diff --git a/cmd/server_main.go b/cmd/server_main.go index c4919abec..9eef17d97 100644 --- a/cmd/server_main.go +++ b/cmd/server_main.go @@ -6,7 +6,7 @@ import ( "net/http" "os" "os/signal" - "ragflow/internal/common" + "ragflow/internal/common" "ragflow/internal/server" "ragflow/internal/utility" "strings" @@ -134,6 +134,7 @@ func startServer(config *server.Config) { fileService := service.NewFileService() // Initialize handler layer + authHandler := handler.NewAuthHandler() userHandler := handler.NewUserHandler(userService) tenantHandler := handler.NewTenantHandler(tenantService, userService) documentHandler := handler.NewDocumentHandler(documentService) @@ -148,7 +149,7 @@ func startServer(config *server.Config) { fileHandler := handler.NewFileHandler(fileService, userService) // Initialize router - r := router.NewRouter(userHandler, tenantHandler, documentHandler, systemHandler, kbHandler, chunkHandler, llmHandler, chatHandler, chatSessionHandler, connectorHandler, searchHandler, fileHandler) + r := router.NewRouter(authHandler, userHandler, tenantHandler, documentHandler, systemHandler, kbHandler, chunkHandler, llmHandler, chatHandler, chatSessionHandler, connectorHandler, searchHandler, fileHandler) // Create Gin engine ginEngine := gin.New() diff --git a/internal/dao/database.go b/internal/dao/database.go index 1529088fb..b35e79c80 100644 --- a/internal/dao/database.go +++ b/internal/dao/database.go @@ -248,6 +248,5 @@ func InitLLMFactory() error { } } - log.Println("LLM factories initialized successfully") return nil } diff --git a/internal/handler/auth.go b/internal/handler/auth.go new file mode 100644 index 000000000..ca232645a --- /dev/null +++ b/internal/handler/auth.go @@ -0,0 +1,81 @@ +// +// Copyright 2026 The InfiniFlow Authors. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package handler + +import ( + "net/http" + "ragflow/internal/common" + "ragflow/internal/service" + + "github.com/gin-gonic/gin" +) + +// AuthHandler auth handler +type AuthHandler struct { + userService *service.UserService +} + +// NewAuthHandler create auth handler +func NewAuthHandler() *AuthHandler { + return &AuthHandler{ + userService: service.NewUserService(), + } +} + +// AuthMiddleware JWT auth middleware +// Validates that the user is authenticated and is a superuser (admin) +func (h *AuthHandler) AuthMiddleware() gin.HandlerFunc { + return func(c *gin.Context) { + token := c.GetHeader("Authorization") + if token == "" { + c.JSON(http.StatusUnauthorized, gin.H{ + "code": 401, + "message": "Missing Authorization header", + }) + c.Abort() + return + } + + // Get user by access token + user, code, err := h.userService.GetUserByToken(token) + if err != nil { + c.JSON(http.StatusUnauthorized, gin.H{ + "code": code, + "message": "Invalid access token", + }) + c.Abort() + return + } + + if *user.IsSuperuser { + c.JSON(http.StatusForbidden, gin.H{ + "code": common.CodeForbidden, + "message": "Super user should access the URL", + }) + return + } + + c.Set("user", user) + c.Set("user_id", user.ID) + c.Set("email", user.Email) + c.Next() + } +} + +func (h *AuthHandler) LoginByEmail1(c *gin.Context) { + println("hello") +} diff --git a/internal/handler/chat.go b/internal/handler/chat.go index c7b2dde98..b5e92192c 100644 --- a/internal/handler/chat.go +++ b/internal/handler/chat.go @@ -18,6 +18,7 @@ package handler import ( "net/http" + "ragflow/internal/common" "strconv" "github.com/gin-gonic/gin" @@ -48,23 +49,9 @@ func NewChatHandler(chatService *service.ChatService, userService *service.UserS // @Success 200 {object} service.ListChatsResponse // @Router /v1/dialog/list [get] func (h *ChatHandler) ListChats(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID @@ -101,23 +88,9 @@ func (h *ChatHandler) ListChats(c *gin.Context) { // @Success 200 {object} service.ListChatsNextResponse // @Router /v1/dialog/next [post] func (h *ChatHandler) ListChatsNext(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID @@ -185,23 +158,9 @@ func (h *ChatHandler) ListChatsNext(c *gin.Context) { // @Success 200 {object} service.SetDialogResponse // @Router /v1/dialog/set [post] func (h *ChatHandler) SetDialog(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID @@ -257,23 +216,9 @@ type RemoveDialogsRequest struct { // @Success 200 {object} map[string]interface{} // @Router /v1/dialog/rm [post] func (h *ChatHandler) RemoveChats(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID diff --git a/internal/handler/chat_session.go b/internal/handler/chat_session.go index 54995371a..ebf293957 100644 --- a/internal/handler/chat_session.go +++ b/internal/handler/chat_session.go @@ -20,6 +20,7 @@ import ( "fmt" "io" "net/http" + "ragflow/internal/common" "github.com/gin-gonic/gin" @@ -50,23 +51,9 @@ func NewChatSessionHandler(chatSessionService *service.ChatSessionService, userS // @Success 200 {object} service.SetChatSessionResponse // @Router /v1/conversation/set [post] func (h *ChatSessionHandler) SetChatSession(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID @@ -113,23 +100,9 @@ type RemoveChatSessionsRequest struct { // @Success 200 {object} map[string]interface{} // @Router /v1/conversation/rm [post] func (h *ChatSessionHandler) RemoveChatSessions(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID @@ -179,23 +152,9 @@ func (h *ChatSessionHandler) RemoveChatSessions(c *gin.Context) { // @Success 200 {object} service.ListChatSessionsResponse // @Router /v1/conversation/list [get] func (h *ChatSessionHandler) ListChatSessions(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID @@ -259,23 +218,9 @@ type CompletionRequest struct { // @Success 200 {object} map[string]interface{} // @Router /v1/conversation/completion [post] func (h *ChatSessionHandler) Completion(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID diff --git a/internal/handler/chunk.go b/internal/handler/chunk.go index d13f4ac27..6b855ad4d 100644 --- a/internal/handler/chunk.go +++ b/internal/handler/chunk.go @@ -18,6 +18,7 @@ package handler import ( "net/http" + "ragflow/internal/common" "github.com/gin-gonic/gin" @@ -48,23 +49,9 @@ func NewChunkHandler(chunkService *service.ChunkService, userService *service.Us // @Success 200 {object} map[string]interface{} // @Router /v1/chunk/retrieval_test [post] func (h *ChunkHandler) RetrievalTest(c *gin.Context) { - // Extract access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } diff --git a/internal/handler/common.go b/internal/handler/common.go new file mode 100644 index 000000000..3eb0f6f15 --- /dev/null +++ b/internal/handler/common.go @@ -0,0 +1,37 @@ +// +// Copyright 2026 The InfiniFlow Authors. All Rights Reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +package handler + +import ( + "ragflow/internal/common" + "ragflow/internal/model" + + "github.com/gin-gonic/gin" +) + +func GetUser(c *gin.Context) (*model.User, common.ErrorCode, string) { + userAny, exist := c.Get("user") + if !exist { + return nil, common.CodeUnauthorized, "User not found" + } + + user, ok := userAny.(*model.User) + if !ok { + return nil, common.CodeUnauthorized, "User not found" + } + return user, common.CodeSuccess, "" +} diff --git a/internal/handler/connector.go b/internal/handler/connector.go index 6c0ebedb0..5b1c5faf3 100644 --- a/internal/handler/connector.go +++ b/internal/handler/connector.go @@ -18,6 +18,7 @@ package handler import ( "net/http" + "ragflow/internal/common" "github.com/gin-gonic/gin" @@ -47,23 +48,9 @@ func NewConnectorHandler(connectorService *service.ConnectorService, userService // @Success 200 {object} service.ListConnectorsResponse // @Router /connector/list [get] func (h *ConnectorHandler) ListConnectors(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID diff --git a/internal/handler/document.go b/internal/handler/document.go index 10f08b6ba..dedd4146a 100644 --- a/internal/handler/document.go +++ b/internal/handler/document.go @@ -18,6 +18,7 @@ package handler import ( "net/http" + "ragflow/internal/common" "strconv" "github.com/gin-gonic/gin" @@ -47,6 +48,12 @@ func NewDocumentHandler(documentService *service.DocumentService) *DocumentHandl // @Success 200 {object} map[string]interface{} // @Router /api/v1/documents [post] func (h *DocumentHandler) CreateDocument(c *gin.Context) { + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) + return + } + var req service.CreateDocumentRequest if err := c.ShouldBindJSON(&req); err != nil { c.JSON(http.StatusBadRequest, gin.H{ @@ -79,6 +86,12 @@ func (h *DocumentHandler) CreateDocument(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /api/v1/documents/{id} [get] func (h *DocumentHandler) GetDocumentByID(c *gin.Context) { + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) + return + } + id := c.Param("id") if id == "" { c.JSON(http.StatusBadRequest, gin.H{ @@ -111,6 +124,12 @@ func (h *DocumentHandler) GetDocumentByID(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /api/v1/documents/{id} [put] func (h *DocumentHandler) UpdateDocument(c *gin.Context) { + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) + return + } + id := c.Param("id") if id == "" { c.JSON(http.StatusBadRequest, gin.H{ @@ -149,6 +168,12 @@ func (h *DocumentHandler) UpdateDocument(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /api/v1/documents/{id} [delete] func (h *DocumentHandler) DeleteDocument(c *gin.Context) { + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) + return + } + id := c.Param("id") if id == "" { c.JSON(http.StatusBadRequest, gin.H{ @@ -180,6 +205,12 @@ func (h *DocumentHandler) DeleteDocument(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /api/v1/documents [get] func (h *DocumentHandler) ListDocuments(c *gin.Context) { + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) + return + } + page, _ := strconv.Atoi(c.DefaultQuery("page", "1")) pageSize, _ := strconv.Atoi(c.DefaultQuery("page_size", "10")) @@ -220,6 +251,12 @@ func (h *DocumentHandler) ListDocuments(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /api/v1/authors/{author_id}/documents [get] func (h *DocumentHandler) GetDocumentsByAuthorID(c *gin.Context) { + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) + return + } + authorIDStr := c.Param("author_id") authorID, err := strconv.Atoi(authorIDStr) if err != nil { diff --git a/internal/handler/file.go b/internal/handler/file.go index 3474ce0cb..cae393ffc 100644 --- a/internal/handler/file.go +++ b/internal/handler/file.go @@ -18,6 +18,7 @@ package handler import ( "net/http" + "ragflow/internal/common" "strconv" "github.com/gin-gonic/gin" @@ -54,23 +55,9 @@ func NewFileHandler(fileService *service.FileService, userService *service.UserS // @Success 200 {object} service.ListFilesResponse // @Router /v1/file/list [get] func (h *FileHandler) ListFiles(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID @@ -130,23 +117,9 @@ func (h *FileHandler) ListFiles(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/file/root_folder [get] func (h *FileHandler) GetRootFolder(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID @@ -178,23 +151,9 @@ func (h *FileHandler) GetRootFolder(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/file/parent_folder [get] func (h *FileHandler) GetParentFolder(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token (for validation) - _, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -235,23 +194,9 @@ func (h *FileHandler) GetParentFolder(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/file/all_parent_folder [get] func (h *FileHandler) GetAllParentFolders(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token (for validation) - _, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } diff --git a/internal/handler/kb.go b/internal/handler/kb.go index d4d4e848e..ef608a263 100644 --- a/internal/handler/kb.go +++ b/internal/handler/kb.go @@ -40,33 +40,6 @@ func NewKnowledgebaseHandler(kbService *service.KnowledgebaseService, userServic } } -// getUserID extracts user ID from authorization header -// It validates the authorization token and returns the user ID -// Parameters: -// - c: gin.Context - the HTTP request context -// -// Returns: -// - string: the user ID -// - common.ErrorCode: the error code -// - error: any error that occurred -func (h *KnowledgebaseHandler) getUserID(c *gin.Context) (string, common.ErrorCode, error) { - token := c.GetHeader("Authorization") - if token == "" { - return "", common.CodeUnauthorized, ErrMissingAuth - } - - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - return "", code, err - } - - if *user.IsSuperuser { - return "", common.CodeForbidden, ErrForbidden - } - - return user.ID, common.CodeSuccess, nil -} - // jsonResponse sends a JSON response with code and message func jsonResponse(c *gin.Context, code common.ErrorCode, data interface{}, message string) { c.JSON(http.StatusOK, gin.H{ @@ -115,9 +88,9 @@ var ( // @Success 200 {object} map[string]interface{} // @Router /v1/kb/create [post] func (h *KnowledgebaseHandler) CreateKB(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -127,7 +100,7 @@ func (h *KnowledgebaseHandler) CreateKB(c *gin.Context) { return } - result, code, err := h.kbService.CreateKB(&req, userID) + result, code, err := h.kbService.CreateKB(&req, user.ID) if err != nil { jsonError(c, code, err.Error()) return @@ -147,9 +120,9 @@ func (h *KnowledgebaseHandler) CreateKB(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/update [post] func (h *KnowledgebaseHandler) UpdateKB(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -159,7 +132,7 @@ func (h *KnowledgebaseHandler) UpdateKB(c *gin.Context) { return } - result, code, err := h.kbService.UpdateKB(&req, userID) + result, code, err := h.kbService.UpdateKB(&req, user.ID) if err != nil { if strings.Contains(err.Error(), "authorization") { jsonError(c, common.CodeAuthenticationError, err.Error()) @@ -183,9 +156,9 @@ func (h *KnowledgebaseHandler) UpdateKB(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/update_metadata_setting [post] func (h *KnowledgebaseHandler) UpdateMetadataSetting(c *gin.Context) { - _, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -215,9 +188,9 @@ func (h *KnowledgebaseHandler) UpdateMetadataSetting(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/detail [get] func (h *KnowledgebaseHandler) GetDetail(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -227,7 +200,7 @@ func (h *KnowledgebaseHandler) GetDetail(c *gin.Context) { return } - result, code, err := h.kbService.GetDetail(kbID, userID) + result, code, err := h.kbService.GetDetail(kbID, user.ID) if err != nil { if strings.Contains(err.Error(), "authorized") { jsonError(c, common.CodeOperatingError, err.Error()) @@ -251,9 +224,9 @@ func (h *KnowledgebaseHandler) GetDetail(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/list [post] func (h *KnowledgebaseHandler) ListKbs(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -317,7 +290,7 @@ func (h *KnowledgebaseHandler) ListKbs(c *gin.Context) { ownerIDs = *req.OwnerIDs } - result, code, err := h.kbService.ListKbs(keywords, page, pageSize, parserID, orderby, desc, ownerIDs, userID) + result, code, err := h.kbService.ListKbs(keywords, page, pageSize, parserID, orderby, desc, ownerIDs, user.ID) if err != nil { jsonError(c, code, err.Error()) return @@ -337,9 +310,9 @@ func (h *KnowledgebaseHandler) ListKbs(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/rm [post] func (h *KnowledgebaseHandler) DeleteKB(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -351,7 +324,7 @@ func (h *KnowledgebaseHandler) DeleteKB(c *gin.Context) { return } - code, err = h.kbService.DeleteKB(req.KBID, userID) + code, err := h.kbService.DeleteKB(req.KBID, user.ID) if err != nil { if strings.Contains(err.Error(), "authorization") { jsonError(c, common.CodeAuthenticationError, err.Error()) @@ -375,9 +348,9 @@ func (h *KnowledgebaseHandler) DeleteKB(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/{kb_id}/tags [get] func (h *KnowledgebaseHandler) ListTags(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -387,7 +360,7 @@ func (h *KnowledgebaseHandler) ListTags(c *gin.Context) { return } - if !h.kbService.Accessible(kbID, userID) { + if !h.kbService.Accessible(kbID, user.ID) { jsonError(c, common.CodeAuthenticationError, "No authorization.") return } @@ -406,9 +379,9 @@ func (h *KnowledgebaseHandler) ListTags(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/tags [get] func (h *KnowledgebaseHandler) ListTagsFromKbs(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -420,7 +393,7 @@ func (h *KnowledgebaseHandler) ListTagsFromKbs(c *gin.Context) { kbIDs := strings.Split(kbIDsStr, ",") for _, kbID := range kbIDs { - if !h.kbService.Accessible(kbID, userID) { + if !h.kbService.Accessible(kbID, user.ID) { jsonError(c, common.CodeAuthenticationError, "No authorization.") return } @@ -441,9 +414,9 @@ func (h *KnowledgebaseHandler) ListTagsFromKbs(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/{kb_id}/rm_tags [post] func (h *KnowledgebaseHandler) RemoveTags(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -453,7 +426,7 @@ func (h *KnowledgebaseHandler) RemoveTags(c *gin.Context) { return } - if !h.kbService.Accessible(kbID, userID) { + if !h.kbService.Accessible(kbID, user.ID) { jsonError(c, common.CodeAuthenticationError, "No authorization.") return } @@ -481,9 +454,9 @@ func (h *KnowledgebaseHandler) RemoveTags(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/{kb_id}/rename_tag [post] func (h *KnowledgebaseHandler) RenameTag(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -493,7 +466,7 @@ func (h *KnowledgebaseHandler) RenameTag(c *gin.Context) { return } - if !h.kbService.Accessible(kbID, userID) { + if !h.kbService.Accessible(kbID, user.ID) { jsonError(c, common.CodeAuthenticationError, "No authorization.") return } @@ -521,9 +494,9 @@ func (h *KnowledgebaseHandler) RenameTag(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/{kb_id}/knowledge_graph [get] func (h *KnowledgebaseHandler) KnowledgeGraph(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -533,7 +506,7 @@ func (h *KnowledgebaseHandler) KnowledgeGraph(c *gin.Context) { return } - if !h.kbService.Accessible(kbID, userID) { + if !h.kbService.Accessible(kbID, user.ID) { jsonError(c, common.CodeAuthenticationError, "No authorization.") return } @@ -557,9 +530,9 @@ func (h *KnowledgebaseHandler) KnowledgeGraph(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/{kb_id}/knowledge_graph [delete] func (h *KnowledgebaseHandler) DeleteKnowledgeGraph(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -569,7 +542,7 @@ func (h *KnowledgebaseHandler) DeleteKnowledgeGraph(c *gin.Context) { return } - if !h.kbService.Accessible(kbID, userID) { + if !h.kbService.Accessible(kbID, user.ID) { jsonError(c, common.CodeAuthenticationError, "No authorization.") return } @@ -588,9 +561,9 @@ func (h *KnowledgebaseHandler) DeleteKnowledgeGraph(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/get_meta [get] func (h *KnowledgebaseHandler) GetMeta(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -602,7 +575,7 @@ func (h *KnowledgebaseHandler) GetMeta(c *gin.Context) { kbIDs := strings.Split(kbIDsStr, ",") for _, kbID := range kbIDs { - if !h.kbService.Accessible(kbID, userID) { + if !h.kbService.Accessible(kbID, user.ID) { jsonError(c, common.CodeAuthenticationError, "No authorization.") return } @@ -622,9 +595,9 @@ func (h *KnowledgebaseHandler) GetMeta(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/kb/basic_info [get] func (h *KnowledgebaseHandler) GetBasicInfo(c *gin.Context) { - userID, code, err := h.getUserID(c) - if err != nil { - jsonError(c, code, err.Error()) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -634,7 +607,7 @@ func (h *KnowledgebaseHandler) GetBasicInfo(c *gin.Context) { return } - if !h.kbService.Accessible(kbID, userID) { + if !h.kbService.Accessible(kbID, user.ID) { jsonError(c, common.CodeAuthenticationError, "No authorization.") return } diff --git a/internal/handler/llm.go b/internal/handler/llm.go index 9582eb37a..90d280879 100644 --- a/internal/handler/llm.go +++ b/internal/handler/llm.go @@ -61,23 +61,9 @@ func NewLLMHandler(llmService *service.LLMService, userService *service.UserServ // @Success 200 {object} map[string]interface{} // @Router /v1/llm/my_llms [get] func (h *LLMHandler) GetMyLLMs(c *gin.Context) { - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Unauthorized!", - "data": false, - }) - return - } - - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -113,23 +99,9 @@ func (h *LLMHandler) GetMyLLMs(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/llm/set_api_key [post] func (h *LLMHandler) SetAPIKey(c *gin.Context) { - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Unauthorized!", - "data": false, - }) - return - } - - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -180,23 +152,9 @@ func (h *LLMHandler) SetAPIKey(c *gin.Context) { // @Success 200 {array} FactoryResponse // @Router /v1/llm/factories [get] func (h *LLMHandler) Factories(c *gin.Context) { - // Extract token from request - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by token - _, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + _, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -261,23 +219,9 @@ func (h *LLMHandler) Factories(c *gin.Context) { // @Success 200 {object} map[string][]service.LLMListItem // @Router /v1/llm/list [get] func (h *LLMHandler) ListApp(c *gin.Context) { - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Unauthorized!", - "data": false, - }) - return - } - - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } diff --git a/internal/handler/search.go b/internal/handler/search.go index b291a7802..7eb17ea9b 100644 --- a/internal/handler/search.go +++ b/internal/handler/search.go @@ -18,6 +18,7 @@ package handler import ( "net/http" + "ragflow/internal/common" "strconv" "github.com/gin-gonic/gin" @@ -54,23 +55,9 @@ func NewSearchHandler(searchService *service.SearchService, userService *service // @Success 200 {object} service.ListSearchAppsResponse // @Router /v1/search/list [post] func (h *SearchHandler) ListSearchApps(c *gin.Context) { - // Get access token from Authorization header - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": 401, - "message": "Missing Authorization header", - }) - return - } - - // Get user by access token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusUnauthorized, gin.H{ - "code": code, - "message": err.Error(), - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } userID := user.ID diff --git a/internal/handler/tenant.go b/internal/handler/tenant.go index 860acc3bb..bb43ffb98 100644 --- a/internal/handler/tenant.go +++ b/internal/handler/tenant.go @@ -49,23 +49,9 @@ func NewTenantHandler(tenantService *service.TenantService, userService *service // @Success 200 {object} map[string]interface{} // @Router /v1/user/tenant_info [get] func (h *TenantHandler) TenantInfo(c *gin.Context) { - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Unauthorized!", - "data": false, - }) - return - } - - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -105,23 +91,9 @@ func (h *TenantHandler) TenantInfo(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/tenant/list [get] func (h *TenantHandler) TenantList(c *gin.Context) { - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Unauthorized!", - "data": false, - }) - return - } - - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } diff --git a/internal/handler/user.go b/internal/handler/user.go index 8ec2d314f..2678ecf1b 100644 --- a/internal/handler/user.go +++ b/internal/handler/user.go @@ -291,30 +291,14 @@ func (h *UserHandler) ListUsers(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/user/logout [post] func (h *UserHandler) Logout(c *gin.Context) { - // Extract token from request - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Missing Authorization header", - "data": false, - }) - return - } - - // Get user by token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } // Logout user - code, err = h.userService.Logout(user) + code, err := h.userService.Logout(user) if err != nil { c.JSON(http.StatusOK, gin.H{ "code": code, @@ -341,25 +325,9 @@ func (h *UserHandler) Logout(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/user/info [get] func (h *UserHandler) Info(c *gin.Context) { - // Extract token from request - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Missing Authorization header", - "data": false, - }) - return - } - - // Get user by token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -446,25 +414,9 @@ func (h *UserHandler) Setting(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/user/setting/password [post] func (h *UserHandler) ChangePassword(c *gin.Context) { - // Extract token from request - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Missing Authorization header", - "data": false, - }) - return - } - - // Get user by token - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -480,7 +432,7 @@ func (h *UserHandler) ChangePassword(c *gin.Context) { } // Change password - code, err = h.userService.ChangePassword(user, &req) + code, err := h.userService.ChangePassword(user, &req) if err != nil { c.JSON(http.StatusOK, gin.H{ "code": code, @@ -534,23 +486,9 @@ func (h *UserHandler) GetLoginChannels(c *gin.Context) { // @Success 200 {object} map[string]interface{} // @Router /v1/user/set_tenant_info [post] func (h *UserHandler) SetTenantInfo(c *gin.Context) { - token := c.GetHeader("Authorization") - if token == "" { - c.JSON(http.StatusOK, gin.H{ - "code": common.CodeUnauthorized, - "message": "Unauthorized!", - "data": false, - }) - return - } - - user, code, err := h.userService.GetUserByToken(token) - if err != nil { - c.JSON(http.StatusOK, gin.H{ - "code": code, - "message": err.Error(), - "data": false, - }) + user, errorCode, errorMessage := GetUser(c) + if errorCode != common.CodeSuccess { + jsonError(c, errorCode, errorMessage) return } @@ -564,7 +502,7 @@ func (h *UserHandler) SetTenantInfo(c *gin.Context) { return } - err = h.userService.SetTenantInfo(user.ID, &req) + err := h.userService.SetTenantInfo(user.ID, &req) if err != nil { c.JSON(http.StatusOK, gin.H{ "code": common.CodeDataError, diff --git a/internal/router/router.go b/internal/router/router.go index cebd6b97a..b7f8b0a67 100644 --- a/internal/router/router.go +++ b/internal/router/router.go @@ -24,6 +24,7 @@ import ( // Router router type Router struct { + authHandler *handler.AuthHandler userHandler *handler.UserHandler tenantHandler *handler.TenantHandler documentHandler *handler.DocumentHandler @@ -40,6 +41,7 @@ type Router struct { // NewRouter create router func NewRouter( + authHandler *handler.AuthHandler, userHandler *handler.UserHandler, tenantHandler *handler.TenantHandler, documentHandler *handler.DocumentHandler, @@ -54,6 +56,7 @@ func NewRouter( fileHandler *handler.FileHandler, ) *Router { return &Router{ + authHandler: authHandler, userHandler: userHandler, tenantHandler: tenantHandler, documentHandler: documentHandler, @@ -83,132 +86,138 @@ func (r *Router) Setup(engine *gin.Engine) { engine.GET("/v1/system/config", r.systemHandler.GetConfig) engine.GET("/v1/system/configs", r.systemHandler.GetConfigs) engine.GET("/v1/system/version", r.systemHandler.GetVersion) - - // User login by email endpoint - engine.POST("/v1/user/login", r.userHandler.LoginByEmail) engine.POST("/v1/user/register", r.userHandler.Register) // User login channels endpoint engine.GET("/v1/user/login/channels", r.userHandler.GetLoginChannels) - // User logout endpoint - engine.GET("/v1/user/logout", r.userHandler.Logout) - // User info endpoint - engine.GET("/v1/user/info", r.userHandler.Info) - // User tenant info endpoint - engine.GET("/v1/user/tenant_info", r.tenantHandler.TenantInfo) - // Tenant list endpoint - engine.GET("/v1/tenant/list", r.tenantHandler.TenantList) - // User settings endpoint - engine.POST("/v1/user/setting", r.userHandler.Setting) - // User change password endpoint - engine.POST("/v1/user/setting/password", r.userHandler.ChangePassword) - // User set tenant info endpoint - engine.POST("/v1/user/set_tenant_info", r.userHandler.SetTenantInfo) - // API v1 route group - v1 := engine.Group("/api/v1") + // User login by email endpoint + engine.POST("/v1/user/login", r.userHandler.LoginByEmail) + + // Protected routes + authorized := engine.Group("") + authorized.Use(r.authHandler.AuthMiddleware()) { - // User routes - users := v1.Group("/users") + // User logout endpoint + authorized.GET("/v1/user/logout", r.userHandler.Logout) + // User info endpoint + authorized.GET("/v1/user/info", r.userHandler.Info) + // User tenant info endpoint + authorized.GET("/v1/user/tenant_info", r.tenantHandler.TenantInfo) + // Tenant list endpoint + authorized.GET("/v1/tenant/list", r.tenantHandler.TenantList) + // User settings endpoint + authorized.POST("/v1/user/setting", r.userHandler.Setting) + // User change password endpoint + authorized.POST("/v1/user/setting/password", r.userHandler.ChangePassword) + // User set tenant info endpoint + authorized.POST("/v1/user/set_tenant_info", r.userHandler.SetTenantInfo) + + // API v1 route group + v1 := authorized.Group("/api/v1") { - users.POST("/register", r.userHandler.Register) - users.POST("/login", r.userHandler.Login) - users.GET("", r.userHandler.ListUsers) - users.GET("/:id", r.userHandler.GetUserByID) + // User routes + users := v1.Group("/users") + { + users.POST("/register", r.userHandler.Register) + users.POST("/login", r.userHandler.Login) + users.GET("", r.userHandler.ListUsers) + users.GET("/:id", r.userHandler.GetUserByID) + } + + // Document routes + documents := v1.Group("/documents") + { + documents.POST("", r.documentHandler.CreateDocument) + documents.GET("", r.documentHandler.ListDocuments) + documents.GET("/:id", r.documentHandler.GetDocumentByID) + documents.PUT("/:id", r.documentHandler.UpdateDocument) + documents.DELETE("/:id", r.documentHandler.DeleteDocument) + } + + // Author routes + authors := v1.Group("/authors") + { + authors.GET("/:author_id/documents", r.documentHandler.GetDocumentsByAuthorID) + } } - // Document routes - documents := v1.Group("/documents") + // Knowledge base routes + kb := authorized.Group("/v1/kb") { - documents.POST("", r.documentHandler.CreateDocument) - documents.GET("", r.documentHandler.ListDocuments) - documents.GET("/:id", r.documentHandler.GetDocumentByID) - documents.PUT("/:id", r.documentHandler.UpdateDocument) - documents.DELETE("/:id", r.documentHandler.DeleteDocument) + kb.POST("/create", r.knowledgebaseHandler.CreateKB) + kb.POST("/update", r.knowledgebaseHandler.UpdateKB) + kb.POST("/update_metadata_setting", r.knowledgebaseHandler.UpdateMetadataSetting) + kb.GET("/detail", r.knowledgebaseHandler.GetDetail) + kb.POST("/list", r.knowledgebaseHandler.ListKbs) + kb.POST("/rm", r.knowledgebaseHandler.DeleteKB) + kb.GET("/tags", r.knowledgebaseHandler.ListTagsFromKbs) + kb.GET("/get_meta", r.knowledgebaseHandler.GetMeta) + kb.GET("/basic_info", r.knowledgebaseHandler.GetBasicInfo) + + // KB ID specific routes + kbByID := kb.Group("/:kb_id") + { + kbByID.GET("/tags", r.knowledgebaseHandler.ListTags) + kbByID.POST("/rm_tags", r.knowledgebaseHandler.RemoveTags) + kbByID.POST("/rename_tag", r.knowledgebaseHandler.RenameTag) + kbByID.GET("/knowledge_graph", r.knowledgebaseHandler.KnowledgeGraph) + kbByID.DELETE("/knowledge_graph", r.knowledgebaseHandler.DeleteKnowledgeGraph) + } } - // Author routes - authors := v1.Group("/authors") + // Chunk routes + chunk := authorized.Group("/v1/chunk") { - authors.GET("/:author_id/documents", r.documentHandler.GetDocumentsByAuthorID) + chunk.POST("/retrieval_test", r.chunkHandler.RetrievalTest) } - } - // Knowledge base routes - kb := engine.Group("/v1/kb") - { - kb.POST("/create", r.knowledgebaseHandler.CreateKB) - kb.POST("/update", r.knowledgebaseHandler.UpdateKB) - kb.POST("/update_metadata_setting", r.knowledgebaseHandler.UpdateMetadataSetting) - kb.GET("/detail", r.knowledgebaseHandler.GetDetail) - kb.POST("/list", r.knowledgebaseHandler.ListKbs) - kb.POST("/rm", r.knowledgebaseHandler.DeleteKB) - kb.GET("/tags", r.knowledgebaseHandler.ListTagsFromKbs) - kb.GET("/get_meta", r.knowledgebaseHandler.GetMeta) - kb.GET("/basic_info", r.knowledgebaseHandler.GetBasicInfo) - - // KB ID specific routes - kbByID := kb.Group("/:kb_id") + // LLM routes + llm := authorized.Group("/v1/llm") { - kbByID.GET("/tags", r.knowledgebaseHandler.ListTags) - kbByID.POST("/rm_tags", r.knowledgebaseHandler.RemoveTags) - kbByID.POST("/rename_tag", r.knowledgebaseHandler.RenameTag) - kbByID.GET("/knowledge_graph", r.knowledgebaseHandler.KnowledgeGraph) - kbByID.DELETE("/knowledge_graph", r.knowledgebaseHandler.DeleteKnowledgeGraph) + llm.GET("/my_llms", r.llmHandler.GetMyLLMs) + llm.GET("/factories", r.llmHandler.Factories) + llm.GET("/list", r.llmHandler.ListApp) + llm.POST("/set_api_key", r.llmHandler.SetAPIKey) } - } - // Chunk routes - chunk := engine.Group("/v1/chunk") - { - chunk.POST("/retrieval_test", r.chunkHandler.RetrievalTest) - } + // Chat routes + chat := authorized.Group("/v1/dialog") + { + chat.GET("/list", r.chatHandler.ListChats) + chat.POST("/next", r.chatHandler.ListChatsNext) + chat.POST("/set", r.chatHandler.SetDialog) + chat.POST("/rm", r.chatHandler.RemoveChats) + } - // LLM routes - llm := engine.Group("/v1/llm") - { - llm.GET("/my_llms", r.llmHandler.GetMyLLMs) - llm.GET("/factories", r.llmHandler.Factories) - llm.GET("/list", r.llmHandler.ListApp) - llm.POST("/set_api_key", r.llmHandler.SetAPIKey) - } + // Chat session (conversation) routes + session := authorized.Group("/v1/conversation") + { + session.POST("/set", r.chatSessionHandler.SetChatSession) + session.POST("/rm", r.chatSessionHandler.RemoveChatSessions) + session.GET("/list", r.chatSessionHandler.ListChatSessions) + session.POST("/completion", r.chatSessionHandler.Completion) + } - // Chat routes - chat := engine.Group("/v1/dialog") - { - chat.GET("/list", r.chatHandler.ListChats) - chat.POST("/next", r.chatHandler.ListChatsNext) - chat.POST("/set", r.chatHandler.SetDialog) - chat.POST("/rm", r.chatHandler.RemoveChats) - } + // Connector routes + connector := authorized.Group("/v1/connector") + { + connector.GET("/list", r.connectorHandler.ListConnectors) + } - // Chat session (conversation) routes - session := engine.Group("/v1/conversation") - { - session.POST("/set", r.chatSessionHandler.SetChatSession) - session.POST("/rm", r.chatSessionHandler.RemoveChatSessions) - session.GET("/list", r.chatSessionHandler.ListChatSessions) - session.POST("/completion", r.chatSessionHandler.Completion) - } + // Search routes + search := authorized.Group("/v1/search") + { + search.POST("/list", r.searchHandler.ListSearchApps) + } - // Connector routes - connector := engine.Group("/v1/connector") - { - connector.GET("/list", r.connectorHandler.ListConnectors) - } - - // Search routes - search := engine.Group("/v1/search") - { - search.POST("/list", r.searchHandler.ListSearchApps) - } - - // File routes - file := engine.Group("/v1/file") - { - file.GET("/list", r.fileHandler.ListFiles) - file.GET("/root_folder", r.fileHandler.GetRootFolder) - file.GET("/parent_folder", r.fileHandler.GetParentFolder) - file.GET("/all_parent_folder", r.fileHandler.GetAllParentFolders) + // File routes + file := authorized.Group("/v1/file") + { + file.GET("/list", r.fileHandler.ListFiles) + file.GET("/root_folder", r.fileHandler.GetRootFolder) + file.GET("/parent_folder", r.fileHandler.GetParentFolder) + file.GET("/all_parent_folder", r.fileHandler.GetAllParentFolders) + } } // Handle undefined routes