gardel/lightrag
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added authentication checks and token validation

Browse Source 
- Added auth checks in health check logic
- Protected routes require authentication
- Validated token on app startup
- Added auth check in API interceptor
- Clear token on 401 unauthorized error
This commit is contained in:
yangdx
2025-03-18 01:46:12 +08:00
parent 1727130c47
commit 2a18b04f7f
3 changed files with 29 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
lightrag_webui/src/api/lightrag.ts
View File

@@ -142,10 +142,20 @@ const axiosInstance = axios.create({
}
})
// Interceptoradd api key
// Interceptor: add api key and check authentication
axiosInstance.interceptors.request.use((config) => {
const apiKey = useSettingsStore.getState().apiKey
const token = localStorage.getItem('LIGHTRAG-API-TOKEN');
// Check authentication status for paths that require authentication
const authRequiredPaths = ['/documents', '/graphs', '/query', '/health']; // Add all paths that require authentication
const isAuthRequired = authRequiredPaths.some(path => config.url?.includes(path));
if (isAuthRequired && !token && config.url !== '/login') {
// Cancel the request and return a rejected Promise
return Promise.reject(new Error('Authentication required'));
}
if (apiKey) {
config.headers['X-API-Key'] = apiKey
}
@@ -160,10 +170,6 @@ axiosInstance.interceptors.response.use(
(response) => response,
(error: AxiosError) => {
if (error.response) {
interface ErrorResponse {
detail: string;
}
if (error.response?.status === 401) {
localStorage.removeItem('LIGHTRAG-API-TOKEN');
sessionStorage.clear();