aki-008
commited on
Commit
·
1591012
1
Parent(s):
4f1509d
fix: enable query param auth for pdf viewer
Browse files- Backend/app/api/deps.py +16 -5
- Frontend/src/pages/note.tsx +4 -2
Backend/app/api/deps.py
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
from fastapi import Depends, HTTPException, status
|
| 2 |
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
|
| 3 |
from sqlalchemy.ext.asyncio import AsyncSession
|
| 4 |
from sqlalchemy import select
|
|
@@ -9,8 +9,9 @@ from app.config import settings
|
|
| 9 |
from fastapi import Request
|
| 10 |
from chromadb import AsyncHttpClient
|
| 11 |
from chromadb.api.models.Collection import Collection
|
|
|
|
| 12 |
|
| 13 |
-
security
|
| 14 |
|
| 15 |
async def get_db():
|
| 16 |
async with async_session_maker() as session:
|
|
@@ -25,17 +26,27 @@ async def get_db():
|
|
| 25 |
|
| 26 |
|
| 27 |
async def get_current_user(
|
| 28 |
-
credentials: HTTPAuthorizationCredentials = Depends(security),
|
|
|
|
| 29 |
db: AsyncSession = Depends(get_db)
|
| 30 |
) -> User:
|
|
|
|
| 31 |
credentials_exception = HTTPException(
|
| 32 |
status_code=status.HTTP_401_UNAUTHORIZED,
|
| 33 |
-
detail="
|
| 34 |
headers={"WWW-Authenticate": "Bearer"},
|
| 35 |
)
|
| 36 |
|
| 37 |
-
|
|
|
|
| 38 |
token = credentials.credentials
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 39 |
payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM])
|
| 40 |
username: str = payload.get("sub")
|
| 41 |
if username is None:
|
|
|
|
| 1 |
+
from fastapi import Depends, HTTPException, status, Query
|
| 2 |
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
|
| 3 |
from sqlalchemy.ext.asyncio import AsyncSession
|
| 4 |
from sqlalchemy import select
|
|
|
|
| 9 |
from fastapi import Request
|
| 10 |
from chromadb import AsyncHttpClient
|
| 11 |
from chromadb.api.models.Collection import Collection
|
| 12 |
+
from typing import Optional
|
| 13 |
|
| 14 |
+
security = HTTPBearer(auto_error=False)
|
| 15 |
|
| 16 |
async def get_db():
|
| 17 |
async with async_session_maker() as session:
|
|
|
|
| 26 |
|
| 27 |
|
| 28 |
async def get_current_user(
|
| 29 |
+
credentials: Optional[HTTPAuthorizationCredentials] = Depends(security),
|
| 30 |
+
token_query: Optional[str] = Query(None, alias="token"),
|
| 31 |
db: AsyncSession = Depends(get_db)
|
| 32 |
) -> User:
|
| 33 |
+
|
| 34 |
credentials_exception = HTTPException(
|
| 35 |
status_code=status.HTTP_401_UNAUTHORIZED,
|
| 36 |
+
detail="Could not validate credentials",
|
| 37 |
headers={"WWW-Authenticate": "Bearer"},
|
| 38 |
)
|
| 39 |
|
| 40 |
+
token = None
|
| 41 |
+
if credentials:
|
| 42 |
token = credentials.credentials
|
| 43 |
+
elif token_query:
|
| 44 |
+
token = token_query
|
| 45 |
+
|
| 46 |
+
if not token:
|
| 47 |
+
raise credentials_exception
|
| 48 |
+
|
| 49 |
+
try:
|
| 50 |
payload = jwt.decode(token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM])
|
| 51 |
username: str = payload.get("sub")
|
| 52 |
if username is None:
|
Frontend/src/pages/note.tsx
CHANGED
|
@@ -191,7 +191,10 @@ const Notes: React.FC = () => {
|
|
| 191 |
setSessionId(null);
|
| 192 |
setIsChatOpen(true);
|
| 193 |
|
| 194 |
-
const
|
|
|
|
|
|
|
|
|
|
| 195 |
setPdfUrl(secureUrl);
|
| 196 |
|
| 197 |
try {
|
|
@@ -222,7 +225,6 @@ const Notes: React.FC = () => {
|
|
| 222 |
console.error("Failed to init chat", error);
|
| 223 |
}
|
| 224 |
};
|
| 225 |
-
|
| 226 |
const handleSendMessage = async () => {
|
| 227 |
if (!inputMessage.trim() || !sessionId) return;
|
| 228 |
const userMsg = inputMessage;
|
|
|
|
| 191 |
setSessionId(null);
|
| 192 |
setIsChatOpen(true);
|
| 193 |
|
| 194 |
+
const token = localStorage.getItem("token");
|
| 195 |
+
|
| 196 |
+
const secureUrl = `${getNoteContentUrl(note.id)}?token=${token}`;
|
| 197 |
+
|
| 198 |
setPdfUrl(secureUrl);
|
| 199 |
|
| 200 |
try {
|
|
|
|
| 225 |
console.error("Failed to init chat", error);
|
| 226 |
}
|
| 227 |
};
|
|
|
|
| 228 |
const handleSendMessage = async () => {
|
| 229 |
if (!inputMessage.trim() || !sessionId) return;
|
| 230 |
const userMsg = inputMessage;
|