feat: add OAuth invite token check

2024-09-09 14:49:21 +08:00 · 2024-09-09 14:49:21 +08:00 · 076ce11511
commit 076ce11511
parent 00566af8d1
2 changed files with 7 additions and 1 deletions
--- a/api/controllers/console/auth/oauth.py
+++ b/api/controllers/console/auth/oauth.py
@ -76,12 +76,13 @@ class OAuthCallback(Resource):
            logging.exception(f"An error occurred during the OAuth process with {provider}: {e.response.text}")
            return {"error": "OAuth process failed"}, 400

-        if invite_token:
+        if invite_token and RegisterService.is_valid_invite_token(invite_token):
            invitation = RegisterService._get_invitation_by_token(token=invite_token)
            if invitation:
                invitation_email = invitation.get("email", None)
                if invitation_email != user_info.email:
                    return redirect(f"{dify_config.CONSOLE_WEB_URL}/signin?message=InvalidToken")
+                
            return redirect(f"{dify_config.CONSOLE_WEB_URL}/signin/invite-settings?invite_token={invite_token}")

        try:
--- a/api/services/account_service.py
+++ b/api/services/account_service.py
@ -687,6 +687,11 @@ class RegisterService:
        redis_client.setex(cls._get_invitation_token_key(token), expiryHours * 60 * 60, json.dumps(invitation_data))
        return token

+    @classmethod
+    def is_valid_invite_token(cls, token: str) -> bool:
+        data = redis_client.get(cls._get_invitation_token_key(token))
+        return data is not None
+
    @classmethod
    def revoke_token(cls, workspace_id: str, email: str, token: str):
        if workspace_id and email: