Merge branch 'main' of https://github.com/dataease/SQLBot

dataeaseShu · dataeaseShu · commit cfbe5b7dfbd3 · 2025-09-02T09:39:06.000+08:00
diff --git a/Dockerfile b/Dockerfile
@@ -45,12 +45,7 @@ COPY g2-ssr/charts/* /app/charts/
 
 RUN npm install
 
-FROM registry.cn-qingdao.aliyuncs.com/dataease/postgres:17.6
-ENV PG_PATH=/var/lib/postgresql/data
-ENV PG_SH=/usr/local/bin
-RUN mkdir -p ${PG_PATH}
-COPY --from=registry.cn-qingdao.aliyuncs.com/dataease/postgres:17.6 ${PG_PATH} ${PG_PATH}
-COPY --from=registry.cn-qingdao.aliyuncs.com/dataease/postgres:17.6 ${PG_SH} ${PG_SH}
+FROM registry.cn-qingdao.aliyuncs.com/dataease/postgres:17.6 AS pg-builder
 
 # Runtime stage
 FROM registry.cn-qingdao.aliyuncs.com/dataease/sqlbot-base:latest
@@ -61,6 +56,12 @@ ENV SQLBOT_HOME=/opt/sqlbot
 ENV PYTHONPATH=${SQLBOT_HOME}/app
 ENV PATH="${SQLBOT_HOME}/app/.venv/bin:$PATH"
 
+ENV PG_PATH=/var/lib/postgresql/data
+ENV PG_SH=/usr/local/bin
+RUN mkdir -p ${PG_PATH}
+COPY --from=pg-builder ${PG_PATH} ${PG_PATH}
+COPY --from=pg-builder ${PG_SH} ${PG_SH}
+
 # Copy necessary files from builder
 COPY start.sh /opt/sqlbot/app/start.sh
 COPY g2-ssr/*.ttf /usr/share/fonts/truetype/liberation/
diff --git a/README.md b/README.md
@@ -56,6 +56,11 @@ docker compose up -d
     <img alt="q&a" src="https://github.com/user-attachments/assets/55526514-52f3-4cfe-98ec-08a986259280"   />
   </tr>
 
+## Roadmap
+
+- 术语库：开发中...
+- SQL 示例库：开发中...
+
 ## Star History
 
 [![Star History Chart](https://api.star-history.com/svg?repos=dataease/sqlbot&type=Date)](https://www.star-history.com/#dataease/sqlbot&Date)
diff --git a/backend/apps/system/api/assistant.py b/backend/apps/system/api/assistant.py
@@ -38,6 +38,23 @@ async def info(request: Request, response: Response, session: SessionDep, trans:
         raise RuntimeError(trans('i18n_embedded.invalid_origin', origin = origin or ''))
     return db_model
 
+@router.get("/app/{appId}") 
+async def getApp(request: Request, response: Response, session: SessionDep, trans: Trans, appId: str) -> AssistantModel:
+    if not appId:
+        raise Exception('miss assistant appId')
+    db_model = session.exec(select(AssistantModel).where(AssistantModel.app_id == appId)).first()
+    if not db_model:
+        raise RuntimeError(f"assistant application not exist")
+    db_model = AssistantModel.model_validate(db_model)
+    response.headers["Access-Control-Allow-Origin"] = db_model.domain
+    origin = request.headers.get("origin") or get_origin_from_referer(request)
+    if not origin:
+        raise RuntimeError(trans('i18n_embedded.invalid_origin', origin = origin or ''))
+    origin = origin.rstrip('/')
+    if origin != db_model.domain:
+        raise RuntimeError(trans('i18n_embedded.invalid_origin', origin = origin or ''))
+    return db_model
+
 @router.get("/validator", response_model=AssistantValidator) 
 async def validator(session: SessionDep, id: int, virtual: Optional[int] = Query(None)):
     if not id:
diff --git a/backend/apps/system/middleware/auth.py b/backend/apps/system/middleware/auth.py
@@ -1,4 +1,5 @@
 
+import base64
 from typing import Optional
 from fastapi import Request
 from fastapi.responses import JSONResponse
@@ -127,11 +128,12 @@ async def validateEmbedded(self, param: str, trans: I18n) -> tuple[any]:
                 options={"verify_signature": False, "verify_exp": False},
                 algorithms=[security.ALGORITHM]
             )
-            if not payload['embeddedId']:
-                return False, f"Miss embeddedId payload error!"
+            app_key = payload.get('appId', '')
+            embeddedId = payload.get('embeddedId', None)
+            if not embeddedId:
+                embeddedId = xor_decrypt(app_key)
             if not payload['account']:
                 return False, f"Miss account payload error!"
-            embeddedId = payload['embeddedId']
             account = payload['account']
             with Session(engine) as session:
                 """ session_user = await get_user_info(session = session, user_id = token_data.id)
@@ -156,4 +158,10 @@ async def validateEmbedded(self, param: str, trans: I18n) -> tuple[any]:
         except Exception as e:
             SQLBotLogUtil.exception(f"Embedded validation error: {str(e)}")
             # Return False and the exception message
-            return False, e
+            return False, e
+    
+def xor_decrypt(encrypted_str: str, key: int = 0xABCD1234) -> int:
+    encrypted_bytes = base64.urlsafe_b64decode(encrypted_str)
+    hex_str = encrypted_bytes.hex()
+    encrypted_num = int(hex_str, 16)
+    return encrypted_num ^ key
diff --git a/backend/common/utils/whitelist.py b/backend/common/utils/whitelist.py
@@ -31,6 +31,7 @@
     "/system/appearance/picture/*",
     "/system/assistant/validator*",
     "/system/assistant/info/*",
+    "/system/assistant/app/*",
     "/system/assistant/picture/*",
     "/datasource/uploadExcel"
 ]

Original file line number	Diff line number	Diff line change
`@@ -31,6 +31,7 @@`
`31`	`31`	`"/system/appearance/picture/*",`
`32`	`32`	`"/system/assistant/validator*",`
`33`	`33`	`"/system/assistant/info/*",`
	`34`	`+ "/system/assistant/app/*",`
`34`	`35`	`"/system/assistant/picture/*",`
`35`	`36`	`"/datasource/uploadExcel"`
`36`	`37`	`]`