2026-03-24 20:08:36 +08:00
|
|
|
//
|
|
|
|
|
// Copyright 2026 The InfiniFlow Authors. All Rights Reserved.
|
|
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
//
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
//
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
//
|
|
|
|
|
|
|
|
|
|
package handler
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
"ragflow/internal/dao"
|
2026-03-27 19:25:18 +08:00
|
|
|
"ragflow/internal/entity"
|
|
|
|
|
|
2026-03-24 20:08:36 +08:00
|
|
|
"ragflow/internal/service"
|
|
|
|
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
)
|
|
|
|
|
|
2026-06-24 16:50:40 +08:00
|
|
|
func (h *SystemHandler) ListAPIKeys(c *gin.Context) {
|
2026-03-24 20:08:36 +08:00
|
|
|
// Get current user from context
|
|
|
|
|
user, exists := c.Get("user")
|
|
|
|
|
if !exists {
|
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{
|
|
|
|
|
"code": 401,
|
|
|
|
|
"message": "Unauthorized",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-27 19:25:18 +08:00
|
|
|
userModel, ok := user.(*entity.User)
|
2026-03-24 20:08:36 +08:00
|
|
|
if !ok {
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{
|
|
|
|
|
"code": 500,
|
|
|
|
|
"message": "Invalid user data",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get user's tenant with owner role
|
|
|
|
|
userTenantDAO := dao.NewUserTenantDAO()
|
|
|
|
|
tenants, err := userTenantDAO.GetByUserIDAndRole(userModel.ID, "owner")
|
|
|
|
|
if err != nil || len(tenants) == 0 {
|
|
|
|
|
c.JSON(http.StatusBadRequest, gin.H{
|
|
|
|
|
"code": 400,
|
|
|
|
|
"message": "Tenant not found",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tenantID := tenants[0].TenantID
|
|
|
|
|
|
2026-06-24 16:50:40 +08:00
|
|
|
// Get keys for the tenant
|
|
|
|
|
keys, err := h.systemService.ListAPIKeys(tenantID)
|
2026-03-24 20:08:36 +08:00
|
|
|
if err != nil {
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{
|
|
|
|
|
"code": 500,
|
2026-06-24 16:50:40 +08:00
|
|
|
"message": "Failed to list keys",
|
2026-03-24 20:08:36 +08:00
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
|
|
|
"code": 0,
|
|
|
|
|
"message": "success",
|
2026-06-24 16:50:40 +08:00
|
|
|
"data": keys,
|
2026-03-24 20:08:36 +08:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-24 16:50:40 +08:00
|
|
|
func (h *SystemHandler) CreateKey(c *gin.Context) {
|
2026-03-24 20:08:36 +08:00
|
|
|
// Get current user from context
|
|
|
|
|
user, exists := c.Get("user")
|
|
|
|
|
if !exists {
|
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{
|
|
|
|
|
"code": 401,
|
|
|
|
|
"message": "Unauthorized",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-27 19:25:18 +08:00
|
|
|
userModel, ok := user.(*entity.User)
|
2026-03-24 20:08:36 +08:00
|
|
|
if !ok {
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{
|
|
|
|
|
"code": 500,
|
|
|
|
|
"message": "Invalid user data",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get user's tenant with owner role
|
|
|
|
|
userTenantDAO := dao.NewUserTenantDAO()
|
|
|
|
|
tenants, err := userTenantDAO.GetByUserIDAndRole(userModel.ID, "owner")
|
|
|
|
|
if err != nil || len(tenants) == 0 {
|
|
|
|
|
c.JSON(http.StatusBadRequest, gin.H{
|
|
|
|
|
"code": 400,
|
|
|
|
|
"message": "Tenant not found",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tenantID := tenants[0].TenantID
|
|
|
|
|
|
|
|
|
|
// Parse request
|
2026-06-24 16:50:40 +08:00
|
|
|
var req service.CreateAPIKeyRequest
|
2026-03-24 20:08:36 +08:00
|
|
|
if err := c.ShouldBind(&req); err != nil {
|
|
|
|
|
c.JSON(http.StatusBadRequest, gin.H{
|
|
|
|
|
"code": 400,
|
|
|
|
|
"message": "Invalid request",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-24 16:50:40 +08:00
|
|
|
// Create key
|
|
|
|
|
key, err := h.systemService.CreateAPIKey(tenantID, &req)
|
2026-03-24 20:08:36 +08:00
|
|
|
if err != nil {
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{
|
|
|
|
|
"code": 500,
|
2026-06-24 16:50:40 +08:00
|
|
|
"message": "Failed to create key",
|
2026-03-24 20:08:36 +08:00
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
|
|
|
"code": 0,
|
|
|
|
|
"message": "success",
|
2026-06-24 16:50:40 +08:00
|
|
|
"data": key,
|
2026-03-24 20:08:36 +08:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-24 16:50:40 +08:00
|
|
|
func (h *SystemHandler) DeleteKey(c *gin.Context) {
|
2026-03-24 20:08:36 +08:00
|
|
|
// Get current user from context
|
|
|
|
|
user, exists := c.Get("user")
|
|
|
|
|
if !exists {
|
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{
|
|
|
|
|
"code": 401,
|
|
|
|
|
"message": "Unauthorized",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2026-03-27 19:25:18 +08:00
|
|
|
userModel, ok := user.(*entity.User)
|
2026-03-24 20:08:36 +08:00
|
|
|
if !ok {
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{
|
|
|
|
|
"code": 500,
|
|
|
|
|
"message": "Invalid user data",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get user's tenant with owner role
|
|
|
|
|
userTenantDAO := dao.NewUserTenantDAO()
|
|
|
|
|
tenants, err := userTenantDAO.GetByUserIDAndRole(userModel.ID, "owner")
|
|
|
|
|
if err != nil || len(tenants) == 0 {
|
|
|
|
|
c.JSON(http.StatusBadRequest, gin.H{
|
|
|
|
|
"code": 400,
|
|
|
|
|
"message": "Tenant not found",
|
|
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tenantID := tenants[0].TenantID
|
|
|
|
|
|
2026-06-24 16:50:40 +08:00
|
|
|
// Get key from path parameter
|
|
|
|
|
key := c.Param("key")
|
|
|
|
|
if key == "" {
|
2026-03-24 20:08:36 +08:00
|
|
|
c.JSON(http.StatusBadRequest, gin.H{
|
|
|
|
|
"code": 400,
|
2026-06-24 16:50:40 +08:00
|
|
|
"message": "Key is required",
|
2026-03-24 20:08:36 +08:00
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2026-06-24 16:50:40 +08:00
|
|
|
// Delete key
|
|
|
|
|
if err = h.systemService.DeleteAPIKey(tenantID, key); err != nil {
|
2026-03-24 20:08:36 +08:00
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{
|
|
|
|
|
"code": 500,
|
2026-06-24 16:50:40 +08:00
|
|
|
"message": "Failed to delete key",
|
2026-03-24 20:08:36 +08:00
|
|
|
})
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
|
|
|
"code": 0,
|
|
|
|
|
"message": "success",
|
|
|
|
|
"data": true,
|
|
|
|
|
})
|
|
|
|
|
}
|
