outman/dify
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: update invite workspace member email password login logic

Browse Source
This commit is contained in:
Joe 2024-09-03 15:37:16 +08:00
parent 943259c75e
commit d319913772
2 changed files with 23 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
api/controllers/console/auth/login.py
View File

@ -12,7 +12,9 @@ from controllers.console.auth.error import (
EmailCodeError, EmailCodeError,
InvalidEmailError, InvalidEmailError,
InvalidTokenError, InvalidTokenError,
PasswordMismatchError,
) )
from controllers.console.error import NotAllowedCreateWorkspace, NotAllowedRegister
from controllers.console.setup import setup_required from controllers.console.setup import setup_required
from libs.helper import email, get_remote_ip from libs.helper import email, get_remote_ip
from libs.password import valid_password from libs.password import valid_password
@ -34,11 +36,13 @@ class LoginApi(Resource):
try: try:
account = AccountService.authenticate(args["email"], args["password"]) account = AccountService.authenticate(args["email"], args["password"])
except services.errors.account.AccountLoginError as e: except services.errors.account.AccountLoginError:
return {"code": "unauthorized", "message": str(e)}, 401 raise NotAllowedRegister()
except services.errors.account.AccountNotFound as e: except services.errors.account.AccountPasswordError:
raise PasswordMismatchError()
except services.errors.account.AccountNotFound:
if not dify_config.ALLOW_REGISTER: if not dify_config.ALLOW_REGISTER:
return {"code": "unauthorized", "message": str(e)}, 401 raise NotAllowedCreateWorkspace()
token = AccountService.send_reset_password_email(email=args["email"]) token = AccountService.send_reset_password_email(email=args["email"])
return redirect(f"{dify_config.CONSOLE_WEB_URL}/reset-password?token={token}") return redirect(f"{dify_config.CONSOLE_WEB_URL}/reset-password?token={token}")
@ -78,7 +82,7 @@ class ResetPasswordSendEmailApi(Resource):
if dify_config.ALLOW_REGISTER: if dify_config.ALLOW_REGISTER:
token = AccountService.send_reset_password_email(email=args["email"]) token = AccountService.send_reset_password_email(email=args["email"])
else: else:
raise InvalidEmailError() raise NotAllowedRegister()
else: else:
token = AccountService.send_reset_password_email(account=account) token = AccountService.send_reset_password_email(account=account)
@ -94,7 +98,10 @@ class EmailCodeLoginSendEmailApi(Resource):
account = AccountService.get_user_through_email(args["email"]) account = AccountService.get_user_through_email(args["email"])
if account is None: if account is None:
if dify_config.ALLOW_REGISTER:
token = AccountService.send_email_code_login_email(email=args["email"]) token = AccountService.send_email_code_login_email(email=args["email"])
else:
raise NotAllowedRegister()
else: else:
token = AccountService.send_email_code_login_email(account=account) token = AccountService.send_email_code_login_email(account=account)

14
api/services/account_service.py
View File

@ -25,6 +25,7 @@ from services.errors.account import (
AccountLoginError, AccountLoginError,
AccountNotFound, AccountNotFound,
AccountNotLinkTenantError, AccountNotLinkTenantError,
AccountPasswordError,
AccountRegisterError, AccountRegisterError,
CannotOperateSelfError, CannotOperateSelfError,
CurrentPasswordIncorrectError, CurrentPasswordIncorrectError,
@ -98,13 +99,14 @@ class AccountService:
if account.status == AccountStatus.BANNED.value or account.status == AccountStatus.CLOSED.value: if account.status == AccountStatus.BANNED.value or account.status == AccountStatus.CLOSED.value:
raise AccountLoginError("Account is banned or closed.") raise AccountLoginError("Account is banned or closed.")
if account.password is None or not compare_password(password, account.password, account.password_salt):
raise AccountPasswordError("Invalid email or password.")
if account.status == AccountStatus.PENDING.value: if account.status == AccountStatus.PENDING.value:
account.status = AccountStatus.ACTIVE.value account.status = AccountStatus.ACTIVE.value
account.initialized_at = datetime.now(timezone.utc).replace(tzinfo=None) account.initialized_at = datetime.now(timezone.utc).replace(tzinfo=None)
db.session.commit() db.session.commit()
if account.password is None or not compare_password(password, account.password, account.password_salt):
raise AccountLoginError("Invalid email or password.")
return account return account
@staticmethod @staticmethod
@ -134,7 +136,9 @@ class AccountService:
) -> Account: ) -> Account:
"""create account""" """create account"""
if not dify_config.ALLOW_REGISTER: if not dify_config.ALLOW_REGISTER:
raise Unauthorized("Register is not allowed.") from controllers.console.error import NotAllowedRegister
raise NotAllowedRegister()
account = Account() account = Account()
account.email = email account.email = email
account.name = name account.name = name
@ -316,7 +320,9 @@ class TenantService:
def create_tenant(name: str) -> Tenant: def create_tenant(name: str) -> Tenant:
"""Create tenant""" """Create tenant"""
if not dify_config.ALLOW_CREATE_WORKSPACE: if not dify_config.ALLOW_CREATE_WORKSPACE:
raise Unauthorized("Create workspace is not allowed.") from controllers.console.error import NotAllowedCreateWorkspace
raise NotAllowedCreateWorkspace()
tenant = Tenant(name=name) tenant = Tenant(name=name)
db.session.add(tenant) db.session.add(tenant)