🔧 Add env variable for time signature (#4650)

2024-11-30 18:27:53 +08:00 · 2024-05-27 16:20:49 +02:00 · 2024-05-27 16:20:49 +02:00 · f40743183e
commit f40743183e
parent e852a21634
5 changed files with 13 additions and 2 deletions
--- a/api/.env.example
+++ b/api/.env.example
@ -17,6 +17,9 @@ APP_WEB_URL=http://127.0.0.1:3000
 # Files URL
 FILES_URL=http://127.0.0.1:5001

+# The time in seconds after the signature is rejected
+FILES_ACCESS_TIMEOUT=300
+
 # celery configuration
 CELERY_BROKER_URL=redis://:difyai123456@localhost:6379/1

--- a/api/config.py
+++ b/api/config.py
@ -23,6 +23,7 @@ DEFAULTS = {
    'SERVICE_API_URL': 'https://api.dify.ai',
    'APP_WEB_URL': 'https://udify.app',
    'FILES_URL': '',
+    'FILES_ACCESS_TIMEOUT': 300,
    'S3_ADDRESS_STYLE': 'auto',
    'STORAGE_TYPE': 'local',
    'STORAGE_LOCAL_PATH': 'storage',
@ -143,6 +144,10 @@ class Config:
        # Url is signed and has expiration time.
        self.FILES_URL = get_env('FILES_URL') if get_env('FILES_URL') else self.CONSOLE_API_URL

+        # File Access Time specifies a time interval in seconds for the file to be accessed.
+        # The default value is 300 seconds.
+        self.FILES_ACCESS_TIMEOUT = int(get_env('FILES_ACCESS_TIMEOUT'))
+
        # Your App secret key will be used for securely signing the session cookie
        # Make sure you are changing this key for your deployment with a strong key.
        # You can generate a strong key using `openssl rand -base64 42`.
--- a/api/core/file/upload_file_parser.py
+++ b/api/core/file/upload_file_parser.py
@ -77,4 +77,4 @@ class UploadFileParser:
            return False

        current_time = int(time.time())
-        return current_time - int(timestamp) <= 300  # expired after 5 minutes
+        return current_time - int(timestamp) <= current_app.config.get('FILES_ACCESS_TIMEOUT')
--- a/api/core/tools/tool_file_manager.py
+++ b/api/core/tools/tool_file_manager.py
@ -53,7 +53,7 @@ class ToolFileManager:
            return False

        current_time = int(time.time())
-        return current_time - int(timestamp) <= 300  # expired after 5 minutes
+        return current_time - int(timestamp) <= current_app.config.get('FILES_ACCESS_TIMEOUT')

    @staticmethod
    def create_file_by_raw(user_id: str, tenant_id: str,
--- a/docker/docker-compose.yaml
+++ b/docker/docker-compose.yaml
@ -36,6 +36,9 @@ services:
      # used to display File preview or download Url to the front-end or as Multi-model inputs;
      # Url is signed and has expiration time.
      FILES_URL: ''
+      # File Access Time specifies a time interval in seconds for the file to be accessed.
+      # The default value is 300 seconds.
+      FILES_ACCESS_TIMEOUT: 300
      # When enabled, migrations will be executed prior to application startup and the application will start after the migrations have completed.
      MIGRATION_ENABLED: 'true'
      # The configurations of postgres database connection.