ragflow

mirror of https://github.com/infiniflow/ragflow.git synced 2026-05-23 01:18:22 +08:00

Files

bitloi a6186244ee fix: handle missing SDK authorization headers (#15050 )

### What problem does this PR solve?

Closes #15048.

Several SDK session routes in `api/apps/sdk/session.py` called
`.split()` directly on `request.headers.get("Authorization")`. When
clients omitted the header, the handlers raised `AttributeError` before
returning the existing `Authorization is not valid!` response.

This PR centralizes SDK Authorization parsing in a small helper and
keeps the existing error response for missing, empty, or malformed
headers.

### Type of change

- [x] Bug Fix (non-breaking change which fixes an issue)

### Tests

- `ZHIPU_AI_API_KEY=dummy uv run --python 3.13 --group test pytest
test/testcases/test_http_api/test_session_management/test_session_sdk_routes_unit.py::test_sdk_session_routes_missing_authorization_unit
-q`
- `uv run --python 3.13 --group test ruff check api/apps/sdk/session.py
test/testcases/test_http_api/test_session_management/test_session_sdk_routes_unit.py`
- `python3 -m py_compile api/apps/sdk/session.py
test/testcases/test_http_api/test_session_management/test_session_sdk_routes_unit.py`
- `git diff --check`

2026-05-21 15:32:00 +08:00

libs

Move test files (#10765 )

2025-10-23 22:31:55 +08:00

restful_api

fix(api): check kb ownership in /dify/retrieval (#15028 )

2026-05-21 13:29:00 +08:00

test_admin_api

Refactor user REST API (#14334 )

2026-04-24 10:25:15 +08:00

test_common_data_source

feat: support rss datasource (#13721 )