mirror of
https://github.com/infiniflow/ragflow.git
synced 2026-07-18 21:57:27 +08:00
Go: fix auth issue in hybrid mode (#14611)
### What problem does this PR solve? Since secret key get and set logic is updated, the go server also need to update. ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue) --------- Signed-off-by: Jin Hai <haijin.chn@gmail.com>
This commit is contained in:
@@ -36,6 +36,7 @@ const DefaultConnectTimeout = 5 * time.Second
|
||||
// Config application configuration
|
||||
type Config struct {
|
||||
Server ServerConfig `mapstructure:"server"`
|
||||
Authentication AuthenticationConfig `mapstructure:"authentication"`
|
||||
Database DatabaseConfig `mapstructure:"database"`
|
||||
Redis RedisConfig `mapstructure:"redis"`
|
||||
Log LogConfig `mapstructure:"log"`
|
||||
@@ -55,6 +56,11 @@ type AdminConfig struct {
|
||||
Port int `mapstructure:"http_port"`
|
||||
}
|
||||
|
||||
type AuthenticationConfig struct {
|
||||
DisablePasswordLogin bool `mapstructure:"disable_password_login"`
|
||||
RegisterEnabled bool `mapstructure:"register_enabled"`
|
||||
}
|
||||
|
||||
type DefaultSuperUser struct {
|
||||
Email string `mapstructure:"email"`
|
||||
Password string `mapstructure:"password"`
|
||||
@@ -91,8 +97,9 @@ type OAuthConfig struct {
|
||||
|
||||
// ServerConfig server configuration
|
||||
type ServerConfig struct {
|
||||
Mode string `mapstructure:"mode"` // debug, release
|
||||
Port int `mapstructure:"port"`
|
||||
Mode string `mapstructure:"mode"` // debug, release
|
||||
Port int `mapstructure:"port"`
|
||||
SecretKey *string `mapstructure:"secret_key"`
|
||||
}
|
||||
|
||||
// DatabaseConfig database configuration
|
||||
@@ -372,6 +379,31 @@ func Init(configPath string) error {
|
||||
}
|
||||
|
||||
func FromEnvironments() error {
|
||||
// Secret key
|
||||
if envVal := os.Getenv("RAGFLOW_SECRET_KEY"); envVal != "" {
|
||||
globalConfig.Server.SecretKey = &envVal
|
||||
}
|
||||
|
||||
// Load REGISTER_ENABLED from environment variable (default: true)
|
||||
if envVal := os.Getenv("REGISTER_ENABLED"); envVal != "" {
|
||||
str := strings.ToLower(envVal)
|
||||
if str == "true" || str == "1" || str == "yes" {
|
||||
globalConfig.Authentication.RegisterEnabled = true
|
||||
} else {
|
||||
globalConfig.Authentication.RegisterEnabled = false
|
||||
}
|
||||
}
|
||||
|
||||
// Load DISABLE_PASSWORD_LOGIN from environment variable (default: false)
|
||||
if envVal := os.Getenv("DISABLE_PASSWORD_LOGIN"); envVal != "" {
|
||||
str := strings.ToLower(envVal)
|
||||
if str == "true" || str == "1" || str == "yes" {
|
||||
globalConfig.Authentication.DisablePasswordLogin = true
|
||||
} else {
|
||||
globalConfig.Authentication.DisablePasswordLogin = false
|
||||
}
|
||||
}
|
||||
|
||||
// Doc engine
|
||||
docEngine := strings.ToLower(os.Getenv("DOC_ENGINE"))
|
||||
switch docEngine {
|
||||
@@ -535,14 +567,23 @@ func FromConfigFile(configPath string) error {
|
||||
globalConfig.Admin.Port += 2
|
||||
}
|
||||
|
||||
// Load REGISTER_ENABLED from environment variable (default: 1)
|
||||
registerEnabled := 1
|
||||
if envVal := os.Getenv("REGISTER_ENABLED"); envVal != "" {
|
||||
if parsed, err := strconv.Atoi(envVal); err == nil {
|
||||
registerEnabled = parsed
|
||||
// authentication section
|
||||
if globalConfig != nil {
|
||||
// Try to map from mysql section
|
||||
globalConfig.Authentication.DisablePasswordLogin = false
|
||||
globalConfig.Authentication.RegisterEnabled = true
|
||||
if v.IsSet("authentication") {
|
||||
authenticationConfig := v.Sub("authentication")
|
||||
if authenticationConfig != nil {
|
||||
if authenticationConfig.IsSet("disable_password_login") {
|
||||
globalConfig.Authentication.DisablePasswordLogin = authenticationConfig.GetBool("disable_password_login")
|
||||
}
|
||||
if authenticationConfig.IsSet("enable_register") {
|
||||
globalConfig.Authentication.RegisterEnabled = authenticationConfig.GetBool("enable_register")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
globalConfig.RegisterEnabled = registerEnabled
|
||||
|
||||
// If we loaded service_conf.yaml, map mysql fields to DatabaseConfig
|
||||
if globalConfig != nil && globalConfig.Database.Host == "" {
|
||||
@@ -573,6 +614,10 @@ func FromConfigFile(configPath string) error {
|
||||
if globalConfig.Server.Mode == "" {
|
||||
globalConfig.Server.Mode = "release"
|
||||
}
|
||||
secretKey := ragflowConfig.GetString("secret_key")
|
||||
if secretKey != "" {
|
||||
globalConfig.Server.SecretKey = &secretKey
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@ import (
|
||||
// Variables holds all runtime variables that can be changed during system operation
|
||||
// Unlike Config, these can be modified at runtime
|
||||
type Variables struct {
|
||||
SecretKey string `json:"secret_key"`
|
||||
//SecretKey string `json:"secret_key"`
|
||||
}
|
||||
|
||||
// VariableStore interface for persistent storage (e.g., Redis)
|
||||
@@ -62,19 +62,20 @@ func InitVariables(store VariableStore) error {
|
||||
variablesOnce.Do(func() {
|
||||
globalVariables = &Variables{}
|
||||
|
||||
generatedKey, err := utility.GenerateSecretKey()
|
||||
if err != nil {
|
||||
initErr = fmt.Errorf("failed to generate secret key: %w", err)
|
||||
}
|
||||
|
||||
// Initialize SecretKey
|
||||
secretKey, err := GetOrCreateKey(store, SecretKeyRedisKey, generatedKey)
|
||||
if err != nil {
|
||||
initErr = fmt.Errorf("failed to initialize secret key: %w", err)
|
||||
} else {
|
||||
globalVariables.SecretKey = secretKey
|
||||
common.Info("Secret key initialized from store")
|
||||
}
|
||||
//// secret key
|
||||
//generatedKey, err := utility.GenerateSecretKey()
|
||||
//if err != nil {
|
||||
// initErr = fmt.Errorf("failed to generate secret key: %w", err)
|
||||
//}
|
||||
//
|
||||
//// Initialize SecretKey
|
||||
//secretKey, err := GetOrCreateKey(store, SecretKeyRedisKey, generatedKey)
|
||||
//if err != nil {
|
||||
// initErr = fmt.Errorf("failed to initialize secret key: %w", err)
|
||||
//} else {
|
||||
// globalVariables.SecretKey = secretKey
|
||||
// common.Info("Secret key initialized from store")
|
||||
//}
|
||||
|
||||
common.Info("Server variables initialized successfully")
|
||||
})
|
||||
@@ -82,31 +83,39 @@ func InitVariables(store VariableStore) error {
|
||||
}
|
||||
|
||||
// GetVariables returns the global variables instance
|
||||
func GetVariables() *Variables {
|
||||
variablesMu.RLock()
|
||||
defer variablesMu.RUnlock()
|
||||
return globalVariables
|
||||
}
|
||||
//func GetVariables() *Variables {
|
||||
// variablesMu.RLock()
|
||||
// defer variablesMu.RUnlock()
|
||||
// return globalVariables
|
||||
//}
|
||||
|
||||
// GetSecretKey returns the current secret key
|
||||
func GetSecretKey() string {
|
||||
variablesMu.RLock()
|
||||
defer variablesMu.RUnlock()
|
||||
if globalVariables == nil {
|
||||
return DefaultSecretKey
|
||||
func GetSecretKey(store VariableStore) (string, error) {
|
||||
if globalConfig.Server.SecretKey != nil {
|
||||
return *globalConfig.Server.SecretKey, nil
|
||||
}
|
||||
return globalVariables.SecretKey
|
||||
|
||||
generatedKey, err := utility.GenerateSecretKey()
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to generate secret key: %w", err)
|
||||
}
|
||||
|
||||
secretKey, err := GetOrCreateKey(store, SecretKeyRedisKey, generatedKey)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to get secret key: %w", err)
|
||||
}
|
||||
return secretKey, nil
|
||||
}
|
||||
|
||||
// SetSecretKey updates the secret key at runtime
|
||||
func SetSecretKey(key string) {
|
||||
variablesMu.Lock()
|
||||
defer variablesMu.Unlock()
|
||||
if globalVariables != nil {
|
||||
globalVariables.SecretKey = key
|
||||
common.Info("Secret key updated at runtime")
|
||||
}
|
||||
}
|
||||
//func SetSecretKey(key string) {
|
||||
// variablesMu.Lock()
|
||||
// defer variablesMu.Unlock()
|
||||
// if globalVariables != nil {
|
||||
// globalVariables.SecretKey = key
|
||||
// common.Info("Secret key updated at runtime")
|
||||
// }
|
||||
//}
|
||||
|
||||
// GetOrCreateKey gets a key from store, or creates it if not exists
|
||||
// - If key exists in store, returns the stored value
|
||||
@@ -178,7 +187,7 @@ func RefreshVariables(store VariableStore) error {
|
||||
return err
|
||||
}
|
||||
if secretKey != "" {
|
||||
globalVariables.SecretKey = secretKey
|
||||
//globalVariables.SecretKey = secretKey
|
||||
common.Info("Secret key refreshed from store")
|
||||
}
|
||||
|
||||
@@ -244,9 +253,9 @@ func SaveToStorage(store VariableStore) error {
|
||||
}
|
||||
|
||||
// Save SecretKey
|
||||
if !store.Set(SecretKeyRedisKey, globalVariables.SecretKey, SecretKeyTTL) {
|
||||
return fmt.Errorf("failed to save secret key to store")
|
||||
}
|
||||
//if !store.Set(SecretKeyRedisKey, globalVariables.SecretKey, SecretKeyTTL) {
|
||||
// return fmt.Errorf("failed to save secret key to store")
|
||||
//}
|
||||
|
||||
common.Info("Variables saved to storage")
|
||||
return nil
|
||||
|
||||
Reference in New Issue
Block a user