modify get_current_user to accept api_key as authentication method

langflow-ai / langflow

⛓️ Langflow is a visual framework for building multi-agent and RAG applications. It's open-source, Python-powered, fully customizable, LLM and vector store agnostic.

http://www.langflow.org

MIT License

18.48k stars 2.77k forks source link

modify get_current_user to accept api_key as authentication method #1108

Closed mrab72 closed 7 months ago

mrab72 commented 7 months ago

Regarding this feature request, I've created this PR. It lets the users call all the endpoints with their api_key. I updated the get_current_user function, and it checks the request headers to see whether the Bearer token is provided or api_key. Otherwise, it raise 401.

mrab72 commented 7 months ago

@ogabrielluiz, I passed the token to the Security and made it an input of the get_current_user method. Then I checked the docs, and the endpoints consider both oauth2 and api_key as authentication methods. Please let me know what you think about it.

ogabrielluiz commented 7 months ago

@mrab72 I think all it takes is something like this:

async def get_current_user(
    token: str = Security(oauth2_login),
    query_param: str = Security(api_key_query),
    header_param: str = Security(api_key_header),
    db: Session = Depends(get_session),
) -> User:
    try:
        return await get_current_user_by_jwt(token, db)
    except HTTPException as exc:
        if not query_param and not header_param:
            raise exc
        user = await api_key_security(query_param, header_param, db)
        if user:
            return user
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN,
            detail="Invalid or missing API key",
        )
    except Exception as exc:
        raise HTTPException(
            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
            detail="Internal server error",
        )

If there's an exception and there is no api key the exception should be raised. That will probably make the tests pass.

mrab72 commented 7 months ago

Ok, there is an incompatibility issue, will fix it.

mrab72 commented 7 months ago

@ogabrielluiz Regarding test failure does it use your OPENAI_API_KEY or I should set an environment variable? if it is using mine I just added the env so could you please rerun it?

ogabrielluiz commented 7 months ago

@mrab72 I think the problem with the test is a dependency of the oauth2 security. It seems it is missing the Request object or something like that.

FAILED tests/test_websocket.py::test_websocket_endpoint_after_build - TypeError: OAuth2PasswordBearer.__call__() missing 1 required positional argument: 'request'

ogabrielluiz commented 7 months ago

I've updated the OPENAI API key just in case

mrab72 commented 7 months ago

@ogabrielluiz hmm, weird, they're passing on my local machine...will check

ogabrielluiz commented 7 months ago

I'm on the road at the moment.

Are you running the tests with make tests?

If so, I can merge it then check once I get home.

mrab72 commented 7 months ago

Ok, no my mistake, I found it! It's the chat endpoint which is a websocket one and I'm not allowed to pass the Depend(get_current_user) will revert it.