furyhawk/deer-flow
1
0
Fork 0
mirror of https://github.com/bytedance/deer-flow.git synced 2026-05-22 07:56:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: implement process-local internal authentication for Gateway and enhance CSRF handling

Browse Source
This commit is contained in:
JeffJiang
2026-04-26 22:15:43 +08:00
parent 897dae5475
commit da174dfd4d
15 changed files with 134 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/app/gateway/app.py
+5 -4
View File
@@ -79,6 +79,11 @@ async def _ensure_admin_user(app: FastAPI) -> None:
# Skip admin migration work rather than failing gateway startup.
logger.warning("Auth persistence not ready; skipping admin bootstrap check")
return
sf = get_session_factory()
if sf is None:
return
admin_count = await provider.count_admin_users()
if admin_count == 0:
@@ -90,10 +95,6 @@ async def _ensure_admin_user(app: FastAPI) -> None:
# Admin already exists — run orphan thread migration for any
# LangGraph thread metadata that pre-dates the auth module.
sf = get_session_factory()
if sf is None:
return
async with sf() as session:
stmt = select(UserRow).where(UserRow.system_role == "admin").limit(1)
row = (await session.execute(stmt)).scalar_one_or_none()