# # Copyright 2025 The InfiniFlow Authors. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # import logging import uuid from functools import wraps from flask import request, jsonify from api.common.exceptions import AdminException from api.db.init_data import encode_to_base64 from api.db.services import UserService def check_admin(username: str, password: str): users = UserService.query(email=username) if not users: logging.info(f"Username: {username} is not registered!") user_info = { "id": uuid.uuid1().hex, "password": encode_to_base64("admin"), "nickname": "admin", "is_superuser": True, "email": "admin@ragflow.io", "creator": "system", "status": "1", } if not UserService.save(**user_info): raise AdminException("Can't init admin.", 500) user = UserService.query_user(username, password) if user: return True else: return False def login_verify(f): @wraps(f) def decorated(*args, **kwargs): auth = request.authorization if not auth or 'username' not in auth.parameters or 'password' not in auth.parameters: return jsonify({ "code": 401, "message": "Authentication required", "data": None }), 200 username = auth.parameters['username'] password = auth.parameters['password'] # TODO: to check the username and password from DB if check_admin(username, password) is False: return jsonify({ "code": 403, "message": "Access denied", "data": None }), 200 return f(*args, **kwargs) return decorated