Merge pull request #1170 from lcjqyml/feat-multi-user

Feat multi user support.
2025-03-25 17:48:20 +08:00
parent 2f7fcc3dfa 23004546dc
commit 4daa1c966f
10 changed files with 216 additions and 192 deletions
--- a/lightrag/api/auth.py
+++ b/lightrag/api/auth.py
@@ -20,9 +20,14 @@ class AuthHandler:
        self.secret = os.getenv("TOKEN_SECRET", "4f85ds4f56dsf46")
        self.algorithm = "HS256"
        self.expire_hours = int(os.getenv("TOKEN_EXPIRE_HOURS", 4))
-        self.guest_expire_hours = int(
-            os.getenv("GUEST_TOKEN_EXPIRE_HOURS", 2)
-        )  # Guest token default expiration time
+        self.guest_expire_hours = int(os.getenv("GUEST_TOKEN_EXPIRE_HOURS", 2))
+
+        self.accounts = {}
+        auth_accounts = os.getenv("AUTH_ACCOUNTS")
+        if auth_accounts:
+            for account in auth_accounts.split(","):
+                username, password = account.split(":", 1)
+                self.accounts[username] = password

    def create_token(
        self,
--- a/lightrag/api/lightrag_server.py
+++ b/lightrag/api/lightrag_server.py
@@ -362,10 +362,8 @@ def create_app(args):
    @app.get("/auth-status")
    async def get_auth_status():
        """Get authentication status and guest token if auth is not configured"""
-        username = os.getenv("AUTH_USERNAME")
-        password = os.getenv("AUTH_PASSWORD")

-        if not (username and password):
+        if not auth_handler.accounts:
            # Authentication not configured, return guest token
            guest_token = auth_handler.create_token(
                username="guest", role="guest", metadata={"auth_mode": "disabled"}
@@ -389,10 +387,7 @@ def create_app(args):

    @app.post("/login")
    async def login(form_data: OAuth2PasswordRequestForm = Depends()):
-        username = os.getenv("AUTH_USERNAME")
-        password = os.getenv("AUTH_PASSWORD")
-
-        if not (username and password):
+        if not auth_handler.accounts:
            # Authentication not configured, return guest token
            guest_token = auth_handler.create_token(
                username="guest", role="guest", metadata={"auth_mode": "disabled"}
@@ -405,8 +400,8 @@ def create_app(args):
                "core_version": core_version,
                "api_version": __api_version__,
            }
-
-        if form_data.username != username or form_data.password != password:
+        username = form_data.username
+        if auth_handler.accounts.get(username) != form_data.password:
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED, detail="Incorrect credentials"
            )
--- a/lightrag/api/utils_api.py
+++ b/lightrag/api/utils_api.py
@@ -38,9 +38,7 @@ for path in whitelist_paths:
            whitelist_patterns.append((path, False))  # (exact_path, is_prefix_match)

 # Global authentication configuration
-auth_username = os.getenv("AUTH_USERNAME")
-auth_password = os.getenv("AUTH_PASSWORD")
-auth_configured = bool(auth_username and auth_password)
+auth_configured = bool(auth_handler.accounts)


 class OllamaServerInfos:
--- a/lightrag/api/webui/assets/index-BwFyYQzx.css
+++ b/lightrag/api/webui/assets/index-BwFyYQzx.css
--- a/lightrag/api/webui/assets/index-CJhG62dt.css
+++ b/lightrag/api/webui/assets/index-CJhG62dt.css
--- a/lightrag/api/webui/assets/index-DJ53id6i.js
+++ b/lightrag/api/webui/assets/index-DJ53id6i.js
--- a/lightrag/api/webui/index.html
+++ b/lightrag/api/webui/index.html
@@ -1,17 +1,17 @@
-<!doctype html>
-<html lang="en">
-  <head>
-    <meta charset="UTF-8" />
-    <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
-    <meta http-equiv="Pragma" content="no-cache" />
-    <meta http-equiv="Expires" content="0" />
-    <link rel="icon" type="image/svg+xml" href="logo.png" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>Lightrag</title>
-    <script type="module" crossorigin src="/webui/assets/index-DUmKHl1m.js"></script>
-    <link rel="stylesheet" crossorigin href="/webui/assets/index-CJhG62dt.css">
-  </head>
-  <body>
-    <div id="root"></div>
-  </body>
-</html>
+<!doctype html>
+<html lang="en">
+  <head>
+    <meta charset="UTF-8" />
+    <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
+    <meta http-equiv="Pragma" content="no-cache" />
+    <meta http-equiv="Expires" content="0" />
+    <link rel="icon" type="image/svg+xml" href="logo.png" />
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <title>Lightrag</title>
+    <script type="module" crossorigin src="/webui/assets/index-DJ53id6i.js"></script>
+    <link rel="stylesheet" crossorigin href="/webui/assets/index-BwFyYQzx.css">
+  </head>
+  <body>
+    <div id="root"></div>
+
+  </body>