mirror of
https://github.com/eigent-ai/eigent.git
synced 2026-05-23 04:17:45 +00:00
4fb2e5db9a
Co-authored-by: Douglas <douglas.ym.lai@gmail.com> Co-authored-by: a7m-1st <ahmed.jimi.awelkair500@gmail.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Tong Chen <web_chentong@163.com>
100 lines
3 KiB
Python
100 lines
3 KiB
Python
# ========= Copyright 2025-2026 @ Eigent.ai All Rights Reserved. =========
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
# ========= Copyright 2025-2026 @ Eigent.ai All Rights Reserved. =========
|
|
|
|
import logging
|
|
import os
|
|
import secrets
|
|
|
|
from itsdangerous import URLSafeTimedSerializer
|
|
from pydantic import BaseModel
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
def _get_secret_key() -> str:
|
|
"""Return the share-token signing key.
|
|
|
|
Falls back to a random ephemeral key when the environment variable
|
|
is not set. A hardcoded default must never be used because the
|
|
source code is public and anyone could forge valid share tokens.
|
|
"""
|
|
key = os.getenv("CHAT_SHARE_SECRET_KEY")
|
|
if key:
|
|
return key
|
|
logger.warning(
|
|
"CHAT_SHARE_SECRET_KEY not set — using a random ephemeral key. "
|
|
"Share links will not survive server restarts. "
|
|
"Set the CHAT_SHARE_SECRET_KEY environment variable for persistence."
|
|
)
|
|
return secrets.token_urlsafe(32)
|
|
|
|
|
|
def _get_salt() -> str:
|
|
salt = os.getenv("CHAT_SHARE_SALT")
|
|
if salt:
|
|
return salt
|
|
return secrets.token_urlsafe(8)
|
|
|
|
|
|
class ChatShare:
|
|
SECRET_KEY = _get_secret_key()
|
|
SALT = _get_salt()
|
|
# Set expiration to 1 day
|
|
EXPIRATION_SECONDS = int(os.getenv("CHAT_SHARE_EXPIRATION_SECONDS", str(60 * 60 * 24)))
|
|
|
|
@classmethod
|
|
def generate_token(cls, task_id: str) -> str:
|
|
serializer = URLSafeTimedSerializer(cls.SECRET_KEY)
|
|
return serializer.dumps(task_id, salt=cls.SALT)
|
|
|
|
@classmethod
|
|
def verify_token(cls, token: str, check_expiration: bool = True) -> str:
|
|
"""
|
|
Verify token and return task_id
|
|
|
|
Args:
|
|
token: The token to verify
|
|
check_expiration: Whether to check token expiration (default: True)
|
|
|
|
Returns:
|
|
str: The task_id from the token
|
|
|
|
Raises:
|
|
Exception: If token is invalid or expired (when check_expiration=True)
|
|
"""
|
|
serializer = URLSafeTimedSerializer(cls.SECRET_KEY)
|
|
|
|
if check_expiration:
|
|
# Check expiration time
|
|
return serializer.loads(token, salt=cls.SALT, max_age=cls.EXPIRATION_SECONDS)
|
|
else:
|
|
# Don't check expiration time
|
|
return serializer.loads(token, salt=cls.SALT)
|
|
|
|
|
|
class ChatShareIn(BaseModel):
|
|
task_id: str
|
|
|
|
|
|
class ChatHistoryShareOut(BaseModel):
|
|
question: str
|
|
language: str
|
|
model_platform: str
|
|
model_type: str
|
|
max_retries: int
|
|
project_name: str | None = None
|
|
summary: str | None = None
|
|
|
|
class Config:
|
|
from_attributes = True
|