kanshan/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-02-17 00:14:44 +08:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

docs(api): mark SetupApi as unauthenticated by design (#32224)
Some checks are pending
autofix.ci / autofix (push) Waiting to run
Details
Build and Push API & Web / build (api, DIFY_API_IMAGE_NAME, linux/amd64, build-api-amd64) (push) Waiting to run
Details
Build and Push API & Web / build (api, DIFY_API_IMAGE_NAME, linux/arm64, build-api-arm64) (push) Waiting to run
Details
Build and Push API & Web / build (web, DIFY_WEB_IMAGE_NAME, linux/amd64, build-web-amd64) (push) Waiting to run
Details
Build and Push API & Web / build (web, DIFY_WEB_IMAGE_NAME, linux/arm64, build-web-arm64) (push) Waiting to run
Details
Build and Push API & Web / create-manifest (api, DIFY_API_IMAGE_NAME, merge-api-images) (push) Blocked by required conditions
Details
Build and Push API & Web / create-manifest (web, DIFY_WEB_IMAGE_NAME, merge-web-images) (push) Blocked by required conditions
Details
Main CI Pipeline / Check Changed Files (push) Waiting to run
Details
Main CI Pipeline / API Tests (push) Blocked by required conditions
Details
Main CI Pipeline / Web Tests (push) Blocked by required conditions
Details
Main CI Pipeline / Style Check (push) Waiting to run
Details
Main CI Pipeline / VDB Tests (push) Blocked by required conditions
Details
Main CI Pipeline / DB Migration Test (push) Blocked by required conditions
Details

Browse Source
This commit is contained in:
Byron.wang 2026-02-11 12:11:09 +08:00 committed by GitHub
parent 0310f631ee
commit e9db50f781
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
api/controllers/console/setup.py
View File

@ -42,7 +42,15 @@ class SetupResponse(BaseModel):
tags=["console"],
)
def get_setup_status_api() -> SetupStatusResponse:
"""Get system setup status."""
"""Get system setup status.
NOTE: This endpoint is unauthenticated by design.
During first-time bootstrap there is no admin account yet, so frontend initialization must be
able to query setup progress before any login flow exists.
Only bootstrap-safe status information should be returned by this endpoint.
"""
if dify_config.EDITION == "SELF_HOSTED":
setup_status = get_setup_status()
if setup_status and not isinstance(setup_status, bool):
@ -61,7 +69,12 @@ def get_setup_status_api() -> SetupStatusResponse:
)
@only_edition_self_hosted
def setup_system(payload: SetupRequestPayload) -> SetupResponse:
"""Initialize system setup with admin account."""
"""Initialize system setup with admin account.
NOTE: This endpoint is unauthenticated by design for first-time bootstrap.
Access is restricted by deployment mode (`SELF_HOSTED`), one-time setup guards,
and init-password validation rather than user session authentication.
"""
if get_setup_status():
raise AlreadySetupError()