重构Dify客户端:改为通过FastAPI代理并使用JWT认证
主要变更: - 修改 dify-client.server.ts 使用 JWT 认证通过 FastAPI 后端代理访问 Dify API - 所有 Dify API 路由(chat-messages, parameters, conversations, messages)添加 JWT 获取和传递逻辑 - API_URL 从直连 Dify 改为 FastAPI 后端的 /dify 路由 - 增强 JWT 认证失败的错误处理(返回401状态码) - 添加详细的日志输出,便于调试 安全提升: - DIFY_API_KEY 从前端移至后端,不再暴露在客户端代码 - 使用统一的 JWT 认证体系,提高系统安全性 文档: - 新增 dify-proxy-backend-integration.md - 后端对接文档(包含完整 FastAPI 实现示例) - 新增 dify-frontend-modification-summary.md - 前端修改总结 - 新增 CLAUDE.md - 项目架构说明文档 影响范围: - app/services/dify-client.server.ts - 核心服务层 - app/routes/api.chat-messages.tsx - 聊天消息 - app/routes/api.parameters.tsx - 应用参数 - app/routes/api.conversations.tsx - 会话列表 - app/routes/api.messages.tsx - 消息历史 - app/routes/api.conversations.$id.tsx - 删除会话 - app/routes/api.conversations.$id.name.tsx - 重命名会话 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
@@ -8,7 +8,23 @@ export async function action({ request }: ActionFunctionArgs) {
|
||||
}
|
||||
|
||||
try {
|
||||
// 获取用户会话信息和 JWT
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { frontendJWT } = await getUserSession(request);
|
||||
const { user } = await getSessionInfo(request);
|
||||
|
||||
// 检查 JWT 是否存在
|
||||
if (!frontendJWT) {
|
||||
console.error('❌ [API] Chat Messages API - JWT不存在');
|
||||
return new Response(
|
||||
JSON.stringify({ error: 'JWT认证失败,请重新登录' }),
|
||||
{
|
||||
status: 401,
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
const body = await request.json();
|
||||
|
||||
const {
|
||||
@@ -27,7 +43,8 @@ export async function action({ request }: ActionFunctionArgs) {
|
||||
responseMode,
|
||||
hasInputs: !!inputs,
|
||||
hasFiles: !!files && files.length > 0,
|
||||
filesCount: files?.length || 0
|
||||
filesCount: files?.length || 0,
|
||||
hasJWT: !!frontendJWT
|
||||
});
|
||||
|
||||
const response = await difyClient.createChatMessage(
|
||||
@@ -36,7 +53,8 @@ export async function action({ request }: ActionFunctionArgs) {
|
||||
user,
|
||||
responseMode,
|
||||
conversationId,
|
||||
files
|
||||
files,
|
||||
frontendJWT // 传递 JWT
|
||||
);
|
||||
|
||||
console.log('📡 [API] Dify响应状态:', {
|
||||
@@ -77,10 +95,14 @@ export async function action({ request }: ActionFunctionArgs) {
|
||||
stack: error.stack,
|
||||
name: error.name
|
||||
});
|
||||
|
||||
// 检查是否是JWT认证失败
|
||||
const status = error.message?.includes('JWT认证失败') ? 401 : 500;
|
||||
|
||||
return new Response(
|
||||
JSON.stringify({ error: error.message || 'Failed to send message' }),
|
||||
{
|
||||
status: 500,
|
||||
status,
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
},
|
||||
|
||||
@@ -4,6 +4,9 @@ import { getSessionInfo, commitSession } from '../utils/session.server';
|
||||
|
||||
export async function action({ request, params }: ActionFunctionArgs) {
|
||||
try {
|
||||
// 获取用户会话信息和 JWT
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { frontendJWT } = await getUserSession(request);
|
||||
const { user, session } = await getSessionInfo(request);
|
||||
const { id } = params;
|
||||
|
||||
@@ -11,15 +14,35 @@ export async function action({ request, params }: ActionFunctionArgs) {
|
||||
return json({ error: '会话ID不能为空' }, { status: 400 });
|
||||
}
|
||||
|
||||
// 检查 JWT 是否存在
|
||||
if (!frontendJWT) {
|
||||
console.error('❌ [API] Rename Conversation API - JWT不存在');
|
||||
return json(
|
||||
{ error: 'JWT认证失败,请重新登录' },
|
||||
{
|
||||
status: 401,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession(session),
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
const body = await request.json();
|
||||
const { auto_generate, name } = body;
|
||||
|
||||
// console.log('💬 Rename Conversation API - User:', user, 'ID:', id, 'Auto Generate:', auto_generate, 'Name:', name);
|
||||
console.log('💬 [API] Rename Conversation API - 重命名会话:', {
|
||||
user,
|
||||
id,
|
||||
autoGenerate: auto_generate,
|
||||
name,
|
||||
hasJWT: !!frontendJWT
|
||||
});
|
||||
|
||||
// 调用服务端API重命名会话
|
||||
const data = await difyClient.renameConversation(id, name, user, auto_generate);
|
||||
const data = await difyClient.renameConversation(id, name, user, auto_generate, frontendJWT);
|
||||
|
||||
// console.log('✅ Rename Conversation API - Success:', data);
|
||||
console.log('✅ [API] Rename Conversation API - Success');
|
||||
|
||||
return json(data, {
|
||||
headers: {
|
||||
@@ -27,13 +50,17 @@ export async function action({ request, params }: ActionFunctionArgs) {
|
||||
},
|
||||
});
|
||||
} catch (error: any) {
|
||||
console.error('❌ Rename Conversation API - Error:', error);
|
||||
console.error('❌ [API] Rename Conversation API - Error:', error);
|
||||
|
||||
// 检查是否是JWT认证失败
|
||||
const status = error.message?.includes('JWT认证失败') ? 401 : 500;
|
||||
|
||||
return json(
|
||||
{
|
||||
error: error.message || '重命名会话失败'
|
||||
},
|
||||
{
|
||||
status: 500,
|
||||
status,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession((await getSessionInfo(request)).session),
|
||||
},
|
||||
|
||||
@@ -4,6 +4,9 @@ import { getSessionInfo, commitSession } from '../utils/session.server';
|
||||
|
||||
export async function action({ request, params }: ActionFunctionArgs) {
|
||||
try {
|
||||
// 获取用户会话信息和 JWT
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { frontendJWT } = await getUserSession(request);
|
||||
const { user, session } = await getSessionInfo(request);
|
||||
const { id } = params;
|
||||
|
||||
@@ -11,15 +14,33 @@ export async function action({ request, params }: ActionFunctionArgs) {
|
||||
return json({ error: '会话ID不能为空' }, { status: 400 });
|
||||
}
|
||||
|
||||
// 检查 JWT 是否存在
|
||||
if (!frontendJWT) {
|
||||
console.error('❌ [API] Delete Conversation API - JWT不存在');
|
||||
return json(
|
||||
{ error: 'JWT认证失败,请重新登录' },
|
||||
{
|
||||
status: 401,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession(session),
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
const method = request.method;
|
||||
|
||||
if (method === 'DELETE') {
|
||||
// console.log('🗑️ Delete Conversation API - User:', user, 'ID:', id);
|
||||
console.log('🗑️ [API] Delete Conversation API - 删除会话:', {
|
||||
user,
|
||||
id,
|
||||
hasJWT: !!frontendJWT
|
||||
});
|
||||
|
||||
// 调用服务端API删除会话
|
||||
const data = await difyClient.deleteConversation(id, user);
|
||||
const data = await difyClient.deleteConversation(id, user, frontendJWT);
|
||||
|
||||
// console.log('✅ Delete Conversation API - Success:', data);
|
||||
console.log('✅ [API] Delete Conversation API - Success');
|
||||
|
||||
return json(data, {
|
||||
headers: {
|
||||
@@ -30,13 +51,17 @@ export async function action({ request, params }: ActionFunctionArgs) {
|
||||
|
||||
return json({ error: '不支持的请求方法' }, { status: 405 });
|
||||
} catch (error: any) {
|
||||
console.error('❌ Delete Conversation API - Error:', error);
|
||||
console.error('❌ [API] Delete Conversation API - Error:', error);
|
||||
|
||||
// 检查是否是JWT认证失败
|
||||
const status = error.message?.includes('JWT认证失败') ? 401 : 500;
|
||||
|
||||
return json(
|
||||
{
|
||||
error: error.message || '删除会话失败'
|
||||
},
|
||||
{
|
||||
status: 500,
|
||||
status,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession((await getSessionInfo(request)).session),
|
||||
},
|
||||
|
||||
@@ -4,13 +4,33 @@ import { getSessionInfo, commitSession } from '../utils/session.server';
|
||||
|
||||
export async function loader({ request }: LoaderFunctionArgs) {
|
||||
try {
|
||||
// 获取用户会话信息和 JWT
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { frontendJWT } = await getUserSession(request);
|
||||
const { user, session } = await getSessionInfo(request);
|
||||
|
||||
// ('💬 Conversations API - User:', user);
|
||||
// 检查 JWT 是否存在
|
||||
if (!frontendJWT) {
|
||||
console.error('❌ [API] Conversations API - JWT不存在');
|
||||
return json(
|
||||
{ data: [], error: 'JWT认证失败,请重新登录' },
|
||||
{
|
||||
status: 401,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession(session),
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
const data = await difyClient.getConversations(user);
|
||||
console.log('💬 [API] Conversations API - 获取会话列表:', {
|
||||
user,
|
||||
hasJWT: !!frontendJWT
|
||||
});
|
||||
|
||||
// ('✅ Conversations API - Success:', data);
|
||||
const data = await difyClient.getConversations(user, frontendJWT);
|
||||
|
||||
console.log('✅ [API] Conversations API - Success');
|
||||
|
||||
return json(data, {
|
||||
headers: {
|
||||
@@ -18,14 +38,18 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
},
|
||||
});
|
||||
} catch (error: any) {
|
||||
console.error('❌ Conversations API - Error:', error);
|
||||
console.error('❌ [API] Conversations API - Error:', error);
|
||||
|
||||
// 检查是否是JWT认证失败
|
||||
const status = error.message?.includes('JWT认证失败') ? 401 : 500;
|
||||
|
||||
return json(
|
||||
{
|
||||
data: [],
|
||||
error: error.message || 'Failed to fetch conversations'
|
||||
},
|
||||
{
|
||||
status: 500,
|
||||
status,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession((await getSessionInfo(request)).session),
|
||||
},
|
||||
|
||||
@@ -4,6 +4,9 @@ import { getSessionInfo, commitSession } from '../utils/session.server';
|
||||
|
||||
export async function loader({ request }: LoaderFunctionArgs) {
|
||||
try {
|
||||
// 获取用户会话信息和 JWT
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { frontendJWT } = await getUserSession(request);
|
||||
const { user, session } = await getSessionInfo(request);
|
||||
const url = new URL(request.url);
|
||||
const conversationId = url.searchParams.get('conversation_id');
|
||||
@@ -15,11 +18,29 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
);
|
||||
}
|
||||
|
||||
// ('📨 Messages API - User:', user, 'ConversationId:', conversationId);
|
||||
// 检查 JWT 是否存在
|
||||
if (!frontendJWT) {
|
||||
console.error('❌ [API] Messages API - JWT不存在');
|
||||
return json(
|
||||
{ error: 'JWT认证失败,请重新登录' },
|
||||
{
|
||||
status: 401,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession(session),
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
const data = await difyClient.getConversationMessages(user, conversationId);
|
||||
console.log('📨 [API] Messages API - 获取会话消息:', {
|
||||
user,
|
||||
conversationId,
|
||||
hasJWT: !!frontendJWT
|
||||
});
|
||||
|
||||
// ('✅ Messages API - Success:', data);
|
||||
const data = await difyClient.getConversationMessages(user, conversationId, frontendJWT);
|
||||
|
||||
console.log('✅ [API] Messages API - Success');
|
||||
|
||||
return json(data, {
|
||||
headers: {
|
||||
@@ -27,11 +48,15 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
},
|
||||
});
|
||||
} catch (error: any) {
|
||||
console.error('❌ Messages API - Error:', error);
|
||||
console.error('❌ [API] Messages API - Error:', error);
|
||||
|
||||
// 检查是否是JWT认证失败
|
||||
const status = error.message?.includes('JWT认证失败') ? 401 : 500;
|
||||
|
||||
return json(
|
||||
{ error: error.message || 'Failed to fetch messages' },
|
||||
{
|
||||
status: 500,
|
||||
status,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession((await getSessionInfo(request)).session),
|
||||
},
|
||||
|
||||
@@ -4,13 +4,33 @@ import { getSessionInfo, commitSession } from '../utils/session.server';
|
||||
|
||||
export async function loader({ request }: LoaderFunctionArgs) {
|
||||
try {
|
||||
// 获取用户会话信息和 JWT
|
||||
const { getUserSession } = await import("~/api/login/auth.server");
|
||||
const { frontendJWT } = await getUserSession(request);
|
||||
const { user, session } = await getSessionInfo(request);
|
||||
|
||||
// ('📋 Parameters API - User:', user);
|
||||
// 检查 JWT 是否存在
|
||||
if (!frontendJWT) {
|
||||
console.error('❌ [API] Parameters API - JWT不存在');
|
||||
return json(
|
||||
{ error: 'JWT认证失败,请重新登录' },
|
||||
{
|
||||
status: 401,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession(session),
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
const data = await difyClient.getApplicationParameters(user);
|
||||
console.log('📋 [API] Parameters API - 获取应用参数:', {
|
||||
user,
|
||||
hasJWT: !!frontendJWT
|
||||
});
|
||||
|
||||
// ('✅ Parameters API - Success:', data);
|
||||
const data = await difyClient.getApplicationParameters(user, frontendJWT);
|
||||
|
||||
console.log('✅ [API] Parameters API - Success');
|
||||
|
||||
return json(data, {
|
||||
headers: {
|
||||
@@ -18,11 +38,15 @@ export async function loader({ request }: LoaderFunctionArgs) {
|
||||
},
|
||||
});
|
||||
} catch (error: any) {
|
||||
console.error('❌ Parameters API - Error:', error);
|
||||
console.error('❌ [API] Parameters API - Error:', error);
|
||||
|
||||
// 检查是否是JWT认证失败
|
||||
const status = error.message?.includes('JWT认证失败') ? 401 : 500;
|
||||
|
||||
return json(
|
||||
{ error: error.message || 'Failed to fetch parameters' },
|
||||
{
|
||||
status: 500,
|
||||
status,
|
||||
headers: {
|
||||
'Set-Cookie': await commitSession((await getSessionInfo(request)).session),
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user