Fix: predictable token generation (#10868)

### What problem does this PR solve? Fix predictable token generation. ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)
2026-01-29 06:36:35 +08:00 · 2025-10-30 09:31:36 +08:00
parent 40b2c48957
commit a3bb4aadcc
4 changed files with 22 additions and 19 deletions
--- a/api/apps/api_app.py
+++ b/api/apps/api_app.py
@ -59,7 +59,7 @@ def new_token():
            return get_data_error_result(message="Tenant not found!")

        tenant_id = tenants[0].tenant_id
-        obj = {"tenant_id": tenant_id, "token": generate_confirmation_token(tenant_id),
+        obj = {"tenant_id": tenant_id, "token": generate_confirmation_token(),
               "create_time": current_timestamp(),
               "create_date": datetime_format(datetime.now()),
               "update_time": None,
@ -868,7 +868,7 @@ def retrieval():
    similarity_threshold = float(req.get("similarity_threshold", 0.2))
    vector_similarity_weight = float(req.get("vector_similarity_weight", 0.3))
    top = int(req.get("top_k", 1024))
-    highlight = bool(req.get("highlight", False)) 
+    highlight = bool(req.get("highlight", False))

    try:
        kbs = KnowledgebaseService.get_by_ids(kb_ids)
--- a/api/apps/system_app.py
+++ b/api/apps/system_app.py
@ -217,8 +217,8 @@ def new_token():
        tenant_id = [tenant for tenant in tenants if tenant.role == 'owner'][0].tenant_id
        obj = {
            "tenant_id": tenant_id,
-            "token": generate_confirmation_token(tenant_id),
-            "beta": generate_confirmation_token(generate_confirmation_token(tenant_id)).replace("ragflow-", "")[:32],
+            "token": generate_confirmation_token(),
+            "beta": generate_confirmation_token().replace("ragflow-", "")[:32],
            "create_time": current_timestamp(),
            "create_date": datetime_format(datetime.now()),
            "update_time": None,
@ -274,7 +274,7 @@ def token_list():
        objs = [o.to_dict() for o in objs]
        for o in objs:
            if not o["beta"]:
-                o["beta"] = generate_confirmation_token(generate_confirmation_token(tenants[0].tenant_id)).replace(
+                o["beta"] = generate_confirmation_token().replace(
                    "ragflow-", "")[:32]
                APITokenService.filter_update([APIToken.tenant_id == tenant_id, APIToken.token == o["token"]], o)
        return get_json_result(data=objs)
--- a/api/utils/api_utils.py
+++ b/api/utils/api_utils.py
@ -43,7 +43,6 @@ from flask_login import current_user
 from flask import (
    request as flask_request,
 )
-from itsdangerous import URLSafeTimedSerializer
 from peewee import OperationalError
 from werkzeug.http import HTTP_STATUS_CODES

@ -52,7 +51,6 @@ from api.constants import REQUEST_MAX_WAIT_SEC, REQUEST_WAIT_SEC
 from api.db import ActiveEnum
 from api.db.db_models import APIToken
 from api.utils.json_encode import CustomJSONEncoder, json_dumps
-from api.utils import get_uuid
 from rag.utils.mcp_tool_call_conn import MCPToolCallSession, close_multiple_mcp_toolcall_sessions

 requests.models.complexjson.dumps = functools.partial(json.dumps, cls=CustomJSONEncoder)
@ -410,9 +408,9 @@ def get_error_operating_result(message="Operating error"):
    return get_result(code=settings.RetCode.OPERATING_ERROR, message=message)


-def generate_confirmation_token(tenant_id):
-    serializer = URLSafeTimedSerializer(tenant_id)
-    return "ragflow-" + serializer.dumps(get_uuid(), salt=tenant_id)[2:34]
+def generate_confirmation_token():
+    import secrets
+    return "ragflow-" + secrets.token_urlsafe(32)


 def get_parser_config(chunk_method, parser_config):