Feat: auto release (#10557)

### What problem does this PR solve? Add cli build to release.yml. ### Type of change - [x] New Feature (non-breaking change which adds functionality)
2025-12-08 20:42:30 +08:00 · 2025-10-14 21:06:27 +08:00
parent e535099f36
commit 83ec915d51
15 changed files with 49 additions and 12 deletions
--- a/admin/server/auth.py
+++ b/admin/server/auth.py
@ -0,0 +1,74 @@
+#
+#  Copyright 2025 The InfiniFlow Authors. All Rights Reserved.
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+
+
+import logging
+import uuid
+from functools import wraps
+from flask import request, jsonify
+
+from api.common.exceptions import AdminException
+from api.db.init_data import encode_to_base64
+from api.db.services import UserService
+
+
+def check_admin(username: str, password: str):
+    users = UserService.query(email=username)
+    if not users:
+        logging.info(f"Username: {username} is not registered!")
+        user_info = {
+            "id": uuid.uuid1().hex,
+            "password": encode_to_base64("admin"),
+            "nickname": "admin",
+            "is_superuser": True,
+            "email": "admin@ragflow.io",
+            "creator": "system",
+            "status": "1",
+        }
+        if not UserService.save(**user_info):
+            raise AdminException("Can't init admin.", 500)
+
+    user = UserService.query_user(username, password)
+    if user:
+        return True
+    else:
+        return False
+
+
+def login_verify(f):
+    @wraps(f)
+    def decorated(*args, **kwargs):
+        auth = request.authorization
+        if not auth or 'username' not in auth.parameters or 'password' not in auth.parameters:
+            return jsonify({
+                "code": 401,
+                "message": "Authentication required",
+                "data": None
+            }), 200
+
+        username = auth.parameters['username']
+        password = auth.parameters['password']
+        # TODO: to check the username and password from DB
+        if check_admin(username, password) is False:
+            return jsonify({
+                "code": 403,
+                "message": "Access denied",
+                "data": None
+            }), 200
+
+        return f(*args, **kwargs)
+
+    return decorated