add X-App-Code to allow_headers

a43fc4ef · StyleZhang · 438ad600 · a43fc4ef · a43fc4ef · a43fc4ef
Commit a43fc4ef authored Jul 10, 2023 by StyleZhang
Showing with 43 additions and 8 deletions

app.py api/app.py +1 -1

passport.py api/controllers/web/passport.py +1 -1

index.tsx web/app/components/share/chat/index.tsx +32 -3

base.ts web/service/base.ts +3 -3

share.ts web/service/share.ts +6 -0

No files found.
--- a/api/app.py
+++ b/api/app.py
@@ -155,7 +155,7 @@ def register_blueprints(app):
         resources={
             r"/*": {"origins": app.config['WEB_API_CORS_ALLOW_ORIGINS']}},
         supports_credentials=True,
-         allow_headers=['Content-Type', 'Authorization'],
+         allow_headers=['Content-Type', 'Authorization', 'X-App-Code'],
         methods=['GET', 'PUT', 'POST', 'DELETE', 'OPTIONS', 'PATCH'],
         expose_headers=['X-Version', 'X-Env']
         )

--- a/api/controllers/web/passport.py
+++ b/api/controllers/web/passport.py
@@ -40,7 +40,7 @@ class PassportResource(Resource):
        payload = {
            "iss": site.app_id,
            'sub': 'Web API Passport',
-            "aud": end_user.id,
+            # "aud": end_user.id,
            'app_id': site.app_id,
            'end_user_id': end_user.id,
        }

--- a/web/app/components/share/chat/index.tsx
+++ b/web/app/components/share/chat/index.tsx
@@ -6,6 +6,7 @@ import cn from 'classnames'
 import { useTranslation } from 'react-i18next'
 import { useContext } from 'use-context-selector'
 import produce from 'immer'
+import { useParams } from 'next/navigation'
 import { useBoolean, useGetState } from 'ahooks'
 import AppUnavailable from '../../base/app-unavailable'
 import useConversation from './hooks/use-conversation'
@@ -14,7 +15,20 @@ import { ToastContext } from '@/app/components/base/toast'
 import Sidebar from '@/app/components/share/chat/sidebar'
 import ConfigSence from '@/app/components/share/chat/config-scence'
 import Header from '@/app/components/share/header'
-import { delConversation, fetchAppInfo, fetchAppParams, fetchChatList, fetchConversations, fetchSuggestedQuestions, pinConversation, sendChatMessage, stopChatMessageResponding, unpinConversation, updateFeedback } from '@/service/share'
+import {
+  delConversation,
+  fetchAccessToken,
+  fetchAppInfo,
+  fetchAppParams,
+  fetchChatList,
+  fetchConversations,
+  fetchSuggestedQuestions,
+  pinConversation,
+  sendChatMessage,
+  stopChatMessageResponding,
+  unpinConversation,
+  updateFeedback,
+} from '@/service/share'
 import type { ConversationItem, SiteInfo } from '@/models/share'
 import type { PromptConfig, SuggestedQuestionsAfterAnswerConfig } from '@/models/debug'
 import type { Feedbacktype, IChatItem } from '@/app/components/app/chat'
@@ -54,6 +68,7 @@ const Main: FC<IMainProps> = ({
  // in mobile, show sidebar by click button
  const [isShowSidebar, { setTrue: showSidebar, setFalse: hideSidebar }] = useBoolean(false)
  // Can Use metadata(https://beta.nextjs.org/docs/api-reference/metadata) to set title. But it only works in server side client.
+  const params = useParams()
  useEffect(() => {
    if (siteInfo?.title) {
      if (plan !== 'basic')
@@ -296,7 +311,21 @@ const Main: FC<IMainProps> = ({
    return fetchConversations(isInstalledApp, installedAppInfo?.id, undefined, undefined, 100)
  }

-  const fetchInitData = () => {
+  const fetchAndSetAccessToken = async () => {
+    const res = await fetchAccessToken(params.token)
+    localStorage.setItem('accessToken', res.access_token)
+    fetchInitData()
+  }
+
+  const fetchInitData = async () => {
+    let appData: any = {}
+    try {
+      appData = await fetchAppInfo()
+    }
+    catch (e: any) {
+      if (e.code === 'unauthorized')
+        await fetchAndSetAccessToken()
+    }
    return Promise.all([isInstalledApp
      ? {
        app_id: installedAppInfo?.id,
@@ -307,7 +336,7 @@ const Main: FC<IMainProps> = ({
        },
        plan: 'basic',
      }
-      : fetchAppInfo(), fetchAllConversations(), fetchAppParams(isInstalledApp, installedAppInfo?.id)])
+      : appData, fetchAllConversations(), fetchAppParams(isInstalledApp, installedAppInfo?.id)])
  }

  // init

--- a/web/service/base.ts
+++ b/web/service/base.ts
@@ -141,8 +141,8 @@ const baseFetch = (
 ) => {
  const options = Object.assign({}, baseOptions, fetchOptions)
  if (isPublicAPI) {
-    const sharedToken = globalThis.location.pathname.split('/').slice(-1)[0]
-    options.headers.set('Authorization', `bearer ${sharedToken}`)
+    const sharedToken = localStorage.getItem('accessToken') || ''
+    options.headers.set('Authorization', `Bearer ${sharedToken}`)
  }

  if (deleteContentType) {
@@ -194,7 +194,7 @@ const baseFetch = (
              case 401: {
                if (isPublicAPI) {
                  Toast.notify({ type: 'error', message: 'Invalid token' })
-                  return
+                  return bodyJson.then((data: any) => Promise.reject(data))
                }
                const loginUrl = `${globalThis.location.origin}/signin`
                if (IS_CE_EDITION) {

--- a/web/service/share.ts
+++ b/web/service/share.ts
@@ -118,3 +118,9 @@ export const fetchSuggestedQuestions = (messageId: string, isInstalledApp: boole
 export const audioToText = (url: string, isPublicAPI: boolean, body: FormData) => {
  return (getAction('post', !isPublicAPI))(url, { body }, { bodyStringify: false, deleteContentType: true }) as Promise<{ text: string }>
 }
+
+export const fetchAccessToken = async (appCode: string) => {
+  const headers = new Headers()
+  headers.append('X-App-Code', appCode)
+  return get('/passport', { headers }) as Promise<{ access_token: string }>
+}