-
Notifications
You must be signed in to change notification settings - Fork 881
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d4e742f
commit 267be44
Showing
8 changed files
with
208 additions
and
15 deletions.
There are no files selected for viewing
24 changes: 24 additions & 0 deletions
24
apps/application/migrations/0006_applicationapikey_allow_cross_domain_and_more.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
# Generated by Django 4.1.13 on 2024-05-08 13:57 | ||
|
||
import django.contrib.postgres.fields | ||
from django.db import migrations, models | ||
|
||
|
||
class Migration(migrations.Migration): | ||
|
||
dependencies = [ | ||
('application', '0005_alter_chat_abstract_alter_chatrecord_answer_text'), | ||
] | ||
|
||
operations = [ | ||
migrations.AddField( | ||
model_name='applicationapikey', | ||
name='allow_cross_domain', | ||
field=models.BooleanField(default=False, verbose_name='是否允许跨域'), | ||
), | ||
migrations.AddField( | ||
model_name='applicationapikey', | ||
name='cross_domain_list', | ||
field=django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, max_length=128), default=list, size=None, verbose_name='跨域列表'), | ||
), | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
# coding=utf-8 | ||
""" | ||
@project: maxkb | ||
@Author:虎 | ||
@file: cross_domain_middleware.py | ||
@date:2024/5/8 13:36 | ||
@desc: | ||
""" | ||
from django.db.models import QuerySet | ||
from django.http import HttpResponse | ||
from django.utils.deprecation import MiddlewareMixin | ||
|
||
from application.models.api_key_model import ApplicationApiKey | ||
|
||
|
||
class CrossDomainMiddleware(MiddlewareMixin): | ||
|
||
def process_request(self, request): | ||
if request.method == 'OPTIONS': | ||
auth = request.META.get('HTTP_AUTHORIZATION') | ||
if auth is not None and str(auth).startswith("application-"): | ||
application_api_key = QuerySet(ApplicationApiKey).filter(secret_key=auth).first() | ||
if application_api_key.allow_cross_domain: | ||
return HttpResponse(status=200, | ||
headers={ | ||
"Access-Control-Allow-Origin": "*" if application_api_key.cross_domain_list is None or len( | ||
application_api_key.cross_domain_list) == 0 else ",".join( | ||
application_api_key.cross_domain_list), | ||
"Access-Control-Allow-Methods": "GET,POST,DELETE,PUT", | ||
"Access-Control-Allow-Headers": "Origin,X-Requested-With,Content-Type,Accept,Authorization,token"}) | ||
|
||
def process_response(self, request, response): | ||
auth = request.META.get('HTTP_AUTHORIZATION') | ||
if auth is not None and str(auth).startswith("application-"): | ||
application_api_key = QuerySet(ApplicationApiKey).filter(secret_key=auth).first() | ||
if application_api_key.allow_cross_domain: | ||
response['Access-Control-Allow-Origin'] = "*" if application_api_key.cross_domain_list is None or len( | ||
application_api_key.cross_domain_list) == 0 else ",".join( | ||
application_api_key.cross_domain_list) | ||
response['Access-Control-Allow-Methods'] = 'GET,POST,DELETE,PUT' | ||
response[ | ||
'Access-Control-Allow-Headers'] = "Origin,X-Requested-With,Content-Type,Accept,Authorization,token" | ||
return response |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
92 changes: 92 additions & 0 deletions
92
ui/src/views/application-overview/component/SettingAPIKeyDialog.vue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
<template> | ||
<el-dialog title="设置" v-model="dialogVisible"> | ||
<el-form label-position="top" ref="settingFormRef" :model="form"> | ||
<el-form-item label="允许跨域地址" @click.prevent> | ||
<el-switch size="small" v-model="form.allow_cross_domain"></el-switch> | ||
</el-form-item> | ||
<el-form-item> | ||
<el-input | ||
v-model="form.cross_domain_list" | ||
placeholder="请输入允许的跨域地址,开启后不输入跨域地址则不限制。 | ||
跨域地址一行一个,如: | ||
http://127.0.0.1:5678 | ||
https://dataease.io" | ||
:rows="10" | ||
type="textarea" | ||
/> | ||
</el-form-item> | ||
</el-form> | ||
<template #footer> | ||
<span class="dialog-footer"> | ||
<el-button @click.prevent="dialogVisible = false"> 取消 </el-button> | ||
<el-button type="primary" @click="submit(settingFormRef)" :loading="loading"> | ||
保存 | ||
</el-button> | ||
</span> | ||
</template> | ||
</el-dialog> | ||
</template> | ||
<script setup lang="ts"> | ||
import { ref, watch } from 'vue' | ||
import { useRoute } from 'vue-router' | ||
import type { FormInstance, FormRules } from 'element-plus' | ||
import overviewApi from '@/api/application-overview' | ||
import { MsgSuccess, MsgConfirm } from '@/utils/message' | ||
const route = useRoute() | ||
const { | ||
params: { id } | ||
} = route | ||
const emit = defineEmits(['refresh']) | ||
const settingFormRef = ref() | ||
const form = ref<any>({ | ||
allow_cross_domain: false, | ||
cross_domain_list: '' | ||
}) | ||
const dialogVisible = ref<boolean>(false) | ||
const loading = ref(false) | ||
const APIKeyId = ref('') | ||
watch(dialogVisible, (bool) => { | ||
if (!bool) { | ||
form.value = { | ||
allow_cross_domain: false, | ||
cross_domain_list: '' | ||
} | ||
} | ||
}) | ||
const open = (data: any) => { | ||
APIKeyId.value = data.id | ||
form.value.allow_cross_domain = data.allow_cross_domain | ||
form.value.cross_domain_list = data.cross_domain_list?.length | ||
? data.cross_domain_list?.join('\n') | ||
: '' | ||
dialogVisible.value = true | ||
} | ||
const submit = async (formEl: FormInstance | undefined) => { | ||
if (!formEl) return | ||
await formEl.validate((valid, fields) => { | ||
if (valid) { | ||
const obj = { | ||
allow_cross_domain: form.value.allow_cross_domain, | ||
cross_domain_list: form.value.cross_domain_list | ||
? form.value.cross_domain_list.split('\n') | ||
: [] | ||
} | ||
overviewApi.putAPIKey(id as string, APIKeyId.value, obj, loading).then((res) => { | ||
emit('refresh') | ||
MsgSuccess('设置成功') | ||
dialogVisible.value = false | ||
}) | ||
} | ||
}) | ||
} | ||
defineExpose({ open }) | ||
</script> | ||
<style lang="scss" scope></style> |