feat: enterprise

api/.env.example

 # Server Edition
 EDITION=SELF_HOSTED
 
+# Enterprise Options
+ENTERPRISE=
+ENTERPRISE_KEY=
+
 # Your App secret key will be used for securely signing the session cookie
 # Make sure you are changing this key for your deployment with a strong key.
 # You can generate a strong key using `openssl rand -base64 42`.

api/app.py

@@ -112,7 +112,7 @@ def initialize_extensions(app):
 @login_manager.request_loader
 def load_user_from_request(request_from_flask_login):
     """Load user based on the request."""
-    if request.blueprint == 'console':
+    if request.blueprint in ['console', 'enterprise']:
         # Check if the user_id contains a dot, indicating the old format
         auth_header = request.headers.get('Authorization', '')
         if not auth_header:
@@ -150,6 +150,7 @@ def register_blueprints(app):
     from controllers.files import bp as files_bp
     from controllers.service_api import bp as service_api_bp
     from controllers.web import bp as web_bp
+    from controllers.enterprise import bp as enterprise_bp
 
     CORS(service_api_bp,
          allow_headers=['Content-Type', 'Authorization', 'X-App-Code'],
@@ -185,6 +186,7 @@ def register_blueprints(app):
          )
     app.register_blueprint(files_bp)
 
+    app.register_blueprint(enterprise_bp)
 
 # create app
 app = create_app()

api/config.py

@@ -120,6 +120,11 @@ class Config:
         # Alternatively you can set it with `SECRET_KEY` environment variable.
         self.SECRET_KEY = get_env('SECRET_KEY')
 
+        # Enterprise Edition
+        # Only the enterprise edition can be set to True
+        self.ENTERPRISE = get_bool_env('ENTERPRISE')
+        self.ENTERPRISE_KEY = get_env('ENTERPRISE_KEY')
+
         # cors settings
         self.CONSOLE_CORS_ALLOW_ORIGINS = get_cors_allow_origins(
             'CONSOLE_CORS_ALLOW_ORIGINS', self.CONSOLE_WEB_URL)

api/controllers/console/wraps.py

@@ -92,3 +92,4 @@ def cloud_utm_record(view):
             pass
         return view(*args, **kwargs)
     return decorated
+

api/controllers/enterprise/__init__.py

+from flask import Blueprint
+from libs.external_api import ExternalApi
+
+bp = Blueprint('enterprise', __name__, url_prefix='/enterprise/api')
+api = ExternalApi(bp)
+
+from . import authorization
\ No newline at end of file

api/controllers/enterprise/authorization.py

+from flask_login import current_user
+
+from controllers.enterprise import api
+from controllers.console.setup import setup_required
+from libs.login import login_required
+from controllers.enterprise.wraps import enterprise_only
+from flask_restful import Resource
+
+class EnterpriseAuthorizationApi(Resource):
+    """Authorization API for enterprise edition, share user and tenant info."""
+
+    @setup_required
+    @login_required
+    @enterprise_only
+    def get(self):
+        current_tenant = current_user.current_tenant
+        return {
+            'id': current_user.id,
+            'name': current_user.name,
+            'avatar': current_user.avatar,
+            'current_tenant' : {
+                'id': current_tenant.id,
+                'name': current_tenant.name,
+                'plan': current_tenant.plan,
+            },
+            'current_tenant_role': current_tenant.current_role
+        }
+    
+api.add_resource(EnterpriseAuthorizationApi, '/authorization/info')
\ No newline at end of file

api/controllers/enterprise/wraps.py

+from functools import wraps
+
+from flask import abort, current_app, request
+
+def enterprise_only(view):
+    @wraps(view)
+    def decorated(*args, **kwargs):
+        if not current_app.config['ENTERPRISE']:
+            abort(404)
+
+        # get header 'X-Enterprise-Key'
+        enterprise_key = request.headers.get('X-Enterprise-Key')
+        if not enterprise_key or enterprise_key != current_app.config['ENTERPRISE_KEY']:
+            abort(404)
+
+        return view(*args, **kwargs)
+    
+    return decorated