gmakstutis/ragflow
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ragflow/api
History
Chaoxi Weng 6ed81d6774
Feat: Add OAuth state parameter for CSRF protection (#7709) 
### What problem does this PR solve?

Add OAuth `state` parameter for CSRF protection:
- Updated `get_authorization_url()` to accept an optional state
parameter
- Generated a unique state value during OAuth login and stored in
session
- Verified state parameter in callback to ensure request legitimacy

This PR follows OAuth 2.0 security best practices by ensuring that the
authorization request originates from the same user who initiated the
flow.

### Type of change

- [x] New Feature (non-breaking change which adds functionality)
2025-05-20 09:40:31 +08:00
..
apps Feat: Add OAuth state parameter for CSRF protection (#7709) 2025-05-20 09:40:31 +08:00
db Refa: more fallbacks for bad citation format (#7710) 2025-05-19 19:34:05 +08:00
utils Feat: repair corrupted PDF files on upload automatically (#7693) 2025-05-19 14:54:06 +08:00
__init__.py Update comments (#4569) 2025-01-21 20:52:28 +08:00
constants.py Add more web test cases (#3702) 2024-11-28 15:46:35 +08:00
ragflow_server.py Feat: Support tool calling in Generate component (#7572) 2025-05-16 16:32:19 +08:00
settings.py Feat: launch sandbox from docker-compose (#7671) 2025-05-16 11:14:57 +08:00
validation.py Fix errors detected by Ruff (#3918) 2024-12-08 14:21:12 +08:00
versions.py Fix VERSION 2024-12-07 16:56:34 +08:00