From 36bbacf518a072c8745e1df06c3a059d390a39be Mon Sep 17 00:00:00 2001
From: shaohuzhang1 <80892890+shaohuzhang1@users.noreply.github.com>
Date: Tue, 30 Dec 2025 11:35:48 +0800
Subject: [PATCH] feat: Modify the dialogue apikey generation rules (#4583)

---
 apps/common/middleware/cross_domain_middleware.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/common/middleware/cross_domain_middleware.py b/apps/common/middleware/cross_domain_middleware.py
index dedfa1691..68ae82c16 100644
--- a/apps/common/middleware/cross_domain_middleware.py
+++ b/apps/common/middleware/cross_domain_middleware.py
@@ -25,7 +25,9 @@ class CrossDomainMiddleware(MiddlewareMixin):
     def process_response(self, request, response):
         auth = request.META.get('HTTP_AUTHORIZATION')
         origin = request.META.get('HTTP_ORIGIN')
-        if auth is not None and str(auth).startswith("Bearer application-") and origin is not None:
+
+        if auth is not None and any([str(auth).startswith(prefix) for prefix in
+                                     ['Bearer application-', 'Bearer agent-']]) and origin is not None:
             application_api_key = get_application_api_key(str(auth), True)
             cross_domain_list = application_api_key.get('cross_domain_list', [])
             allow_cross_domain = application_api_key.get('allow_cross_domain', False)