diff --git a/env.example b/env.example index f6c4a38b..8b50af3f 100644 --- a/env.example +++ b/env.example @@ -13,9 +13,6 @@ # SSL_CERTFILE=/path/to/cert.pem # SSL_KEYFILE=/path/to/key.pem -### Security (empty for no api-key is needed) -# LIGHTRAG_API_KEY=your-secure-api-key-here - ### Directory Configuration # WORKING_DIR= # INPUT_DIR= @@ -158,4 +155,7 @@ AUTH_USERNAME=admin # login name AUTH_PASSWORD=admin123 # password TOKEN_SECRET=your-key-for-LightRAG-API-Server # JWT key TOKEN_EXPIRE_HOURS=4 # expire duration -WHITELIST_PATHS=/login,/health # white list + +### API-Key to access LightRAG Server API +# LIGHTRAG_API_KEY=your-secure-api-key-here +# WHITELIST_PATHS=/health,/api/* diff --git a/lightrag/api/lightrag_server.py b/lightrag/api/lightrag_server.py index 42bccd75..503fb3a8 100644 --- a/lightrag/api/lightrag_server.py +++ b/lightrag/api/lightrag_server.py @@ -41,7 +41,6 @@ from lightrag.kg.shared_storage import ( get_namespace_data, get_pipeline_status_lock, initialize_pipeline_status, - get_all_update_flags_status, ) from fastapi.security import OAuth2PasswordRequestForm from .auth import auth_handler @@ -453,7 +452,7 @@ def create_app(args): "core_version": core_version, "api_version": __api_version__, "auth_mode": auth_mode, - } + } # Custom StaticFiles class to prevent caching of HTML files class NoCacheStaticFiles(StaticFiles): diff --git a/lightrag/api/routers/document_routes.py b/lightrag/api/routers/document_routes.py index f1fd694b..d34f0039 100644 --- a/lightrag/api/routers/document_routes.py +++ b/lightrag/api/routers/document_routes.py @@ -798,16 +798,19 @@ def create_document_routes( HTTPException: If an error occurs while retrieving pipeline status (500) """ try: - from lightrag.kg.shared_storage import get_namespace_data, get_all_update_flags_status + from lightrag.kg.shared_storage import ( + get_namespace_data, + get_all_update_flags_status, + ) pipeline_status = await get_namespace_data("pipeline_status") - + # Get update flags status for all namespaces update_status = await get_all_update_flags_status() # Convert to regular dict if it's a Manager.dict status_dict = dict(pipeline_status) - + # Add update_status to the status dictionary status_dict["update_status"] = update_status diff --git a/lightrag/api/utils_api.py b/lightrag/api/utils_api.py index 7b43feb8..9c2f2bb6 100644 --- a/lightrag/api/utils_api.py +++ b/lightrag/api/utils_api.py @@ -35,9 +35,7 @@ for path in whitelist_paths: prefix = path[:-2] whitelist_patterns.append((prefix, True)) # (prefix, is_prefix_match) else: - whitelist_patterns.append( - (path, False) - ) # (exact_path, is_prefix_match) + whitelist_patterns.append((path, False)) # (exact_path, is_prefix_match) # Global authentication configuration auth_username = os.getenv("AUTH_USERNAME") @@ -70,7 +68,7 @@ def get_combined_auth_dependency(api_key: Optional[str] = None): """ # Use global whitelist_patterns and auth_configured variables # whitelist_patterns and auth_configured are already initialized at module level - + # Only calculate api_key_configured as it depends on the function parameter api_key_configured = bool(api_key) @@ -102,7 +100,7 @@ def get_combined_auth_dependency(api_key: Optional[str] = None): raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Token required" ) - + # Try API key authentication (if configured) if api_key_configured: api_key_header = request.headers.get("X-API-Key") @@ -136,7 +134,7 @@ def get_api_key_dependency(api_key: Optional[str]): """ # Use global whitelist_patterns and auth_configured variables # whitelist_patterns and auth_configured are already initialized at module level - + # Only calculate api_key_configured as it depends on the function parameter api_key_configured = bool(api_key)