fix: no-auth mode jwt check

2025-09-18 15:23:10 -04:00 · 2025-09-18 15:23:10 -04:00 · 52dc2d1fad
commit 52dc2d1fad
parent b223f183ee
6 changed files with 19 additions and 22 deletions
--- a/src/api/chat.py
+++ b/src/api/chat.py
@ -18,8 +18,7 @@ async def chat_endpoint(request: Request, chat_service, session_manager):
    user = request.state.user
    user_id = user.user_id
-    # Get JWT token from auth middleware
+    jwt_token = session_manager.get_effective_jwt_token(user_id, request.state.jwt_token)
    jwt_token = request.state.jwt_token
    if not prompt:
        return JSONResponse({"error": "Prompt is required"}, status_code=400)
@ -76,8 +75,7 @@ async def langflow_endpoint(request: Request, chat_service, session_manager):
    user = request.state.user
    user_id = user.user_id
-    # Get JWT token from auth middleware
+    jwt_token = session_manager.get_effective_jwt_token(user_id, request.state.jwt_token)
    jwt_token = request.state.jwt_token
    if not prompt:
        return JSONResponse({"error": "Prompt is required"}, status_code=400)
--- a/src/api/connectors.py
+++ b/src/api/connectors.py
@ -31,7 +31,7 @@ async def connector_sync(request: Request, connector_service, session_manager):
            max_files=max_files,
        )
        user = request.state.user
-        jwt_token = request.state.jwt_token
+        jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
        # Get all active connections for this connector type and user
        connections = await connector_service.connection_manager.list_connections(
--- a/src/api/knowledge_filter.py
+++ b/src/api/knowledge_filter.py
@ -26,7 +26,7 @@ async def create_knowledge_filter(
        return JSONResponse({"error": "Query data is required"}, status_code=400)
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    # Create knowledge filter document
    filter_id = str(uuid.uuid4())
@ -70,7 +70,7 @@ async def search_knowledge_filters(
    limit = payload.get("limit", 20)
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    result = await knowledge_filter_service.search_knowledge_filters(
        query, user_id=user.user_id, jwt_token=jwt_token, limit=limit
@ -101,7 +101,7 @@ async def get_knowledge_filter(
        )
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    result = await knowledge_filter_service.get_knowledge_filter(
        filter_id, user_id=user.user_id, jwt_token=jwt_token
@ -136,7 +136,7 @@ async def update_knowledge_filter(
    payload = await request.json()
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    # First, get the existing knowledge filter
    existing_result = await knowledge_filter_service.get_knowledge_filter(
@ -205,7 +205,7 @@ async def delete_knowledge_filter(
        )
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    result = await knowledge_filter_service.delete_knowledge_filter(
        filter_id, user_id=user.user_id, jwt_token=jwt_token
@ -239,7 +239,7 @@ async def subscribe_to_knowledge_filter(
    payload = await request.json()
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    # Get the knowledge filter to validate it exists and get its details
    filter_result = await knowledge_filter_service.get_knowledge_filter(
@ -309,7 +309,7 @@ async def list_knowledge_filter_subscriptions(
        )
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    result = await knowledge_filter_service.get_filter_subscriptions(
        filter_id, user_id=user.user_id, jwt_token=jwt_token
@ -341,7 +341,7 @@ async def cancel_knowledge_filter_subscription(
        )
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    # Get subscription details to find the monitor ID
    subscriptions_result = await knowledge_filter_service.get_filter_subscriptions(
--- a/src/api/nudges.py
+++ b/src/api/nudges.py
@ -9,7 +9,7 @@ async def nudges_from_kb_endpoint(request: Request, chat_service, session_manage
    """Get nudges for a user"""
    user = request.state.user
    user_id = user.user_id
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user_id, request.state.jwt_token)
    try:
        result = await chat_service.langflow_nudges_chat(
@ -28,7 +28,8 @@ async def nudges_from_chat_id_endpoint(request: Request, chat_service, session_m
    user = request.state.user
    user_id = user.user_id
    chat_id = request.path_params["chat_id"]
-    jwt_token = request.state.jwt_token
+
    jwt_token = session_manager.get_effective_jwt_token(user_id, request.state.jwt_token)
    try:
        result = await chat_service.langflow_nudges_chat(
--- a/src/api/search.py
+++ b/src/api/search.py
@ -20,8 +20,7 @@ async def search(request: Request, search_service, session_manager):
        )  # Optional score threshold, defaults to 0
        user = request.state.user
-        # Extract JWT token from auth middleware
+        jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
        jwt_token = request.state.jwt_token
        logger.debug(
            "Search API request",
--- a/src/api/upload.py
+++ b/src/api/upload.py
@ -11,7 +11,7 @@ async def upload(request: Request, document_service, session_manager):
        form = await request.form()
        upload_file = form["file"]
        user = request.state.user
-        jwt_token = request.state.jwt_token
+        jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
        from config.settings import is_no_auth_mode
@ -60,7 +60,7 @@ async def upload_path(request: Request, task_service, session_manager):
        return JSONResponse({"error": "No files found in directory"}, status_code=400)
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    from config.settings import is_no_auth_mode
@ -100,8 +100,7 @@ async def upload_context(
    previous_response_id = form.get("previous_response_id")
    endpoint = form.get("endpoint", "langflow")
-    # Get JWT token from auth middleware
+    jwt_token = session_manager.get_effective_jwt_token(user_id, request.state.jwt_token)
    jwt_token = request.state.jwt_token
    # Get user info from request state (set by auth middleware)
    user = request.state.user
@ -169,7 +168,7 @@ async def upload_bucket(request: Request, task_service, session_manager):
        return JSONResponse({"error": "No files found in bucket"}, status_code=400)
    user = request.state.user
-    jwt_token = request.state.jwt_token
+    jwt_token = session_manager.get_effective_jwt_token(user.user_id, request.state.jwt_token)
    from models.processors import S3FileProcessor
    from config.settings import is_no_auth_mode