
@ -51,13 +48,7 @@ def get_oauth_providers():
        return OAUTH_PROVIDERS


-@console_ns.route("/oauth/login/<provider>")
 class OAuthLogin(Resource):
-    @api.doc("oauth_login")
-    @api.doc(description="Initiate OAuth login process")
-    @api.doc(params={"provider": "OAuth provider name (github/google)", "invite_token": "Optional invitation token"})
-    @api.response(302, "Redirect to OAuth authorization URL")
-    @api.response(400, "Invalid provider")
    def get(self, provider: str):
        invite_token = request.args.get("invite_token") or None
        OAUTH_PROVIDERS = get_oauth_providers()
@ -70,19 +61,7 @@ class OAuthLogin(Resource):
        return redirect(auth_url)


-@console_ns.route("/oauth/authorize/<provider>")
 class OAuthCallback(Resource):
-    @api.doc("oauth_callback")
-    @api.doc(description="Handle OAuth callback and complete login process")
-    @api.doc(
-        params={
-            "provider": "OAuth provider name (github/google)",
-            "code": "Authorization code from OAuth provider",
-            "state": "Optional state parameter (used for invite token)",
-        }
-    )
-    @api.response(302, "Redirect to console with access token")
-    @api.response(400, "OAuth process failed")
    def get(self, provider: str):
        OAUTH_PROVIDERS = get_oauth_providers()
        with current_app.app_context():
@ -96,19 +75,16 @@ class OAuthCallback(Resource):
        if state:
            invite_token = state

-        if not code:
-            return {"error": "Authorization code is required"}, 400
-
        try:
            token = oauth_provider.get_access_token(code)
            user_info = oauth_provider.get_user_info(token)
-        except requests.RequestException as e:
+        except requests.exceptions.RequestException as e:
            error_text = e.response.text if e.response else str(e)
-            logger.exception("An error occurred during the OAuth process with %s: %s", provider, error_text)
+            logging.exception("An error occurred during the OAuth process with %s: %s", provider, error_text)
            return {"error": "OAuth process failed"}, 400

        if invite_token and RegisterService.is_valid_invite_token(invite_token):
-            invitation = RegisterService.get_invitation_by_token(token=invite_token)
+            invitation = RegisterService._get_invitation_by_token(token=invite_token)
            if invitation:
                invitation_email = invitation.get("email", None)
                if invitation_email != user_info.email:
@ -184,15 +160,7 @@ def _generate_account(provider: str, user_info: OAuthUserInfo):

    if not account:
        if not FeatureService.get_system_features().is_allow_register:
-            if dify_config.BILLING_ENABLED and BillingService.is_email_in_freeze(user_info.email):
-                raise AccountRegisterError(
-                    description=(
-                        "This email account has been deleted within the past "
-                        "30 days and is temporarily unavailable for new account registration"
-                    )
-                )
-            else:
-                raise AccountRegisterError(description=("Invalid email or password"))
+            raise AccountNotFoundError()
        account_name = user_info.name or "Dify"
        account = RegisterService.register(
            email=user_info.email, name=account_name, password=None, open_id=user_info.id, provider=provider
@ -211,3 +179,7 @@ def _generate_account(provider: str, user_info: OAuthUserInfo):
    AccountService.link_account_integrate(provider, user_info.id, account)

    return account
+
+
+api.add_resource(OAuthLogin, "/oauth/login/<provider>")
+api.add_resource(OAuthCallback, "/oauth/authorize/<provider>")
--- a/api/controllers/console/auth/oauth_server.py
+++ b/api/controllers/console/auth/oauth_server.py
@ -1,202 +0,0 @@
-from collections.abc import Callable
-from functools import wraps
-from typing import Concatenate, ParamSpec, TypeVar, cast
-
-import flask_login
-from flask import jsonify, request
-from flask_restx import Resource, reqparse
-from werkzeug.exceptions import BadRequest, NotFound
-
-from controllers.console.wraps import account_initialization_required, setup_required
-from core.model_runtime.utils.encoders import jsonable_encoder
-from libs.login import login_required
-from models.account import Account
-from models.model import OAuthProviderApp
-from services.oauth_server import OAUTH_ACCESS_TOKEN_EXPIRES_IN, OAuthGrantType, OAuthServerService
-
-from .. import api
-
-P = ParamSpec("P")
-R = TypeVar("R")
-T = TypeVar("T")
-
-
-def oauth_server_client_id_required(view: Callable[Concatenate[T, OAuthProviderApp, P], R]):
-    @wraps(view)
-    def decorated(self: T, *args: P.args, **kwargs: P.kwargs):
-        parser = reqparse.RequestParser()
-        parser.add_argument("client_id", type=str, required=True, location="json")
-        parsed_args = parser.parse_args()
-        client_id = parsed_args.get("client_id")
-        if not client_id:
-            raise BadRequest("client_id is required")
-
-        oauth_provider_app = OAuthServerService.get_oauth_provider_app(client_id)
-        if not oauth_provider_app:
-            raise NotFound("client_id is invalid")
-
-        return view(self, oauth_provider_app, *args, **kwargs)
-
-    return decorated
-
-
-def oauth_server_access_token_required(view: Callable[Concatenate[T, OAuthProviderApp, Account, P], R]):
-    @wraps(view)
-    def decorated(self: T, oauth_provider_app: OAuthProviderApp, *args: P.args, **kwargs: P.kwargs):
-        if not isinstance(oauth_provider_app, OAuthProviderApp):
-            raise BadRequest("Invalid oauth_provider_app")
-
-        authorization_header = request.headers.get("Authorization")
-        if not authorization_header:
-            response = jsonify({"error": "Authorization header is required"})
-            response.status_code = 401
-            response.headers["WWW-Authenticate"] = "Bearer"
-            return response
-
-        parts = authorization_header.strip().split(None, 1)
-        if len(parts) != 2:
-            response = jsonify({"error": "Invalid Authorization header format"})
-            response.status_code = 401
-            response.headers["WWW-Authenticate"] = "Bearer"
-            return response
-
-        token_type = parts[0].strip()
-        if token_type.lower() != "bearer":
-            response = jsonify({"error": "token_type is invalid"})
-            response.status_code = 401
-            response.headers["WWW-Authenticate"] = "Bearer"
-            return response
-
-        access_token = parts[1].strip()
-        if not access_token:
-            response = jsonify({"error": "access_token is required"})
-            response.status_code = 401
-            response.headers["WWW-Authenticate"] = "Bearer"
-            return response
-
-        account = OAuthServerService.validate_oauth_access_token(oauth_provider_app.client_id, access_token)
-        if not account:
-            response = jsonify({"error": "access_token or client_id is invalid"})
-            response.status_code = 401
-            response.headers["WWW-Authenticate"] = "Bearer"
-            return response
-
-        return view(self, oauth_provider_app, account, *args, **kwargs)
-
-    return decorated
-
-
-class OAuthServerAppApi(Resource):
-    @setup_required
-    @oauth_server_client_id_required
-    def post(self, oauth_provider_app: OAuthProviderApp):
-        parser = reqparse.RequestParser()
-        parser.add_argument("redirect_uri", type=str, required=True, location="json")
-        parsed_args = parser.parse_args()
-        redirect_uri = parsed_args.get("redirect_uri")
-
-        # check if redirect_uri is valid
-        if redirect_uri not in oauth_provider_app.redirect_uris:
-            raise BadRequest("redirect_uri is invalid")
-
-        return jsonable_encoder(
-            {
-                "app_icon": oauth_provider_app.app_icon,
-                "app_label": oauth_provider_app.app_label,
-                "scope": oauth_provider_app.scope,
-            }
-        )
-
-
-class OAuthServerUserAuthorizeApi(Resource):
-    @setup_required
-    @login_required
-    @account_initialization_required
-    @oauth_server_client_id_required
-    def post(self, oauth_provider_app: OAuthProviderApp):
-        account = cast(Account, flask_login.current_user)
-        user_account_id = account.id
-
-        code = OAuthServerService.sign_oauth_authorization_code(oauth_provider_app.client_id, user_account_id)
-        return jsonable_encoder(
-            {
-                "code": code,
-            }
-        )
-
-
-class OAuthServerUserTokenApi(Resource):
-    @setup_required
-    @oauth_server_client_id_required
-    def post(self, oauth_provider_app: OAuthProviderApp):
-        parser = reqparse.RequestParser()
-        parser.add_argument("grant_type", type=str, required=True, location="json")
-        parser.add_argument("code", type=str, required=False, location="json")
-        parser.add_argument("client_secret", type=str, required=False, location="json")
-        parser.add_argument("redirect_uri", type=str, required=False, location="json")
-        parser.add_argument("refresh_token", type=str, required=False, location="json")
-        parsed_args = parser.parse_args()
-
-        try:
-            grant_type = OAuthGrantType(parsed_args["grant_type"])
-        except ValueError:
-            raise BadRequest("invalid grant_type")
-
-        if grant_type == OAuthGrantType.AUTHORIZATION_CODE:
-            if not parsed_args["code"]:
-                raise BadRequest("code is required")
-
-            if parsed_args["client_secret"] != oauth_provider_app.client_secret:
-                raise BadRequest("client_secret is invalid")
-
-            if parsed_args["redirect_uri"] not in oauth_provider_app.redirect_uris:
-                raise BadRequest("redirect_uri is invalid")
-
-            access_token, refresh_token = OAuthServerService.sign_oauth_access_token(
-                grant_type, code=parsed_args["code"], client_id=oauth_provider_app.client_id
-            )
-            return jsonable_encoder(
-                {
-                    "access_token": access_token,
-                    "token_type": "Bearer",
-                    "expires_in": OAUTH_ACCESS_TOKEN_EXPIRES_IN,
-                    "refresh_token": refresh_token,
-                }
-            )
-        elif grant_type == OAuthGrantType.REFRESH_TOKEN:
-            if not parsed_args["refresh_token"]:
-                raise BadRequest("refresh_token is required")
-
-            access_token, refresh_token = OAuthServerService.sign_oauth_access_token(
-                grant_type, refresh_token=parsed_args["refresh_token"], client_id=oauth_provider_app.client_id
-            )
-            return jsonable_encoder(
-                {
-                    "access_token": access_token,
-                    "token_type": "Bearer",
-                    "expires_in": OAUTH_ACCESS_TOKEN_EXPIRES_IN,
-                    "refresh_token": refresh_token,
-                }
-            )
-
-
-class OAuthServerUserAccountApi(Resource):
-    @setup_required
-    @oauth_server_client_id_required
-    @oauth_server_access_token_required
-    def post(self, oauth_provider_app: OAuthProviderApp, account: Account):
-        return jsonable_encoder(
-            {
-                "name": account.name,
-                "email": account.email,
-                "avatar": account.avatar,
-                "interface_language": account.interface_language,
-                "timezone": account.timezone,
-            }
-        )
-
-
-api.add_resource(OAuthServerAppApi, "/oauth/provider")
-api.add_resource(OAuthServerUserAuthorizeApi, "/oauth/provider/authorize")
-api.add_resource(OAuthServerUserTokenApi, "/oauth/provider/token")
-api.add_resource(OAuthServerUserAccountApi, "/oauth/provider/account")
--- a/api/controllers/console/billing/billing.py
+++ b/api/controllers/console/billing/billing.py
@ -1,9 +1,9 @@
+from flask_login import current_user
 from flask_restx import Resource, reqparse

 from controllers.console import api
 from controllers.console.wraps import account_initialization_required, only_edition_cloud, setup_required
-from libs.login import current_user, login_required
-from models.model import Account
+from libs.login import login_required
 from services.billing_service import BillingService


@ -17,10 +17,9 @@ class Subscription(Resource):
        parser.add_argument("plan", type=str, required=True, location="args", choices=["professional", "team"])
        parser.add_argument("interval", type=str, required=True, location="args", choices=["month", "year"])
        args = parser.parse_args()
-        assert isinstance(current_user, Account)

        BillingService.is_tenant_owner_or_admin(current_user)
-        assert current_user.current_tenant_id is not None
+
        return BillingService.get_subscription(
            args["plan"], args["interval"], current_user.email, current_user.current_tenant_id
        )
@ -32,9 +31,7 @@ class Invoices(Resource):
    @account_initialization_required
    @only_edition_cloud
    def get(self):
-        assert isinstance(current_user, Account)
        BillingService.is_tenant_owner_or_admin(current_user)
-        assert current_user.current_tenant_id is not None
        return BillingService.get_invoices(current_user.email, current_user.current_tenant_id)


--- a/api/controllers/console/datasets/data_source.py
+++ b/api/controllers/console/datasets/data_source.py
@ -10,7 +10,6 @@ from werkzeug.exceptions import NotFound
 from controllers.console import api
 from controllers.console.wraps import account_initialization_required, setup_required
 from core.indexing_runner import IndexingRunner
-from core.rag.extractor.entity.datasource_type import DatasourceType
 from core.rag.extractor.entity.extract_setting import ExtractSetting
 from core.rag.extractor.notion_extractor import NotionExtractor
 from extensions.ext_database import db
@ -29,12 +28,14 @@ class DataSourceApi(Resource):
    @marshal_with(integrate_list_fields)
    def get(self):
        # get workspace data source integrates
-        data_source_integrates = db.session.scalars(
-            select(DataSourceOauthBinding).where(
+        data_source_integrates = (
+            db.session.query(DataSourceOauthBinding)
+            .where(
                DataSourceOauthBinding.tenant_id == current_user.current_tenant_id,
                DataSourceOauthBinding.disabled == False,
            )
-        ).all()
+            .all()
+        )

        base_url = request.url_root.rstrip("/")
        data_source_oauth_base_path = "/console/api/oauth/data-source"
@ -213,7 +214,7 @@ class DataSourceNotionApi(Resource):
            workspace_id = notion_info["workspace_id"]
            for page in notion_info["pages"]:
                extract_setting = ExtractSetting(
-                    datasource_type=DatasourceType.NOTION.value,
+                    datasource_type="notion_import",
                    notion_info={
                        "notion_workspace_id": workspace_id,
                        "notion_obj_id": page["page_id"],
@ -247,7 +248,7 @@ class DataSourceNotionDatasetSyncApi(Resource):
        documents = DocumentService.get_document_by_dataset_id(dataset_id_str)
        for document in documents:
            document_indexing_sync_task.delay(dataset_id_str, document.id)
-        return {"result": "success"}, 200
+        return 200


 class DataSourceNotionDocumentSyncApi(Resource):
@ -265,7 +266,7 @@ class DataSourceNotionDocumentSyncApi(Resource):
        if document is None:
            raise NotFound("Document not found.")
        document_indexing_sync_task.delay(dataset_id_str, document_id_str)
-        return {"result": "success"}, 200
+        return 200


 api.add_resource(DataSourceApi, "/data-source/integrates", "/data-source/integrates/<uuid:binding_id>/<string:action>")
--- a/api/controllers/console/datasets/datasets.py
+++ b/api/controllers/console/datasets/datasets.py
@ -2,7 +2,6 @@ import flask_restx
 from flask import request
 from flask_login import current_user
 from flask_restx import Resource, marshal, marshal_with, reqparse
-from sqlalchemy import select
 from werkzeug.exceptions import Forbidden, NotFound

 import services
@ -23,7 +22,6 @@ from core.model_runtime.entities.model_entities import ModelType
 from core.plugin.entities.plugin import ModelProviderID
 from core.provider_manager import ProviderManager
 from core.rag.datasource.vdb.vector_type import VectorType
-from core.rag.extractor.entity.datasource_type import DatasourceType
 from core.rag.extractor.entity.extract_setting import ExtractSetting
 from core.rag.retrieval.retrieval_methods import RetrievalMethod
 from extensions.ext_database import db
@ -412,11 +410,11 @@ class DatasetIndexingEstimateApi(Resource):
        extract_settings = []
        if args["info_list"]["data_source_type"] == "upload_file":
            file_ids = args["info_list"]["file_info_list"]["file_ids"]
-            file_details = db.session.scalars(
-                select(UploadFile).where(
-                    UploadFile.tenant_id == current_user.current_tenant_id, UploadFile.id.in_(file_ids)
-                )
-            ).all()
+            file_details = (
+                db.session.query(UploadFile)
+                .where(UploadFile.tenant_id == current_user.current_tenant_id, UploadFile.id.in_(file_ids))
+                .all()
+            )

            if file_details is None:
                raise NotFound("File not found.")
@ -424,9 +422,7 @@ class DatasetIndexingEstimateApi(Resource):
            if file_details:
                for file_detail in file_details:
                    extract_setting = ExtractSetting(
-                        datasource_type=DatasourceType.FILE.value,
-                        upload_file=file_detail,
-                        document_model=args["doc_form"],
+                        datasource_type="upload_file", upload_file=file_detail, document_model=args["doc_form"]
                    )
                    extract_settings.append(extract_setting)
        elif args["info_list"]["data_source_type"] == "notion_import":
@ -435,7 +431,7 @@ class DatasetIndexingEstimateApi(Resource):
                workspace_id = notion_info["workspace_id"]
                for page in notion_info["pages"]:
                    extract_setting = ExtractSetting(
-                        datasource_type=DatasourceType.NOTION.value,
+                        datasource_type="notion_import",
                        notion_info={
                            "notion_workspace_id": workspace_id,
                            "notion_obj_id": page["page_id"],
@ -449,7 +445,7 @@ class DatasetIndexingEstimateApi(Resource):
            website_info_list = args["info_list"]["website_info_list"]
            for url in website_info_list["urls"]:
                extract_setting = ExtractSetting(
-                    datasource_type=DatasourceType.WEBSITE.value,
+                    datasource_type="website_crawl",
                    website_info={
                        "provider": website_info_list["provider"],
                        "job_id": website_info_list["job_id"],
@ -519,11 +515,11 @@ class DatasetIndexingStatusApi(Resource):
    @account_initialization_required
    def get(self, dataset_id):
        dataset_id = str(dataset_id)
-        documents = db.session.scalars(
-            select(Document).where(
-                Document.dataset_id == dataset_id, Document.tenant_id == current_user.current_tenant_id
-            )
-        ).all()
+        documents = (
+            db.session.query(Document)
+            .where(Document.dataset_id == dataset_id, Document.tenant_id == current_user.current_tenant_id)
+            .all()
+        )
        documents_status = []
        for document in documents:
            completed_segments = (
@ -557,7 +553,7 @@ class DatasetIndexingStatusApi(Resource):
            }
            documents_status.append(marshal(document_dict, document_status_fields))
        data = {"data": documents_status}
-        return data, 200
+        return data


 class DatasetApiKeyApi(Resource):
@ -570,11 +566,11 @@ class DatasetApiKeyApi(Resource):
    @account_initialization_required
    @marshal_with(api_key_list)
    def get(self):
-        keys = db.session.scalars(
-            select(ApiToken).where(
-                ApiToken.type == self.resource_type, ApiToken.tenant_id == current_user.current_tenant_id
-            )
-        ).all()
+        keys = (
+            db.session.query(ApiToken)
+            .where(ApiToken.type == self.resource_type, ApiToken.tenant_id == current_user.current_tenant_id)
+            .all()
+        )
        return {"items": keys}

    @setup_required
--- a/api/controllers/console/datasets/datasets_document.py
+++ b/api/controllers/console/datasets/datasets_document.py
@ -1,6 +1,5 @@
 import logging
 from argparse import ArgumentTypeError
-from collections.abc import Sequence
 from typing import Literal, cast

 from flask import request
@ -41,7 +40,6 @@ from core.model_manager import ModelManager
 from core.model_runtime.entities.model_entities import ModelType
 from core.model_runtime.errors.invoke import InvokeAuthorizationError
 from core.plugin.impl.exc import PluginDaemonClientSideError
-from core.rag.extractor.entity.datasource_type import DatasourceType
 from core.rag.extractor.entity.extract_setting import ExtractSetting
 from extensions.ext_database import db
 from fields.document_fields import (
@ -56,8 +54,6 @@ from models import Dataset, DatasetProcessRule, Document, DocumentSegment, Uploa
 from services.dataset_service import DatasetService, DocumentService
 from services.entities.knowledge_entities.knowledge_entities import KnowledgeConfig

-logger = logging.getLogger(__name__)
-

 class DocumentResource(Resource):
    def get_document(self, dataset_id: str, document_id: str) -> Document:
@ -80,7 +76,7 @@ class DocumentResource(Resource):

        return document

-    def get_batch_documents(self, dataset_id: str, batch: str) -> Sequence[Document]:
+    def get_batch_documents(self, dataset_id: str, batch: str) -> list[Document]:
        dataset = DatasetService.get_dataset(dataset_id)
        if not dataset:
            raise NotFound("Dataset not found.")
@ -356,6 +352,9 @@ class DatasetInitApi(Resource):
        parser.add_argument("embedding_model_provider", type=str, required=False, nullable=True, location="json")
        args = parser.parse_args()

+        # The role of the current user in the ta table must be admin, owner, or editor, or dataset_operator
+        if not current_user.is_dataset_editor:
+            raise Forbidden()
        knowledge_config = KnowledgeConfig(**args)
        if knowledge_config.indexing_technique == "high_quality":
            if knowledge_config.embedding_model is None or knowledge_config.embedding_model_provider is None:
@ -427,7 +426,7 @@ class DocumentIndexingEstimateApi(DocumentResource):
                    raise NotFound("File not found.")

                extract_setting = ExtractSetting(
-                    datasource_type=DatasourceType.FILE.value, upload_file=file, document_model=document.doc_form
+                    datasource_type="upload_file", upload_file=file, document_model=document.doc_form
                )

                indexing_runner = IndexingRunner()
@ -469,15 +468,27 @@ class DocumentBatchIndexingEstimateApi(DocumentResource):
            return {"tokens": 0, "total_price": 0, "currency": "USD", "total_segments": 0, "preview": []}, 200
        data_process_rule = documents[0].dataset_process_rule
        data_process_rule_dict = data_process_rule.to_dict()
+        info_list = []
        extract_settings = []
        for document in documents:
            if document.indexing_status in {"completed", "error"}:
                raise DocumentAlreadyFinishedError()
            data_source_info = document.data_source_info_dict
+            # format document files info
+            if data_source_info and "upload_file_id" in data_source_info:
+                file_id = data_source_info["upload_file_id"]
+                info_list.append(file_id)
+            # format document notion info
+            elif (
+                data_source_info and "notion_workspace_id" in data_source_info and "notion_page_id" in data_source_info
+            ):
+                pages = []
+                page = {"page_id": data_source_info["notion_page_id"], "type": data_source_info["type"]}
+                pages.append(page)
+                notion_info = {"workspace_id": data_source_info["notion_workspace_id"], "pages": pages}
+                info_list.append(notion_info)

            if document.data_source_type == "upload_file":
-                if not data_source_info:
-                    continue
                file_id = data_source_info["upload_file_id"]
                file_detail = (
                    db.session.query(UploadFile)
@ -489,15 +500,13 @@ class DocumentBatchIndexingEstimateApi(DocumentResource):
                    raise NotFound("File not found.")

                extract_setting = ExtractSetting(
-                    datasource_type=DatasourceType.FILE.value, upload_file=file_detail, document_model=document.doc_form
+                    datasource_type="upload_file", upload_file=file_detail, document_model=document.doc_form
                )
                extract_settings.append(extract_setting)

            elif document.data_source_type == "notion_import":
-                if not data_source_info:
-                    continue
                extract_setting = ExtractSetting(
-                    datasource_type=DatasourceType.NOTION.value,
+                    datasource_type="notion_import",
                    notion_info={
                        "notion_workspace_id": data_source_info["notion_workspace_id"],
                        "notion_obj_id": data_source_info["notion_page_id"],
@ -508,10 +517,8 @@ class DocumentBatchIndexingEstimateApi(DocumentResource):
                )
                extract_settings.append(extract_setting)
            elif document.data_source_type == "website_crawl":
-                if not data_source_info:
-                    continue
                extract_setting = ExtractSetting(
-                    datasource_type=DatasourceType.WEBSITE.value,
+                    datasource_type="website_crawl",
                    website_info={
                        "provider": data_source_info["provider"],
                        "job_id": data_source_info["job_id"],
@ -959,7 +966,7 @@ class DocumentRetryApi(DocumentResource):
                    raise DocumentAlreadyFinishedError()
                retry_documents.append(document)
            except Exception:
-                logger.exception("Failed to retry document, document id: %s", document_id)
+                logging.exception("Failed to retry document, document id: %s", document_id)
                continue
        # retry document
        DocumentService.retry_document(dataset_id, retry_documents)
--- a/api/controllers/console/datasets/hit_testing_base.py
+++ b/api/controllers/console/datasets/hit_testing_base.py
@ -23,8 +23,6 @@ from fields.hit_testing_fields import hit_testing_record_fields
 from services.dataset_service import DatasetService
 from services.hit_testing_service import HitTestingService

-logger = logging.getLogger(__name__)
-

 class DatasetsHitTestingBase:
    @staticmethod
@ -83,5 +81,5 @@ class DatasetsHitTestingBase:
        except ValueError as e:
            raise ValueError(str(e))
        except Exception as e:
-            logger.exception("Hit testing failed.")
+            logging.exception("Hit testing failed.")
            raise InternalServerError(str(e))
--- a/api/controllers/console/datasets/metadata.py
+++ b/api/controllers/console/datasets/metadata.py
@ -113,7 +113,7 @@ class DatasetMetadataBuiltInFieldActionApi(Resource):
            MetadataService.enable_built_in_field(dataset)
        elif action == "disable":
            MetadataService.disable_built_in_field(dataset)
-        return {"result": "success"}, 200
+        return 200


 class DocumentMetadataEditApi(Resource):
@ -135,7 +135,7 @@ class DocumentMetadataEditApi(Resource):

        MetadataService.update_documents_metadata(dataset, metadata_args)

-        return {"result": "success"}, 200
+        return 200


 api.add_resource(DatasetMetadataCreateApi, "/datasets/<uuid:dataset_id>/metadata")
--- a/api/controllers/console/datasets/upload_file.py
+++ b/api/controllers/console/datasets/upload_file.py
@ -0,0 +1,62 @@
+from flask_login import current_user
+from flask_restx import Resource
+from werkzeug.exceptions import NotFound
+
+from controllers.console import api
+from controllers.console.wraps import (
+    account_initialization_required,
+    setup_required,
+)
+from core.file import helpers as file_helpers
+from extensions.ext_database import db
+from models.dataset import Dataset
+from models.model import UploadFile
+from services.dataset_service import DocumentService
+
+
+class UploadFileApi(Resource):
+    @setup_required
+    @account_initialization_required
+    def get(self, dataset_id, document_id):
+        """Get upload file."""
+        # check dataset
+        dataset_id = str(dataset_id)
+        dataset = (
+            db.session.query(Dataset)
+            .filter(Dataset.tenant_id == current_user.current_tenant_id, Dataset.id == dataset_id)
+            .first()
+        )
+        if not dataset:
+            raise NotFound("Dataset not found.")
+        # check document
+        document_id = str(document_id)
+        document = DocumentService.get_document(dataset.id, document_id)
+        if not document:
+            raise NotFound("Document not found.")
+        # check upload file
+        if document.data_source_type != "upload_file":
+            raise ValueError(f"Document data source type ({document.data_source_type}) is not upload_file.")
+        data_source_info = document.data_source_info_dict
+        if data_source_info and "upload_file_id" in data_source_info:
+            file_id = data_source_info["upload_file_id"]
+            upload_file = db.session.query(UploadFile).where(UploadFile.id == file_id).first()
+            if not upload_file:
+                raise NotFound("UploadFile not found.")
+        else:
+            raise ValueError("Upload file id not found in document data source info.")
+
+        url = file_helpers.get_signed_file_url(upload_file_id=upload_file.id)
+        return {
+            "id": upload_file.id,
+            "name": upload_file.name,
+            "size": upload_file.size,
+            "extension": upload_file.extension,
+            "url": url,
+            "download_url": f"{url}&as_attachment=true",
+            "mime_type": upload_file.mime_type,
+            "created_by": upload_file.created_by,
+            "created_at": upload_file.created_at.timestamp(),
+        }, 200
+
+
+api.add_resource(UploadFileApi, "/datasets/<uuid:dataset_id>/documents/<uuid:document_id>/upload-file")
--- a/api/controllers/console/explore/audio.py
+++ b/api/controllers/console/explore/audio.py
@ -26,8 +26,6 @@ from services.errors.audio import (
    UnsupportedAudioTypeServiceError,
 )

-logger = logging.getLogger(__name__)
-

 class ChatAudioApi(InstalledAppResource):
    def post(self, installed_app):
@ -40,7 +38,7 @@ class ChatAudioApi(InstalledAppResource):

            return response
        except services.errors.app_model_config.AppModelConfigBrokenError:
-            logger.exception("App model config broken.")
+            logging.exception("App model config broken.")
            raise AppUnavailableError()
        except NoAudioUploadedServiceError:
            raise NoAudioUploadedError()
@ -61,7 +59,7 @@ class ChatAudioApi(InstalledAppResource):
        except ValueError as e:
            raise e
        except Exception as e:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -85,7 +83,7 @@ class ChatTextApi(InstalledAppResource):
            response = AudioService.transcript_tts(app_model=app_model, text=text, voice=voice, message_id=message_id)
            return response
        except services.errors.app_model_config.AppModelConfigBrokenError:
-            logger.exception("App model config broken.")
+            logging.exception("App model config broken.")
            raise AppUnavailableError()
        except NoAudioUploadedServiceError:
            raise NoAudioUploadedError()
@ -106,5 +104,5 @@ class ChatTextApi(InstalledAppResource):
        except ValueError as e:
            raise e
        except Exception as e:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()
--- a/api/controllers/console/explore/completion.py
+++ b/api/controllers/console/explore/completion.py
@ -1,5 +1,6 @@
 import logging

+from flask_login import current_user
 from flask_restx import reqparse
 from werkzeug.exceptions import InternalServerError, NotFound

@ -27,14 +28,10 @@ from extensions.ext_database import db
 from libs import helper
 from libs.datetime_utils import naive_utc_now
 from libs.helper import uuid_value
-from libs.login import current_user
-from models import Account
 from models.model import AppMode
 from services.app_generate_service import AppGenerateService
 from services.errors.llm import InvokeRateLimitError

-logger = logging.getLogger(__name__)
-

 # define completion api for user
 class CompletionApi(InstalledAppResource):
@ -58,8 +55,6 @@ class CompletionApi(InstalledAppResource):
        db.session.commit()

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            response = AppGenerateService.generate(
                app_model=app_model, user=current_user, args=args, invoke_from=InvokeFrom.EXPLORE, streaming=streaming
            )
@ -70,7 +65,7 @@ class CompletionApi(InstalledAppResource):
        except services.errors.conversation.ConversationCompletedError:
            raise ConversationCompletedError()
        except services.errors.app_model_config.AppModelConfigBrokenError:
-            logger.exception("App model config broken.")
+            logging.exception("App model config broken.")
            raise AppUnavailableError()
        except ProviderTokenNotInitError as ex:
            raise ProviderNotInitializeError(ex.description)
@ -83,7 +78,7 @@ class CompletionApi(InstalledAppResource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -93,8 +88,6 @@ class CompletionStopApi(InstalledAppResource):
        if app_model.mode != "completion":
            raise NotCompletionAppError()

-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        AppQueueManager.set_stop_flag(task_id, InvokeFrom.EXPLORE, current_user.id)

        return {"result": "success"}, 200
@ -122,8 +115,6 @@ class ChatApi(InstalledAppResource):
        db.session.commit()

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            response = AppGenerateService.generate(
                app_model=app_model, user=current_user, args=args, invoke_from=InvokeFrom.EXPLORE, streaming=True
            )
@ -134,7 +125,7 @@ class ChatApi(InstalledAppResource):
        except services.errors.conversation.ConversationCompletedError:
            raise ConversationCompletedError()
        except services.errors.app_model_config.AppModelConfigBrokenError:
-            logger.exception("App model config broken.")
+            logging.exception("App model config broken.")
            raise AppUnavailableError()
        except ProviderTokenNotInitError as ex:
            raise ProviderNotInitializeError(ex.description)
@ -149,7 +140,7 @@ class ChatApi(InstalledAppResource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -160,8 +151,6 @@ class ChatStopApi(InstalledAppResource):
        if app_mode not in {AppMode.CHAT, AppMode.AGENT_CHAT, AppMode.ADVANCED_CHAT}:
            raise NotChatAppError()

-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        AppQueueManager.set_stop_flag(task_id, InvokeFrom.EXPLORE, current_user.id)

        return {"result": "success"}, 200
--- a/api/controllers/console/explore/conversation.py
+++ b/api/controllers/console/explore/conversation.py
@ -1,3 +1,4 @@
+from flask_login import current_user
 from flask_restx import marshal_with, reqparse
 from flask_restx.inputs import int_range
 from sqlalchemy.orm import Session
@ -9,8 +10,6 @@ from core.app.entities.app_invoke_entities import InvokeFrom
 from extensions.ext_database import db
 from fields.conversation_fields import conversation_infinite_scroll_pagination_fields, simple_conversation_fields
 from libs.helper import uuid_value
-from libs.login import current_user
-from models import Account
 from models.model import AppMode
 from services.conversation_service import ConversationService
 from services.errors.conversation import ConversationNotExistsError, LastConversationNotExistsError
@ -36,8 +35,6 @@ class ConversationListApi(InstalledAppResource):
            pinned = args["pinned"] == "true"

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            with Session(db.engine) as session:
                return WebConversationService.pagination_by_last_id(
                    session=session,
@ -61,11 +58,10 @@ class ConversationApi(InstalledAppResource):

        conversation_id = str(c_id)
        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            ConversationService.delete(app_model, conversation_id, current_user)
        except ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
+        WebConversationService.unpin(app_model, conversation_id, current_user)

        return {"result": "success"}, 204

@ -86,8 +82,6 @@ class ConversationRenameApi(InstalledAppResource):
        args = parser.parse_args()

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            return ConversationService.rename(
                app_model, conversation_id, current_user, args["name"], args["auto_generate"]
            )
@ -105,8 +99,6 @@ class ConversationPinApi(InstalledAppResource):
        conversation_id = str(c_id)

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            WebConversationService.pin(app_model, conversation_id, current_user)
        except ConversationNotExistsError:
            raise NotFound("Conversation Not Exists.")
@ -122,8 +114,6 @@ class ConversationUnPinApi(InstalledAppResource):
            raise NotChatAppError()

        conversation_id = str(c_id)
-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        WebConversationService.unpin(app_model, conversation_id, current_user)

        return {"result": "success"}
--- a/api/controllers/console/explore/installed_app.py
+++ b/api/controllers/console/explore/installed_app.py
@ -2,8 +2,9 @@ import logging
 from typing import Any

 from flask import request
+from flask_login import current_user
 from flask_restx import Resource, inputs, marshal_with, reqparse
-from sqlalchemy import and_, select
+from sqlalchemy import and_
 from werkzeug.exceptions import BadRequest, Forbidden, NotFound

 from controllers.console import api
@ -12,8 +13,8 @@ from controllers.console.wraps import account_initialization_required, cloud_edi
 from extensions.ext_database import db
 from fields.installed_app_fields import installed_app_list_fields
 from libs.datetime_utils import naive_utc_now
-from libs.login import current_user, login_required
-from models import Account, App, InstalledApp, RecommendedApp
+from libs.login import login_required
+from models import App, InstalledApp, RecommendedApp
 from services.account_service import TenantService
 from services.app_service import AppService
 from services.enterprise.enterprise_service import EnterpriseService
@ -28,23 +29,17 @@ class InstalledAppsListApi(Resource):
    @marshal_with(installed_app_list_fields)
    def get(self):
        app_id = request.args.get("app_id", default=None, type=str)
-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        current_tenant_id = current_user.current_tenant_id

        if app_id:
-            installed_apps = db.session.scalars(
-                select(InstalledApp).where(
-                    and_(InstalledApp.tenant_id == current_tenant_id, InstalledApp.app_id == app_id)
-                )
-            ).all()
+            installed_apps = (
+                db.session.query(InstalledApp)
+                .where(and_(InstalledApp.tenant_id == current_tenant_id, InstalledApp.app_id == app_id))
+                .all()
+            )
        else:
-            installed_apps = db.session.scalars(
-                select(InstalledApp).where(InstalledApp.tenant_id == current_tenant_id)
-            ).all()
+            installed_apps = db.session.query(InstalledApp).where(InstalledApp.tenant_id == current_tenant_id).all()

-        if current_user.current_tenant is None:
-            raise ValueError("current_user.current_tenant must not be None")
        current_user.role = TenantService.get_user_role(current_user, current_user.current_tenant)
        installed_app_list: list[dict[str, Any]] = [
            {
@ -120,8 +115,6 @@ class InstalledAppsListApi(Resource):
        if recommended_app is None:
            raise NotFound("App not found")

-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        current_tenant_id = current_user.current_tenant_id
        app = db.session.query(App).where(App.id == args["app_id"]).first()

@ -161,8 +154,6 @@ class InstalledAppApi(InstalledAppResource):
    """

    def delete(self, installed_app):
-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        if installed_app.app_owner_tenant_id == current_user.current_tenant_id:
            raise BadRequest("You can't uninstall an app owned by the current tenant")

--- a/api/controllers/console/explore/message.py
+++ b/api/controllers/console/explore/message.py
@ -1,5 +1,6 @@
 import logging

+from flask_login import current_user
 from flask_restx import marshal_with, reqparse
 from flask_restx.inputs import int_range
 from werkzeug.exceptions import InternalServerError, NotFound
@ -23,8 +24,6 @@ from core.model_runtime.errors.invoke import InvokeError
 from fields.message_fields import message_infinite_scroll_pagination_fields
 from libs import helper
 from libs.helper import uuid_value
-from libs.login import current_user
-from models import Account
 from models.model import AppMode
 from services.app_generate_service import AppGenerateService
 from services.errors.app import MoreLikeThisDisabledError
@ -36,8 +35,6 @@ from services.errors.message import (
 )
 from services.message_service import MessageService

-logger = logging.getLogger(__name__)
-

 class MessageListApi(InstalledAppResource):
    @marshal_with(message_infinite_scroll_pagination_fields)
@ -55,8 +52,6 @@ class MessageListApi(InstalledAppResource):
        args = parser.parse_args()

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            return MessageService.pagination_by_first_id(
                app_model, current_user, args["conversation_id"], args["first_id"], args["limit"]
            )
@ -78,8 +73,6 @@ class MessageFeedbackApi(InstalledAppResource):
        args = parser.parse_args()

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            MessageService.create_feedback(
                app_model=app_model,
                message_id=message_id,
@ -110,8 +103,6 @@ class MessageMoreLikeThisApi(InstalledAppResource):
        streaming = args["response_mode"] == "streaming"

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            response = AppGenerateService.generate_more_like_this(
                app_model=app_model,
                user=current_user,
@ -135,7 +126,7 @@ class MessageMoreLikeThisApi(InstalledAppResource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -149,8 +140,6 @@ class MessageSuggestedQuestionApi(InstalledAppResource):
        message_id = str(message_id)

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            questions = MessageService.get_suggested_questions_after_answer(
                app_model=app_model, user=current_user, message_id=message_id, invoke_from=InvokeFrom.EXPLORE
            )
@ -169,7 +158,7 @@ class MessageSuggestedQuestionApi(InstalledAppResource):
        except InvokeError as e:
            raise CompletionRequestError(e.description)
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()

        return {"data": questions}
--- a/api/controllers/console/explore/parameter.py
+++ b/api/controllers/console/explore/parameter.py
@ -20,7 +20,7 @@ class AppParameterApi(InstalledAppResource):
        if app_model is None:
            raise AppUnavailableError()

-        if app_model.mode in {AppMode.ADVANCED_CHAT, AppMode.WORKFLOW}:
+        if app_model.mode in {AppMode.ADVANCED_CHAT.value, AppMode.WORKFLOW.value}:
            workflow = app_model.workflow
            if workflow is None:
                raise AppUnavailableError()
@ -43,8 +43,6 @@ class ExploreAppMetaApi(InstalledAppResource):
    def get(self, installed_app: InstalledApp):
        """Get app meta"""
        app_model = installed_app.app
-        if not app_model:
-            raise ValueError("App not found")
        return AppService().get_app_meta(app_model)


--- a/api/controllers/console/explore/recommended_app.py
+++ b/api/controllers/console/explore/recommended_app.py
@ -1,10 +1,11 @@
+from flask_login import current_user
 from flask_restx import Resource, fields, marshal_with, reqparse

 from constants.languages import languages
 from controllers.console import api
 from controllers.console.wraps import account_initialization_required
 from libs.helper import AppIconUrlField
-from libs.login import current_user, login_required
+from libs.login import login_required
 from services.recommended_app_service import RecommendedAppService

 app_fields = {
@ -45,9 +46,8 @@ class RecommendedAppListApi(Resource):
        parser.add_argument("language", type=str, location="args")
        args = parser.parse_args()

-        language = args.get("language")
-        if language and language in languages:
-            language_prefix = language
+        if args.get("language") and args.get("language") in languages:
+            language_prefix = args.get("language")
        elif current_user and current_user.interface_language:
            language_prefix = current_user.interface_language
        else:
--- a/api/controllers/console/explore/saved_message.py
+++ b/api/controllers/console/explore/saved_message.py
@ -1,3 +1,4 @@
+from flask_login import current_user
 from flask_restx import fields, marshal_with, reqparse
 from flask_restx.inputs import int_range
 from werkzeug.exceptions import NotFound
@ -7,8 +8,6 @@ from controllers.console.explore.error import NotCompletionAppError
 from controllers.console.explore.wraps import InstalledAppResource
 from fields.conversation_fields import message_file_fields
 from libs.helper import TimestampField, uuid_value
-from libs.login import current_user
-from models import Account
 from services.errors.message import MessageNotExistsError
 from services.saved_message_service import SavedMessageService

@ -43,8 +42,6 @@ class SavedMessageListApi(InstalledAppResource):
        parser.add_argument("limit", type=int_range(1, 100), required=False, default=20, location="args")
        args = parser.parse_args()

-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        return SavedMessageService.pagination_by_last_id(app_model, current_user, args["last_id"], args["limit"])

    def post(self, installed_app):
@ -57,8 +54,6 @@ class SavedMessageListApi(InstalledAppResource):
        args = parser.parse_args()

        try:
-            if not isinstance(current_user, Account):
-                raise ValueError("current_user must be an Account instance")
            SavedMessageService.save(app_model, current_user, args["message_id"])
        except MessageNotExistsError:
            raise NotFound("Message Not Exists.")
@ -75,8 +70,6 @@ class SavedMessageApi(InstalledAppResource):
        if app_model.mode != "completion":
            raise NotCompletionAppError()

-        if not isinstance(current_user, Account):
-            raise ValueError("current_user must be an Account instance")
        SavedMessageService.delete(app_model, current_user, message_id)

        return {"result": "success"}, 204
--- a/api/controllers/console/explore/workflow.py
+++ b/api/controllers/console/explore/workflow.py
@ -35,8 +35,6 @@ class InstalledAppWorkflowRunApi(InstalledAppResource):
        Run workflow
        """
        app_model = installed_app.app
-        if not app_model:
-            raise NotWorkflowAppError()
        app_mode = AppMode.value_of(app_model.mode)
        if app_mode != AppMode.WORKFLOW:
            raise NotWorkflowAppError()
@ -45,7 +43,7 @@ class InstalledAppWorkflowRunApi(InstalledAppResource):
        parser.add_argument("inputs", type=dict, required=True, nullable=False, location="json")
        parser.add_argument("files", type=list, required=False, location="json")
        args = parser.parse_args()
-        assert current_user is not None
+
        try:
            response = AppGenerateService.generate(
                app_model=app_model, user=current_user, args=args, invoke_from=InvokeFrom.EXPLORE, streaming=True
@ -65,7 +63,7 @@ class InstalledAppWorkflowRunApi(InstalledAppResource):
        except ValueError as e:
            raise e
        except Exception:
-            logger.exception("internal server error.")
+            logging.exception("internal server error.")
            raise InternalServerError()


@ -75,12 +73,9 @@ class InstalledAppWorkflowTaskStopApi(InstalledAppResource):
        Stop workflow task
        """
        app_model = installed_app.app
-        if not app_model:
-            raise NotWorkflowAppError()
        app_mode = AppMode.value_of(app_model.mode)
        if app_mode != AppMode.WORKFLOW:
            raise NotWorkflowAppError()
-        assert current_user is not None

        AppQueueManager.set_stop_flag(task_id, InvokeFrom.EXPLORE, current_user.id)

--- a/api/controllers/console/explore/wraps.py
+++ b/api/controllers/console/explore/wraps.py
@ -1,6 +1,4 @@
-from collections.abc import Callable
 from functools import wraps
-from typing import Concatenate, Optional, ParamSpec, TypeVar

 from flask_login import current_user
 from flask_restx import Resource
@ -15,15 +13,19 @@ from services.app_service import AppService
 from services.enterprise.enterprise_service import EnterpriseService
 from services.feature_service import FeatureService

-P = ParamSpec("P")
-R = TypeVar("R")
-T = TypeVar("T")

-
-def installed_app_required(view: Optional[Callable[Concatenate[InstalledApp, P], R]] = None):
-    def decorator(view: Callable[Concatenate[InstalledApp, P], R]):
+def installed_app_required(view=None):
+    def decorator(view):
        @wraps(view)
-        def decorated(installed_app_id: str, *args: P.args, **kwargs: P.kwargs):
+        def decorated(*args, **kwargs):
+            if not kwargs.get("installed_app_id"):
+                raise ValueError("missing installed_app_id in path parameters")
+
+            installed_app_id = kwargs.get("installed_app_id")
+            installed_app_id = str(installed_app_id)
+
+            del kwargs["installed_app_id"]
+
            installed_app = (
                db.session.query(InstalledApp)
                .where(
@ -50,10 +52,10 @@ def installed_app_required(view: Optional[Callable[Concatenate[InstalledApp, P],
    return decorator


-def user_allowed_to_access_app(view: Optional[Callable[Concatenate[InstalledApp, P], R]] = None):
-    def decorator(view: Callable[Concatenate[InstalledApp, P], R]):
+def user_allowed_to_access_app(view=None):
+    def decorator(view):
        @wraps(view)
-        def decorated(installed_app: InstalledApp, *args: P.args, **kwargs: P.kwargs):
+        def decorated(installed_app: InstalledApp, *args, **kwargs):
            feature = FeatureService.get_system_features()
            if feature.webapp_auth.enabled:
                app_id = installed_app.app_id
--- a/api/controllers/console/extension.py
+++ b/api/controllers/console/extension.py
@ -1,8 +1,8 @@
 from flask_login import current_user
-from flask_restx import Resource, fields, marshal_with, reqparse
+from flask_restx import Resource, marshal_with, reqparse

 from constants import HIDDEN_VALUE
-from controllers.console import api, console_ns
+from controllers.console import api
 from controllers.console.wraps import account_initialization_required, setup_required
 from fields.api_based_extension_fields import api_based_extension_fields
 from libs.login import login_required
@ -11,21 +11,7 @@ from services.api_based_extension_service import APIBasedExtensionService
 from services.code_based_extension_service import CodeBasedExtensionService


-@console_ns.route("/code-based-extension")
 class CodeBasedExtensionAPI(Resource):
-    @api.doc("get_code_based_extension")
-    @api.doc(description="Get code-based extension data by module name")
-    @api.expect(
-        api.parser().add_argument("module", type=str, required=True, location="args", help="Extension module name")
-    )
-    @api.response(
-        200,
-        "Success",
-        api.model(
-            "CodeBasedExtensionResponse",
-            {"module": fields.String(description="Module name"), "data": fields.Raw(description="Extension data")},
-        ),
-    )
    @setup_required
    @login_required
    @account_initialization_required
@ -37,11 +23,7 @@ class CodeBasedExtensionAPI(Resource):
        return {"module": args["module"], "data": CodeBasedExtensionService.get_code_based_extension(args["module"])}


-@console_ns.route("/api-based-extension")
 class APIBasedExtensionAPI(Resource):
-    @api.doc("get_api_based_extensions")
-    @api.doc(description="Get all API-based extensions for current tenant")
-    @api.response(200, "Success", fields.List(fields.Nested(api_based_extension_fields)))
    @setup_required
    @login_required
    @account_initialization_required
@ -50,19 +32,6 @@ class APIBasedExtensionAPI(Resource):
        tenant_id = current_user.current_tenant_id
        return APIBasedExtensionService.get_all_by_tenant_id(tenant_id)

-    @api.doc("create_api_based_extension")
-    @api.doc(description="Create a new API-based extension")
-    @api.expect(
-        api.model(
-            "CreateAPIBasedExtensionRequest",
-            {
-                "name": fields.String(required=True, description="Extension name"),
-                "api_endpoint": fields.String(required=True, description="API endpoint URL"),
-                "api_key": fields.String(required=True, description="API key for authentication"),
-            },
-        )
-    )
-    @api.response(201, "Extension created successfully", api_based_extension_fields)
    @setup_required
    @login_required
    @account_initialization_required
@ -84,12 +53,7 @@ class APIBasedExtensionAPI(Resource):
        return APIBasedExtensionService.save(extension_data)


-@console_ns.route("/api-based-extension/<uuid:id>")
 class APIBasedExtensionDetailAPI(Resource):
-    @api.doc("get_api_based_extension")
-    @api.doc(description="Get API-based extension by ID")
-    @api.doc(params={"id": "Extension ID"})
-    @api.response(200, "Success", api_based_extension_fields)
    @setup_required
    @login_required
    @account_initialization_required
@ -100,20 +64,6 @@ class APIBasedExtensionDetailAPI(Resource):

        return APIBasedExtensionService.get_with_tenant_id(tenant_id, api_based_extension_id)

-    @api.doc("update_api_based_extension")
-    @api.doc(description="Update API-based extension")
-    @api.doc(params={"id": "Extension ID"})
-    @api.expect(
-        api.model(
-            "UpdateAPIBasedExtensionRequest",
-            {
-                "name": fields.String(required=True, description="Extension name"),
-                "api_endpoint": fields.String(required=True, description="API endpoint URL"),
-                "api_key": fields.String(required=True, description="API key for authentication"),
-            },
-        )
-    )
-    @api.response(200, "Extension updated successfully", api_based_extension_fields)
    @setup_required
    @login_required
    @account_initialization_required
@ -138,10 +88,6 @@ class APIBasedExtensionDetailAPI(Resource):

        return APIBasedExtensionService.save(extension_data_from_db)

-    @api.doc("delete_api_based_extension")
-    @api.doc(description="Delete API-based extension")
-    @api.doc(params={"id": "Extension ID"})
-    @api.response(204, "Extension deleted successfully")
    @setup_required
    @login_required
    @account_initialization_required
@ -154,3 +100,9 @@ class APIBasedExtensionDetailAPI(Resource):
        APIBasedExtensionService.delete(extension_data_from_db)

        return {"result": "success"}, 204
+
+
+api.add_resource(CodeBasedExtensionAPI, "/code-based-extension")
+
+api.add_resource(APIBasedExtensionAPI, "/api-based-extension")
+api.add_resource(APIBasedExtensionDetailAPI, "/api-based-extension/<uuid:id>")
--- a/api/controllers/console/feature.py
+++ b/api/controllers/console/feature.py
@ -1,40 +1,26 @@
 from flask_login import current_user
-from flask_restx import Resource, fields
+from flask_restx import Resource

 from libs.login import login_required
 from services.feature_service import FeatureService

-from . import api, console_ns
+from . import api
 from .wraps import account_initialization_required, cloud_utm_record, setup_required


-@console_ns.route("/features")
 class FeatureApi(Resource):
-    @api.doc("get_tenant_features")
-    @api.doc(description="Get feature configuration for current tenant")
-    @api.response(
-        200,
-        "Success",
-        api.model("FeatureResponse", {"features": fields.Raw(description="Feature configuration object")}),
-    )
    @setup_required
    @login_required
    @account_initialization_required
    @cloud_utm_record
    def get(self):
-        """Get feature configuration for current tenant"""
        return FeatureService.get_features(current_user.current_tenant_id).model_dump()


-@console_ns.route("/system-features")
 class SystemFeatureApi(Resource):
-    @api.doc("get_system_features")
-    @api.doc(description="Get system-wide feature configuration")
-    @api.response(
-        200,
-        "Success",
-        api.model("SystemFeatureResponse", {"features": fields.Raw(description="System feature configuration object")}),
-    )
    def get(self):
-        """Get system-wide feature configuration"""
        return FeatureService.get_system_features().model_dump()
+
+
+api.add_resource(FeatureApi, "/features")
+api.add_resource(SystemFeatureApi, "/system-features")
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
QuantumGhost	bdfb31f332	chore(api): ignore google.cloud.storage in MyPy	2025-08-26 12:45:04 +08:00
QuantumGhost	f762c969b3	chore(api): resolve MyPy issues	2025-08-26 12:44:25 +08:00
QuantumGhost	6b87b0fa42	Merge remote-tracking branch 'upstream/feat/support-bool-variable-fe' into feat/boolean-type	2025-08-26 10:07:32 +08:00
Joel	4386c9f4f1	main	2025-08-25 10:35:52 +08:00
Joel	62955f4d11	chore: hide json entrance	2025-08-25 10:26:11 +08:00
Joel	e38ba8403d	feat: workflow support input json	2025-08-22 14:54:34 +08:00
Joel	a1f278bdc8	fix: one step run form	2025-08-22 14:43:23 +08:00
Joel	65c0f8d657	feat: webapp support json field	2025-08-22 14:36:12 +08:00
Joel	c3e4d5a059	feat: support choose and save deep obj	2025-08-21 15:31:34 +08:00
Joel	30775109fd	feat: can edit and choose obj	2025-08-21 14:47:29 +08:00
Joel	76659843d7	fix: item value type	2025-08-20 16:32:29 +08:00
Joel	42258bf451	chore: node tracing node value	2025-08-20 16:24:53 +08:00
QuantumGhost	399d510e1b	fix(api): handle `array[boolean]` in LoopNode The frontend save `array[boolean]` as a JSON array with string element (e.g. `["true", "false", "true"]`), which is not handled by LoopNode correctly. This commit fix the issue by converting each element into Python bool type before building segment.	2025-08-20 15:33:19 +08:00
Joel	8462c79179	fix: can not use converstation vars in var aggregator node	2025-08-20 14:59:58 +08:00
Joel	f5f11f5a9e	feat: basic input field edit	2025-08-20 14:23:33 +08:00
Joel	96e8321462	chore: add var can not has exist key	2025-08-20 14:06:46 +08:00
Joel	af6e5e8663	chore: edit filed exists	2025-08-20 14:00:38 +08:00
Joel	d4f976270d	fix: chore: if boolean array bug	2025-08-19 16:16:10 +08:00
Joel	dc3cbd9a74	chore: handle duliplicate keys	2025-08-19 15:57:18 +08:00
Joel	056564c100	merge main	2025-08-19 15:48:01 +08:00
Joel	d5b99610fc	chore: iteratino input support bool list	2025-08-07 10:18:45 +08:00
Joel	04d2b0775d	fix: chatbot bool	2025-08-04 11:14:33 +08:00
Joel	6614e97b53	fix: basic chatbot bool	2025-08-04 10:59:20 +08:00
Joel	ca37e304cc	fix: basic bool error	2025-08-04 10:53:35 +08:00
Joel	437729db97	feat: support var arrs	2025-08-01 18:36:18 +08:00
Joel	fbd0effa04	chore: handle bool value in vars	2025-08-01 18:26:58 +08:00
Joel	14c62850e0	fix: list filter operation filter boolean problem	2025-08-01 18:06:27 +08:00
Joel	c4824a1d4c	fix: assigner set false can not public	2025-08-01 17:55:20 +08:00
Joel	d642e9a98e	chore: fix can not publish	2025-08-01 17:39:25 +08:00
Joel	72c6195c10	fix: list operation boolean default	2025-08-01 17:32:09 +08:00
Joel	2bd096b454	fix: con vars set value	2025-08-01 17:24:53 +08:00
QuantumGhost	fa98505e09	fix(api): enhance compatibility with existing workflow Fix issues flagged by unit tests.	2025-08-01 15:27:33 +08:00
QuantumGhost	65ae25e09b	test(api): add test cases for ParameterConfig validation logic	2025-08-01 15:25:28 +08:00
QuantumGhost	4943d8bc93	test(api): Introduce test cases for ParameterExtractorNode._validate_result	2025-08-01 15:25:28 +08:00
QuantumGhost	168d82f9b0	feat(api): support boolean types in parameter extractor node	2025-08-01 15:25:28 +08:00
QuantumGhost	0e3ccb4dcc	feat(api): update boolean type handling in ListOperatorNode	2025-08-01 13:11:24 +08:00
QuantumGhost	f7f6210a4c	fix(api): Fix incorrect handling of array types in `SegmentType.is_valid` Add comphensive tests for the behavior of the `is_valid` method.	2025-08-01 13:09:46 +08:00
QuantumGhost	ed8e06d1bf	fix(api): Allow `bool` value in the `FilterCondition` of list operator	2025-07-31 12:24:18 +08:00
Joel	6287e3cd9e	fix: boolean can picker var	2025-07-31 10:28:17 +08:00
Joel	94c33c6eed	chore: boolean string to boolean	2025-07-30 17:56:59 +08:00
QuantumGhost	383695b820	chore(api): put import for type annotation inside TYPE_CHECKING in llm/nodes.py this causes unnecessary dependencies and cycle imports.	2025-07-30 16:13:04 +08:00
QuantumGhost	3751702efc	feat(api): Implement boolean types support for list operator node	2025-07-30 10:58:18 +08:00
QuantumGhost	111c34e50f	feat(api): Implement boolean types support for Code Node	2025-07-30 10:56:51 +08:00
QuantumGhost	a2246be4f5	feat(api): Implement checkbox input support in Workflow and Chat App	2025-07-30 10:56:51 +08:00
QuantumGhost	80e08562be	feat(api): Initial support for `boolean` / `array[boolean]` types	2025-07-30 10:56:51 +08:00
Joel	6d03a15e0f	chore: start form boolean to checkbox	2025-07-30 10:53:12 +08:00
Joel	bd04ddd544	merge main	2025-07-30 10:26:31 +08:00
Joel	cb51360aa3	chore: remove arr bool	2025-07-29 11:34:16 +08:00
Joel	269d34304e	fix : loop var default value	2025-07-28 16:17:52 +08:00
Joel	590c14c977	chore: conveersion pass boolean string boolean	2025-07-28 16:02:50 +08:00
Joel	5fbeb275b2	fix: loop not choose bool var value	2025-07-28 15:20:18 +08:00
Joel	ff9d051635	chore: fix if not value set value	2025-07-28 14:49:44 +08:00
Joel	1e18c828d9	chore: remove transform boolean to string in editor	2025-07-28 14:09:34 +08:00
Joel	5b895be412	feat: template support bools input	2025-07-28 13:46:55 +08:00
Joel	ea2a1b203c	fix: list operator bool not show the bool input	2025-07-28 11:20:22 +08:00
Joel	7bfdfe73c2	chore: list filter bool value	2025-07-28 11:09:37 +08:00
Joel	171c5055f8	fix: loop arry bool inner item type value	2025-07-25 14:52:13 +08:00
Joel	e3e4369358	fix: webapp get boolean value	2025-07-25 14:05:14 +08:00
Joel	efa28453be	fix: if value show	2025-07-24 17:54:22 +08:00
Joel	37de3b1b68	fix: single run bool type	2025-07-24 17:39:10 +08:00
Joel	75d4e519fc	chore: loop false can run	2025-07-24 16:06:13 +08:00
Joel	cf63926e16	chore: assigner node	2025-07-24 15:59:44 +08:00
Joel	14eb5b7930	feat: list operator support bool	2025-07-24 15:15:35 +08:00
Joel	544ebde054	chore: if bool value problem	2025-07-24 15:05:09 +08:00
Joel	6012ad57ac	feat: code support boolean	2025-07-24 14:35:41 +08:00
Joel	70f6d8b42a	main	2025-07-24 14:10:29 +08:00
Joel	1d738f3fa6	feat: chat support bool	2025-07-09 16:48:17 +08:00
Joel	912d68a148	chore: competion webapp	2025-07-09 14:56:11 +08:00
Joel	8c8c250570	feat: completion support boolean	2025-07-09 14:28:36 +08:00
Joel	b5782fff8f	feat: basic chat app support bool	2025-07-09 14:06:25 +08:00
Joel	f2dfb5363f	feat: one step run support boolean	2025-07-09 11:23:21 +08:00
Joel	fc0dea5647	feat: workflow debug add bool	2025-07-09 10:53:52 +08:00
Joel	fcf0ae4c85	feat: extract parameter support bool	2025-07-08 16:41:58 +08:00
Joel	9ac629bcf5	feat: if node support bool	2025-07-08 16:30:54 +08:00
Joel	79bdb22f79	feat: loop termin support bool	2025-07-08 16:06:56 +08:00
Joel	b72d977871	feat: loop var support bool type	2025-07-08 15:23:24 +08:00
Joel	657d3d1dae	fix: boolean problem	2025-07-08 14:34:18 +08:00
Joel	3ba23238e5	chore: boolarray in varibale	2025-07-04 17:47:44 +08:00
Joel	e1a7b59160	chore: missing files	2025-07-04 16:48:56 +08:00
Joel	18941beb34	feat: converstation support bool	2025-07-04 16:48:33 +08:00
Joel	6ff18d13e6	feat: struct output boolean	2025-07-04 16:12:47 +08:00
Joel	1094b3da23	feat: add var type	2025-07-04 16:02:28 +08:00
Joel	77aa35ff15	feat: add boolean type	2025-07-04 15:27:52 +08:00