19 lines
1.2 KiB
Markdown
19 lines
1.2 KiB
Markdown
Task logs - 2025-12-04 12:45
|
|
|
|
- Actions:
|
|
- Audited codebase for tenant handling, header usage, webui state, ingestion endpoints and tests.
|
|
- Updated `specs/001-spec-improvements` with a Reality Check section and normalized header names to `X-Tenant-ID` and `X-KB-ID` throughout.
|
|
- Added pragmatic next steps and concrete file pointers for frontend and backend changes (no implementation performed).
|
|
|
|
- Key findings:
|
|
- Frontend already injects `X-Tenant-ID` / `X-KB-ID` headers using an axios interceptor (`lightrag_webui/src/api/client.ts`), driven by `localStorage` keys `SELECTED_TENANT` and `SELECTED_KB`.
|
|
- Backend has existing tenant dependency helpers (`lightrag/api/dependencies.py`) that read `X-Tenant-ID` and provide fallback logic.
|
|
- e2e tests and scripts already exercise multi-tenant behavior with header usage.
|
|
|
|
- Next steps:
|
|
- (If asked) Implement `tenantStateManager` in the WebUI and integrate with the existing interceptor.
|
|
- (If asked) Add server-side snapshot/share-token endpoints and tests.
|
|
|
|
- Notes and recommendations:
|
|
- Keep tenant IDs out of URLs and ensure server-side validation.
|
|
- Keep tenant identifiers opaque (UUID/numeric internal) and avoid storing secrets in client storage.
|