panyy
/
UnisKB
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
UnisKB/apps/common/middleware/static_headers_middleware.py

50 lines
2.3 KiB
Python
Raw Normal View History

fix: 白名单逻辑修改
2024-03-13 13:50:57 +00:00
# coding=utf-8
"""
@project: maxkb
@Author
@file static_headers_middleware.py
@date2024/3/13 18:26
@desc:
"""
from django.db.models import QuerySet
from django.utils.deprecation import MiddlewareMixin
from application.models.api_key_model import ApplicationAccessToken
refactor: 重构部分代码 (#864)
2024-07-25 02:41:38 +00:00
from common.constants.cache_code_constants import CacheCodeConstants
from common.util.cache_util import get_cache
@get_cache(cache_key=lambda access_token, use_get_data: access_token,
use_get_data=lambda access_token, use_get_data: use_get_data,
version=CacheCodeConstants.APPLICATION_ACCESS_TOKEN_CACHE.value)
def get_application_access_token(access_token, use_get_data):
application_access_token = QuerySet(ApplicationAccessToken).filter(access_token=access_token).first()
if application_access_token is None:
return None
return {'white_active': application_access_token.white_active,
'white_list': application_access_token.white_list,
'application_icon': application_access_token.application.icon,
'application_name': application_access_token.application.name}
fix: 白名单逻辑修改
2024-03-13 13:50:57 +00:00
class StaticHeadersMiddleware(MiddlewareMixin):
def process_response(self, request, response):
if request.path.startswith('/ui/chat/'):
access_token = request.path.replace('/ui/chat/', '')
refactor: 重构部分代码 (#864)
2024-07-25 02:41:38 +00:00
application_access_token = get_application_access_token(access_token, True)
feat: 【应用】支持自定义上传应用的logo #54 * feat: 【知识库】本地上传的文档内带的图片能同步到 maxkb 里 #69 * feat: 【应用】支持自定义上传应用的logo #54
2024-04-23 11:03:34 +00:00
if application_access_token is not None:
refactor: 重构部分代码 (#864)
2024-07-25 02:41:38 +00:00
white_active = application_access_token.get('white_active', False)
white_list = application_access_token.get('white_list', [])
application_icon = application_access_token.get('application_icon')
application_name = application_access_token.get('application_name')
if white_active:
feat: 【应用】支持自定义上传应用的logo #54 * feat: 【知识库】本地上传的文档内带的图片能同步到 maxkb 里 #69 * feat: 【应用】支持自定义上传应用的logo #54
2024-04-23 11:03:34 +00:00
# 添加自定义的响应头
response[
refactor: 重构部分代码 (#864)
2024-07-25 02:41:38 +00:00
'Content-Security-Policy'] = f'frame-ancestors {" ".join(white_list)}'
feat: 【应用】支持自定义上传应用的logo #54 * feat: 【知识库】本地上传的文档内带的图片能同步到 maxkb 里 #69 * feat: 【应用】支持自定义上传应用的logo #54
2024-04-23 11:03:34 +00:00
response.content = (response.content.decode('utf-8').replace(
'<link rel="icon" href="/ui/favicon.ico" />',
refactor: 重构部分代码 (#864)
2024-07-25 02:41:38 +00:00
f'<link rel="icon" href="{application_icon}" />')
.replace('<title>MaxKB</title>', f'<title>{application_name}</title>').encode(
feat: 【应用】支持自定义上传应用的logo #54 * feat: 【知识库】本地上传的文档内带的图片能同步到 maxkb 里 #69 * feat: 【应用】支持自定义上传应用的logo #54
2024-04-23 11:03:34 +00:00
"utf-8"))
fix: 白名单逻辑修改
2024-03-13 13:50:57 +00:00
return response