youngkingdom/ragflow
1
0
Fork 0
mirror of https://github.com/infiniflow/ragflow.git synced 2026-05-02 16:27:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add auth middleware (#13506)

Browse Source 
### What problem does this PR solve?

Use auth middle-ware to check authorization.

### Type of change

- [x] Refactoring

---------

Signed-off-by: Jin Hai <haijin.chn@gmail.com>
This commit is contained in:
Jin Hai
2026-03-11 11:23:13 +08:00
committed by GitHub
parent d0ca388bec
commit 2133fd76a8
16 changed files with 411 additions and 624 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
internal/handler/auth.go Normal file
View File

@ -0,0 +1,81 @@
//
// Copyright 2026 The InfiniFlow Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
package handler
import (
"net/http"
"ragflow/internal/common"
"ragflow/internal/service"
"github.com/gin-gonic/gin"
)
// AuthHandler auth handler
type AuthHandler struct {
userService *service.UserService
}
// NewAuthHandler create auth handler
func NewAuthHandler() *AuthHandler {
return &AuthHandler{
userService: service.NewUserService(),
}
}
// AuthMiddleware JWT auth middleware
// Validates that the user is authenticated and is a superuser (admin)
func (h *AuthHandler) AuthMiddleware() gin.HandlerFunc {
return func(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
c.Abort()
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": "Invalid access token",
})
c.Abort()
return
}
if *user.IsSuperuser {
c.JSON(http.StatusForbidden, gin.H{
"code": common.CodeForbidden,
"message": "Super user should access the URL",
})
return
}
c.Set("user", user)
c.Set("user_id", user.ID)
c.Set("email", user.Email)
c.Next()
}
}
func (h *AuthHandler) LoginByEmail1(c *gin.Context) {
println("hello")
}

81
internal/handler/chat.go
View File

@ -18,6 +18,7 @@ package handler
import (
"net/http"
"ragflow/internal/common"
"strconv"
"github.com/gin-gonic/gin"
@ -48,23 +49,9 @@ func NewChatHandler(chatService *service.ChatService, userService *service.UserS
// @Success 200 {object} service.ListChatsResponse
// @Router /v1/dialog/list [get]
func (h *ChatHandler) ListChats(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID
@ -101,23 +88,9 @@ func (h *ChatHandler) ListChats(c *gin.Context) {
// @Success 200 {object} service.ListChatsNextResponse
// @Router /v1/dialog/next [post]
func (h *ChatHandler) ListChatsNext(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID
@ -185,23 +158,9 @@ func (h *ChatHandler) ListChatsNext(c *gin.Context) {
// @Success 200 {object} service.SetDialogResponse
// @Router /v1/dialog/set [post]
func (h *ChatHandler) SetDialog(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID
@ -257,23 +216,9 @@ type RemoveDialogsRequest struct {
// @Success 200 {object} map[string]interface{}
// @Router /v1/dialog/rm [post]
func (h *ChatHandler) RemoveChats(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID

81
internal/handler/chat_session.go
View File

@ -20,6 +20,7 @@ import (
"fmt"
"io"
"net/http"
"ragflow/internal/common"
"github.com/gin-gonic/gin"
@ -50,23 +51,9 @@ func NewChatSessionHandler(chatSessionService *service.ChatSessionService, userS
// @Success 200 {object} service.SetChatSessionResponse
// @Router /v1/conversation/set [post]
func (h *ChatSessionHandler) SetChatSession(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID
@ -113,23 +100,9 @@ type RemoveChatSessionsRequest struct {
// @Success 200 {object} map[string]interface{}
// @Router /v1/conversation/rm [post]
func (h *ChatSessionHandler) RemoveChatSessions(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID
@ -179,23 +152,9 @@ func (h *ChatSessionHandler) RemoveChatSessions(c *gin.Context) {
// @Success 200 {object} service.ListChatSessionsResponse
// @Router /v1/conversation/list [get]
func (h *ChatSessionHandler) ListChatSessions(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID
@ -259,23 +218,9 @@ type CompletionRequest struct {
// @Success 200 {object} map[string]interface{}
// @Router /v1/conversation/completion [post]
func (h *ChatSessionHandler) Completion(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID

21
internal/handler/chunk.go
View File

@ -18,6 +18,7 @@ package handler
import (
"net/http"
"ragflow/internal/common"
"github.com/gin-gonic/gin"
@ -48,23 +49,9 @@ func NewChunkHandler(chunkService *service.ChunkService, userService *service.Us
// @Success 200 {object} map[string]interface{}
// @Router /v1/chunk/retrieval_test [post]
func (h *ChunkHandler) RetrievalTest(c *gin.Context) {
// Extract access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}

37
internal/handler/common.go Normal file
View File

@ -0,0 +1,37 @@
//
// Copyright 2026 The InfiniFlow Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
package handler
import (
"ragflow/internal/common"
"ragflow/internal/model"
"github.com/gin-gonic/gin"
)
func GetUser(c *gin.Context) (*model.User, common.ErrorCode, string) {
userAny, exist := c.Get("user")
if !exist {
return nil, common.CodeUnauthorized, "User not found"
}
user, ok := userAny.(*model.User)
if !ok {
return nil, common.CodeUnauthorized, "User not found"
}
return user, common.CodeSuccess, ""
}

21
internal/handler/connector.go
View File

@ -18,6 +18,7 @@ package handler
import (
"net/http"
"ragflow/internal/common"
"github.com/gin-gonic/gin"
@ -47,23 +48,9 @@ func NewConnectorHandler(connectorService *service.ConnectorService, userService
// @Success 200 {object} service.ListConnectorsResponse
// @Router /connector/list [get]
func (h *ConnectorHandler) ListConnectors(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID

37
internal/handler/document.go
View File

@ -18,6 +18,7 @@ package handler
import (
"net/http"
"ragflow/internal/common"
"strconv"
"github.com/gin-gonic/gin"
@ -47,6 +48,12 @@ func NewDocumentHandler(documentService *service.DocumentService) *DocumentHandl
// @Success 200 {object} map[string]interface{}
// @Router /api/v1/documents [post]
func (h *DocumentHandler) CreateDocument(c *gin.Context) {
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
var req service.CreateDocumentRequest
if err := c.ShouldBindJSON(&req); err != nil {
c.JSON(http.StatusBadRequest, gin.H{
@ -79,6 +86,12 @@ func (h *DocumentHandler) CreateDocument(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /api/v1/documents/{id} [get]
func (h *DocumentHandler) GetDocumentByID(c *gin.Context) {
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
id := c.Param("id")
if id == "" {
c.JSON(http.StatusBadRequest, gin.H{
@ -111,6 +124,12 @@ func (h *DocumentHandler) GetDocumentByID(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /api/v1/documents/{id} [put]
func (h *DocumentHandler) UpdateDocument(c *gin.Context) {
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
id := c.Param("id")
if id == "" {
c.JSON(http.StatusBadRequest, gin.H{
@ -149,6 +168,12 @@ func (h *DocumentHandler) UpdateDocument(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /api/v1/documents/{id} [delete]
func (h *DocumentHandler) DeleteDocument(c *gin.Context) {
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
id := c.Param("id")
if id == "" {
c.JSON(http.StatusBadRequest, gin.H{
@ -180,6 +205,12 @@ func (h *DocumentHandler) DeleteDocument(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /api/v1/documents [get]
func (h *DocumentHandler) ListDocuments(c *gin.Context) {
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
page, _ := strconv.Atoi(c.DefaultQuery("page", "1"))
pageSize, _ := strconv.Atoi(c.DefaultQuery("page_size", "10"))
@ -220,6 +251,12 @@ func (h *DocumentHandler) ListDocuments(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /api/v1/authors/{author_id}/documents [get]
func (h *DocumentHandler) GetDocumentsByAuthorID(c *gin.Context) {
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
authorIDStr := c.Param("author_id")
authorID, err := strconv.Atoi(authorIDStr)
if err != nil {

81
internal/handler/file.go
View File

@ -18,6 +18,7 @@ package handler
import (
"net/http"
"ragflow/internal/common"
"strconv"
"github.com/gin-gonic/gin"
@ -54,23 +55,9 @@ func NewFileHandler(fileService *service.FileService, userService *service.UserS
// @Success 200 {object} service.ListFilesResponse
// @Router /v1/file/list [get]
func (h *FileHandler) ListFiles(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID
@ -130,23 +117,9 @@ func (h *FileHandler) ListFiles(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/file/root_folder [get]
func (h *FileHandler) GetRootFolder(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID
@ -178,23 +151,9 @@ func (h *FileHandler) GetRootFolder(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/file/parent_folder [get]
func (h *FileHandler) GetParentFolder(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token (for validation)
_, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -235,23 +194,9 @@ func (h *FileHandler) GetParentFolder(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/file/all_parent_folder [get]
func (h *FileHandler) GetAllParentFolders(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token (for validation)
_, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}

137
internal/handler/kb.go
View File

@ -40,33 +40,6 @@ func NewKnowledgebaseHandler(kbService *service.KnowledgebaseService, userServic
}
}
// getUserID extracts user ID from authorization header
// It validates the authorization token and returns the user ID
// Parameters:
// - c: gin.Context - the HTTP request context
//
// Returns:
// - string: the user ID
// - common.ErrorCode: the error code
// - error: any error that occurred
func (h *KnowledgebaseHandler) getUserID(c *gin.Context) (string, common.ErrorCode, error) {
token := c.GetHeader("Authorization")
if token == "" {
return "", common.CodeUnauthorized, ErrMissingAuth
}
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
return "", code, err
}
if *user.IsSuperuser {
return "", common.CodeForbidden, ErrForbidden
}
return user.ID, common.CodeSuccess, nil
}
// jsonResponse sends a JSON response with code and message
func jsonResponse(c *gin.Context, code common.ErrorCode, data interface{}, message string) {
c.JSON(http.StatusOK, gin.H{
@ -115,9 +88,9 @@ var (
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/create [post]
func (h *KnowledgebaseHandler) CreateKB(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -127,7 +100,7 @@ func (h *KnowledgebaseHandler) CreateKB(c *gin.Context) {
return
}
result, code, err := h.kbService.CreateKB(&req, userID)
result, code, err := h.kbService.CreateKB(&req, user.ID)
if err != nil {
jsonError(c, code, err.Error())
return
@ -147,9 +120,9 @@ func (h *KnowledgebaseHandler) CreateKB(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/update [post]
func (h *KnowledgebaseHandler) UpdateKB(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -159,7 +132,7 @@ func (h *KnowledgebaseHandler) UpdateKB(c *gin.Context) {
return
}
result, code, err := h.kbService.UpdateKB(&req, userID)
result, code, err := h.kbService.UpdateKB(&req, user.ID)
if err != nil {
if strings.Contains(err.Error(), "authorization") {
jsonError(c, common.CodeAuthenticationError, err.Error())
@ -183,9 +156,9 @@ func (h *KnowledgebaseHandler) UpdateKB(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/update_metadata_setting [post]
func (h *KnowledgebaseHandler) UpdateMetadataSetting(c *gin.Context) {
_, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -215,9 +188,9 @@ func (h *KnowledgebaseHandler) UpdateMetadataSetting(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/detail [get]
func (h *KnowledgebaseHandler) GetDetail(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -227,7 +200,7 @@ func (h *KnowledgebaseHandler) GetDetail(c *gin.Context) {
return
}
result, code, err := h.kbService.GetDetail(kbID, userID)
result, code, err := h.kbService.GetDetail(kbID, user.ID)
if err != nil {
if strings.Contains(err.Error(), "authorized") {
jsonError(c, common.CodeOperatingError, err.Error())
@ -251,9 +224,9 @@ func (h *KnowledgebaseHandler) GetDetail(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/list [post]
func (h *KnowledgebaseHandler) ListKbs(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -317,7 +290,7 @@ func (h *KnowledgebaseHandler) ListKbs(c *gin.Context) {
ownerIDs = *req.OwnerIDs
}
result, code, err := h.kbService.ListKbs(keywords, page, pageSize, parserID, orderby, desc, ownerIDs, userID)
result, code, err := h.kbService.ListKbs(keywords, page, pageSize, parserID, orderby, desc, ownerIDs, user.ID)
if err != nil {
jsonError(c, code, err.Error())
return
@ -337,9 +310,9 @@ func (h *KnowledgebaseHandler) ListKbs(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/rm [post]
func (h *KnowledgebaseHandler) DeleteKB(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -351,7 +324,7 @@ func (h *KnowledgebaseHandler) DeleteKB(c *gin.Context) {
return
}
code, err = h.kbService.DeleteKB(req.KBID, userID)
code, err := h.kbService.DeleteKB(req.KBID, user.ID)
if err != nil {
if strings.Contains(err.Error(), "authorization") {
jsonError(c, common.CodeAuthenticationError, err.Error())
@ -375,9 +348,9 @@ func (h *KnowledgebaseHandler) DeleteKB(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/{kb_id}/tags [get]
func (h *KnowledgebaseHandler) ListTags(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -387,7 +360,7 @@ func (h *KnowledgebaseHandler) ListTags(c *gin.Context) {
return
}
if !h.kbService.Accessible(kbID, userID) {
if !h.kbService.Accessible(kbID, user.ID) {
jsonError(c, common.CodeAuthenticationError, "No authorization.")
return
}
@ -406,9 +379,9 @@ func (h *KnowledgebaseHandler) ListTags(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/tags [get]
func (h *KnowledgebaseHandler) ListTagsFromKbs(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -420,7 +393,7 @@ func (h *KnowledgebaseHandler) ListTagsFromKbs(c *gin.Context) {
kbIDs := strings.Split(kbIDsStr, ",")
for _, kbID := range kbIDs {
if !h.kbService.Accessible(kbID, userID) {
if !h.kbService.Accessible(kbID, user.ID) {
jsonError(c, common.CodeAuthenticationError, "No authorization.")
return
}
@ -441,9 +414,9 @@ func (h *KnowledgebaseHandler) ListTagsFromKbs(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/{kb_id}/rm_tags [post]
func (h *KnowledgebaseHandler) RemoveTags(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -453,7 +426,7 @@ func (h *KnowledgebaseHandler) RemoveTags(c *gin.Context) {
return
}
if !h.kbService.Accessible(kbID, userID) {
if !h.kbService.Accessible(kbID, user.ID) {
jsonError(c, common.CodeAuthenticationError, "No authorization.")
return
}
@ -481,9 +454,9 @@ func (h *KnowledgebaseHandler) RemoveTags(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/{kb_id}/rename_tag [post]
func (h *KnowledgebaseHandler) RenameTag(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -493,7 +466,7 @@ func (h *KnowledgebaseHandler) RenameTag(c *gin.Context) {
return
}
if !h.kbService.Accessible(kbID, userID) {
if !h.kbService.Accessible(kbID, user.ID) {
jsonError(c, common.CodeAuthenticationError, "No authorization.")
return
}
@ -521,9 +494,9 @@ func (h *KnowledgebaseHandler) RenameTag(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/{kb_id}/knowledge_graph [get]
func (h *KnowledgebaseHandler) KnowledgeGraph(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -533,7 +506,7 @@ func (h *KnowledgebaseHandler) KnowledgeGraph(c *gin.Context) {
return
}
if !h.kbService.Accessible(kbID, userID) {
if !h.kbService.Accessible(kbID, user.ID) {
jsonError(c, common.CodeAuthenticationError, "No authorization.")
return
}
@ -557,9 +530,9 @@ func (h *KnowledgebaseHandler) KnowledgeGraph(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/{kb_id}/knowledge_graph [delete]
func (h *KnowledgebaseHandler) DeleteKnowledgeGraph(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -569,7 +542,7 @@ func (h *KnowledgebaseHandler) DeleteKnowledgeGraph(c *gin.Context) {
return
}
if !h.kbService.Accessible(kbID, userID) {
if !h.kbService.Accessible(kbID, user.ID) {
jsonError(c, common.CodeAuthenticationError, "No authorization.")
return
}
@ -588,9 +561,9 @@ func (h *KnowledgebaseHandler) DeleteKnowledgeGraph(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/get_meta [get]
func (h *KnowledgebaseHandler) GetMeta(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -602,7 +575,7 @@ func (h *KnowledgebaseHandler) GetMeta(c *gin.Context) {
kbIDs := strings.Split(kbIDsStr, ",")
for _, kbID := range kbIDs {
if !h.kbService.Accessible(kbID, userID) {
if !h.kbService.Accessible(kbID, user.ID) {
jsonError(c, common.CodeAuthenticationError, "No authorization.")
return
}
@ -622,9 +595,9 @@ func (h *KnowledgebaseHandler) GetMeta(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/kb/basic_info [get]
func (h *KnowledgebaseHandler) GetBasicInfo(c *gin.Context) {
userID, code, err := h.getUserID(c)
if err != nil {
jsonError(c, code, err.Error())
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -634,7 +607,7 @@ func (h *KnowledgebaseHandler) GetBasicInfo(c *gin.Context) {
return
}
if !h.kbService.Accessible(kbID, userID) {
if !h.kbService.Accessible(kbID, user.ID) {
jsonError(c, common.CodeAuthenticationError, "No authorization.")
return
}

80
internal/handler/llm.go
View File

@ -61,23 +61,9 @@ func NewLLMHandler(llmService *service.LLMService, userService *service.UserServ
// @Success 200 {object} map[string]interface{}
// @Router /v1/llm/my_llms [get]
func (h *LLMHandler) GetMyLLMs(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Unauthorized!",
"data": false,
})
return
}
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -113,23 +99,9 @@ func (h *LLMHandler) GetMyLLMs(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/llm/set_api_key [post]
func (h *LLMHandler) SetAPIKey(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Unauthorized!",
"data": false,
})
return
}
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -180,23 +152,9 @@ func (h *LLMHandler) SetAPIKey(c *gin.Context) {
// @Success 200 {array} FactoryResponse
// @Router /v1/llm/factories [get]
func (h *LLMHandler) Factories(c *gin.Context) {
// Extract token from request
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by token
_, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
_, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -261,23 +219,9 @@ func (h *LLMHandler) Factories(c *gin.Context) {
// @Success 200 {object} map[string][]service.LLMListItem
// @Router /v1/llm/list [get]
func (h *LLMHandler) ListApp(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Unauthorized!",
"data": false,
})
return
}
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}

21
internal/handler/search.go
View File

@ -18,6 +18,7 @@ package handler
import (
"net/http"
"ragflow/internal/common"
"strconv"
"github.com/gin-gonic/gin"
@ -54,23 +55,9 @@ func NewSearchHandler(searchService *service.SearchService, userService *service
// @Success 200 {object} service.ListSearchAppsResponse
// @Router /v1/search/list [post]
func (h *SearchHandler) ListSearchApps(c *gin.Context) {
// Get access token from Authorization header
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusUnauthorized, gin.H{
"code": 401,
"message": "Missing Authorization header",
})
return
}
// Get user by access token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusUnauthorized, gin.H{
"code": code,
"message": err.Error(),
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
userID := user.ID

40
internal/handler/tenant.go
View File

@ -49,23 +49,9 @@ func NewTenantHandler(tenantService *service.TenantService, userService *service
// @Success 200 {object} map[string]interface{}
// @Router /v1/user/tenant_info [get]
func (h *TenantHandler) TenantInfo(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Unauthorized!",
"data": false,
})
return
}
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -105,23 +91,9 @@ func (h *TenantHandler) TenantInfo(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/tenant/list [get]
func (h *TenantHandler) TenantList(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Unauthorized!",
"data": false,
})
return
}
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}

92
internal/handler/user.go
View File

@ -291,30 +291,14 @@ func (h *UserHandler) ListUsers(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/user/logout [post]
func (h *UserHandler) Logout(c *gin.Context) {
// Extract token from request
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Missing Authorization header",
"data": false,
})
return
}
// Get user by token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
// Logout user
code, err = h.userService.Logout(user)
code, err := h.userService.Logout(user)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
@ -341,25 +325,9 @@ func (h *UserHandler) Logout(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/user/info [get]
func (h *UserHandler) Info(c *gin.Context) {
// Extract token from request
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Missing Authorization header",
"data": false,
})
return
}
// Get user by token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -446,25 +414,9 @@ func (h *UserHandler) Setting(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/user/setting/password [post]
func (h *UserHandler) ChangePassword(c *gin.Context) {
// Extract token from request
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Missing Authorization header",
"data": false,
})
return
}
// Get user by token
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -480,7 +432,7 @@ func (h *UserHandler) ChangePassword(c *gin.Context) {
}
// Change password
code, err = h.userService.ChangePassword(user, &req)
code, err := h.userService.ChangePassword(user, &req)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
@ -534,23 +486,9 @@ func (h *UserHandler) GetLoginChannels(c *gin.Context) {
// @Success 200 {object} map[string]interface{}
// @Router /v1/user/set_tenant_info [post]
func (h *UserHandler) SetTenantInfo(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeUnauthorized,
"message": "Unauthorized!",
"data": false,
})
return
}
user, code, err := h.userService.GetUserByToken(token)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"message": err.Error(),
"data": false,
})
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
@ -564,7 +502,7 @@ func (h *UserHandler) SetTenantInfo(c *gin.Context) {
return
}
err = h.userService.SetTenantInfo(user.ID, &req)
err := h.userService.SetTenantInfo(user.ID, &req)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeDataError,