Merge pull request #450 from FlowiseAI/feature/Zapier

modify whitelistURLs
2023-06-30 22:52:24 +08:00 · 2023-06-30 22:52:24 +08:00 · 43d62dd322
parent a5ccc991af 55489c1c77
commit 43d62dd322
1 changed files with 10 additions and 2 deletions
--- a/packages/server/src/index.ts
+++ b/packages/server/src/index.ts
@ -93,7 +93,14 @@ export class App {
            const basicAuthMiddleware = basicAuth({
                users: { [username]: password }
            })
-            const whitelistURLs = ['/api/v1/public-chatflows', '/api/v1/prediction/', '/api/v1/node-icon/', '/api/v1/chatflows-streaming']
+            const whitelistURLs = [
+                '/api/v1/verify/apikey/',
+                '/api/v1/chatflows/apikey/',
+                '/api/v1/public-chatflows',
+                '/api/v1/prediction/',
+                '/api/v1/node-icon/',
+                '/api/v1/chatflows-streaming'
+            ]
            this.app.use((req, res, next) => {
                if (req.url.includes('/api/v1/')) {
                    whitelistURLs.some((url) => req.url.includes(url)) ? next() : basicAuthMiddleware(req, res, next)
@ -187,6 +194,7 @@ export class App {
                    .createQueryBuilder('cf')
                    .where('cf.apikeyid = :apikeyid', { apikeyid: apiKey.id })
                    .orWhere('cf.apikeyid IS NULL')
+                    .orWhere('cf.apikeyid = ""')
                    .orderBy('cf.name', 'ASC')
                    .getMany()
                if (chatflows.length >= 1) return res.status(200).send(chatflows)
@ -502,7 +510,7 @@ export class App {
        })

        // Verify api key
-        this.app.get('/api/v1/apikey/:apiKey', async (req: Request, res: Response) => {
+        this.app.get('/api/v1/verify/apikey/:apiKey', async (req: Request, res: Response) => {
            try {
                const apiKey = await getApiKey(req.params.apiKey)
                if (!apiKey) return res.status(401).send('Unauthorized')