feat: doc auth (#2752)

2025-12-25 17:22:55 +00:00 · 2025-03-31 19:02:56 +08:00 · 2025-03-31 19:02:56 +08:00 · e7c3169898
parent 2612894557
commit e7c3169898
3 changed files with 75 additions and 3 deletions
--- a/apps/common/middleware/doc_headers_middleware.py
+++ b/apps/common/middleware/doc_headers_middleware.py
@ -0,0 +1,62 @@
+# coding=utf-8
+"""
+    @project: maxkb
+    @Author：虎
+    @file： static_headers_middleware.py
+    @date：2024/3/13 18:26
+    @desc:
+"""
+from django.http import HttpResponse
+from django.utils.deprecation import MiddlewareMixin
+
+content = """
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Document</title>
+    <script>
+      window.onload = () => {
+        var xhr = new XMLHttpRequest()
+        xhr.open('GET', '/api/user', true)
+
+        xhr.setRequestHeader('Content-Type', 'application/json')
+        const token = localStorage.getItem('token')
+        const pathname = window.location.pathname
+        if (token) {
+          xhr.setRequestHeader('Authorization', token)
+          xhr.onreadystatechange = function () {
+            if (xhr.readyState === 4) {
+              if (xhr.status === 200) {
+                window.location.href = pathname
+              }
+              if (xhr.status === 401) {
+                window.location.href = '/ui/login'
+              }
+            }
+          }
+
+          xhr.send()
+        } else {
+          window.location.href = '/ui/login'
+        }
+      }
+    </script>
+  </head>
+  <body></body>
+</html>
+
+"""
+
+
+class DocHeadersMiddleware(MiddlewareMixin):
+    def process_response(self, request, response):
+        if request.path.startswith('/doc/') or request.path.startswith('/doc/chat/'):
+            HTTP_REFERER = request.META.get('HTTP_REFERER')
+            if HTTP_REFERER is None:
+                return HttpResponse(content)
+            if HTTP_REFERER == request._current_scheme_host + request.path:
+                return response
+        return response
--- a/apps/smartdoc/settings/base.py
+++ b/apps/smartdoc/settings/base.py
@ -57,8 +57,8 @@ MIDDLEWARE = [
    'django.contrib.messages.middleware.MessageMiddleware',
    'common.middleware.gzip.GZipMiddleware',
    'common.middleware.static_headers_middleware.StaticHeadersMiddleware',
-    'common.middleware.cross_domain_middleware.CrossDomainMiddleware'
-
+    'common.middleware.cross_domain_middleware.CrossDomainMiddleware',
+    'common.middleware.doc_headers_middleware.DocHeadersMiddleware'
 ]

 JWT_AUTH = {
--- a/ui/vite.config.ts
+++ b/ui/vite.config.ts
@ -9,13 +9,23 @@ const envDir = './env'
 // https://vitejs.dev/config/
 export default defineConfig(({ mode }) => {
  const ENV = loadEnv(mode, envDir)
-  const prefix = process.env.VITE_DYNAMIC_PREFIX || ENV.VITE_BASE_PATH;
+  const prefix = process.env.VITE_DYNAMIC_PREFIX || ENV.VITE_BASE_PATH
  const proxyConf: Record<string, string | ProxyOptions> = {}
  proxyConf['/api'] = {
    target: 'http://127.0.0.1:8080',
    changeOrigin: true,
    rewrite: (path) => path.replace(ENV.VITE_BASE_PATH, '/')
  }
+  proxyConf['/doc'] = {
+    target: 'http://127.0.0.1:8080',
+    changeOrigin: true,
+    rewrite: (path) => path.replace(ENV.VITE_BASE_PATH, '/')
+  }
+  proxyConf['/static'] = {
+    target: 'http://127.0.0.1:8080',
+    changeOrigin: true,
+    rewrite: (path) => path.replace(ENV.VITE_BASE_PATH, '/')
+  }
  return {
    preflight: false,
    lintOnSave: false,