gmakstutis/ragflow
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[OND211-2329]: Updated create user and update user API's to handle auth.

Browse source
This commit is contained in:
Hetavi Shah 2025-11-12 17:28:28 +05:30
parent d50c085196
commit de8dcf49b7
1 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
api/apps/user_app.py
View file

@ -754,7 +754,7 @@ def user_add():
@manager.route("/create", methods=["POST"]) # noqa: F821 @manager.route("/create", methods=["POST"]) # noqa: F821
# @login_required @login_required
@validate_request("nickname", "email", "password") @validate_request("nickname", "email", "password")
def create_user() -> Response: def create_user() -> Response:
""" """
@ -890,11 +890,11 @@ def create_user() -> Response:
@manager.route("/update", methods=["PUT"]) # noqa: F821 @manager.route("/update", methods=["PUT"]) # noqa: F821
# @login_required @login_required
@validate_request() @validate_request()
def update_user() -> Response: def update_user() -> Response:
""" """
Update an existing user. Update an existing user. Users can only update their own account.
--- ---
tags: tags:
- User - User
@ -1014,6 +1014,14 @@ def update_user() -> Response:
code=RetCode.DATA_ERROR, code=RetCode.DATA_ERROR,
) )
# Ensure user can only update themselves
if user.id != current_user.id:
return get_json_result(
data=False,
message="You can only update your own account!",
code=RetCode.FORBIDDEN,
)
# Build update dictionary # Build update dictionary
update_dict: Dict[str, Any] = {} update_dict: Dict[str, Any] = {}