Skip to content

fix: anonymous authentication #3215

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
shaohuzhang1 wants to merge 1 commit into from
Closed

fix: anonymous authentication #3215

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 3 additions & 5 deletions apps/common/auth/common.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,21 +14,19 @@


class ChatAuthentication:
def __init__(self, auth_type: str | None, is_auth: bool, auth_passed: bool):
self.is_auth = is_auth
self.auth_passed = auth_passed
def __init__(self, auth_type: str | None):
self.auth_type = auth_type

def to_dict(self):
return {'is_auth': self.is_auth, 'auth_passed': self.auth_passed, 'auth_type': self.auth_type}
return {'auth_type': self.auth_type}

def to_string(self):
return encrypt(json.dumps(self.to_dict()))

@staticmethod
def new_instance(authentication: str):
auth = json.loads(decrypt(authentication))
return ChatAuthentication(auth.get('auth_type'), auth.get('is_auth'), auth.get('auth_passed'))
return ChatAuthentication(auth.get('auth_type'))


class ChatUserToken:
Copy link
Copy Markdown
Contributor Author

@shaohuzhang1 shaohuzhang1 Jun 9, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The code is generally clean and efficient, but there are a few suggestions for improvement:

  1. Remove Unnecessary Variables: The is_auth and auth_passed properties can be removed since they are not used after initialization.

    

    2. 



    

  • def init(self, auth_type: str | None, is_auth: bool, auth_passed: bool):
    • 

  • 

       self.is_auth = is_auth

    

    • 

  • 

       self.auth_passed = auth_passed

    

    • 



    

  • def init(self, auth_type: str | None):
    
self.auth_type = auth_type
    • 




2. **Simplify Initialization Logic**: Since `authentication` is only used once and then processed again using `json.loads`, you can directly set the attributes during initialization.

```python
  @staticmethod
  def new_instance(authentication: str):
      auth = json.loads(decrypt(authentication))
-        return ChatAuthentication(auth.get('auth_type'), auth.get('is_auth'), auth.get('auth_passed'))
+        return ChatAuthentication(auth['auth_type'])



    

  1. Consider Adding Type Annotations: While Python type hints can help with readability and maintainability, they do not enforce at runtime. If performance is critical or correctness matters significantly, consider adding explicit checks or constraints.
    2. 



These changes simplify the code while maintaining its functionality.

    

  
  




    


        

      
  
  

    
  
    
    

  

  

  



          

              

      








    


  





        

    


    


  		



  

    
          
            
          
          Expand Down
    
    
  



                
              


          


    

  



      
  

    

      

        


          

            
            
          


          



          
            3 changes: 2 additions & 1 deletion
          
          

        

  apps/common/auth/handle/impl/chat_anonymous_user_token.py

  
  
      
      
  





        
      


      

        











            


          

          

            
              

                
    

              

            
            
                            

                            


                              
   View file



                                    


                                  


                            


                            

                            

    Open in desktop



                
            
          

        

      

    



    

      

          

            




              
      
    
              

                
                  

                      Original file line number
                      Diff line number
                      Diff line change
                  

                
                
                      
      

    
          
            
          
          Expand Up
    
    @@ -45,7 +45,8 @@ def handle(self, request, token: str, get_token_details):
  


    

    

    

  
            if application_setting_model is not None:






    

    

    

  
                application_setting = QuerySet(application_setting_model).filter(application_id=application_id).first()






    

    

    

  
                if application_setting.authentication:






    

    

    

  
                    raise AppAuthenticationFailed(1002, _('Authentication information is incorrect'))






    

    

    

  
                    if 'password' != chat_user_token.authentication.auth_type:






    

    

    

  
                        raise AppAuthenticationFailed(1002, _('Authentication information is incorrect'))






    

    

    

  
            return None, ChatAuth(






    

    

    

  
                current_role_list=[RoleConstants.CHAT_ANONYMOUS_USER],






    

    

    

  
                permission_list=[






      


  
        

      
    
      

        

          



  

    

        

        

  

    

      

          
    
    

  


        
            
  
      
              Copy link

  

              
  
      
                Copy Markdown

  

        
      

    


    

        

  
    Contributor


        

  Author


    

  


  

    

      
          @shaohuzhang1
      

      
            shaohuzhang1
  

      

      

      


        Jun 9, 2025


      
    


  




        

      

  

  
 

  
    

    
Choose a reason for hiding this comment


    

      The reason will be displayed to describe this comment to others. Learn more.
    


    

      
      



  



  
    

      
There is one potential issue with the provided code:


if 'password' != chat_user_token.authentication.auth_type:


This condition does not account for other authentication types. For example, it doesn't check if 'token', 'email_code', or any other valid auth type are used. The code should include checks for all supported authentication methods to ensure robustness.


Optimization suggestions could be:


    

  1. 

    Use Enum: Define an AuthType enumeration to handle different authentication types more clearly and cleanly.
    

    2. 

  2. 

    Dictionary Mapping: Create a dictionary mapping each auth type to their conditions (e.g., {'password': lambda x: True}). This would make it easier to manage and extend when adding new auth types.
    

    3. 

  3. 

    Logging: Consider logging which authentication type was attempted upon failure, especially for debugging purposes.
    

    4. 

  4. 

    Validation Function: Abstract out the logic related to checking authentication into a separate function that can be reused across multiple parts of your application.
    

    5. 



By incorporating these improvements, the code becomes more maintainable and scalable while ensuring that you cover all possible authentication scenarios effectively.

    

  
  




    


        

      
  
  

    
  
    
    

  

  

  



          

              

      








    


  





        

    


    


  		



  

    
          
            
          
          Expand Down
    
    
  



                
              


          


    

  







    

  
  
    
      Loading