feat: manually mirror opencoze's code from bytedance

Change-Id: I09a73aadda978ad9511264a756b2ce51f5761adf
2025-07-20 17:36:12 +08:00
commit 890153324f
14811 changed files with 1923430 additions and 0 deletions
--- a/backend/api/middleware/ctx_cache.go
+++ b/backend/api/middleware/ctx_cache.go
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2025 coze-dev Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package middleware
+
+import (
+	"context"
+
+	"github.com/coze-dev/coze-studio/backend/pkg/ctxcache"
+
+	"github.com/cloudwego/hertz/pkg/app"
+)
+
+func ContextCacheMW() app.HandlerFunc {
+	return func(c context.Context, ctx *app.RequestContext) {
+		c = ctxcache.Init(c)
+		ctx.Next(c)
+	}
+}
--- a/backend/api/middleware/host.go
+++ b/backend/api/middleware/host.go
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2025 coze-dev Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package middleware
+
+import (
+	"context"
+
+	"github.com/cloudwego/hertz/pkg/app"
+
+	"github.com/coze-dev/coze-studio/backend/pkg/ctxcache"
+	"github.com/coze-dev/coze-studio/backend/types/consts"
+)
+
+func SetHostMW() app.HandlerFunc {
+	return func(c context.Context, ctx *app.RequestContext) {
+		ctxcache.Store(c, consts.HostKeyInCtx, string(ctx.Host()))
+		ctxcache.Store(c, consts.RequestSchemeKeyInCtx, string(ctx.GetRequest().Scheme()))
+		ctx.Next(c)
+	}
+}
--- a/backend/api/middleware/i18n.go
+++ b/backend/api/middleware/i18n.go
@@ -0,0 +1,53 @@
+/*
+ * Copyright 2025 coze-dev Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package middleware
+
+import (
+	"context"
+	"strings"
+
+	"github.com/cloudwego/hertz/pkg/app"
+
+	"github.com/coze-dev/coze-studio/backend/domain/user/entity"
+	"github.com/coze-dev/coze-studio/backend/pkg/ctxcache"
+	"github.com/coze-dev/coze-studio/backend/pkg/i18n"
+	"github.com/coze-dev/coze-studio/backend/types/consts"
+)
+
+func I18nMW() app.HandlerFunc {
+	return func(c context.Context, ctx *app.RequestContext) {
+		session, ok := ctxcache.Get[*entity.Session](c, consts.SessionDataKeyInCtx)
+		if ok {
+			c = i18n.SetLocale(c, session.Locale)
+			ctx.Next(c)
+			return
+		}
+
+		acceptLanguage := string(ctx.Request.Header.Get("Accept-Language"))
+		locale := "en-US"
+		if acceptLanguage != "" {
+			languages := strings.Split(acceptLanguage, ",")
+			if len(languages) > 0 {
+				locale = languages[0]
+			}
+		}
+
+		c = i18n.SetLocale(c, locale)
+
+		ctx.Next(c)
+	}
+}
--- a/backend/api/middleware/log.go
+++ b/backend/api/middleware/log.go
@@ -0,0 +1,96 @@
+/*
+ * Copyright 2025 coze-dev Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package middleware
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"path/filepath"
+	"strings"
+	"time"
+	"unsafe"
+
+	"github.com/cloudwego/hertz/pkg/app"
+	"github.com/google/uuid"
+
+	"github.com/coze-dev/coze-studio/backend/pkg/i18n"
+	"github.com/coze-dev/coze-studio/backend/pkg/logs"
+)
+
+func AccessLogMW() app.HandlerFunc {
+	return func(c context.Context, ctx *app.RequestContext) {
+		start := time.Now()
+		ctx.Next(c)
+
+		status := ctx.Response.StatusCode()
+		path := bytesToString(ctx.Request.URI().PathOriginal())
+		latency := time.Since(start)
+		method := bytesToString(ctx.Request.Header.Method())
+		clientIP := ctx.ClientIP()
+
+		handlerPkgPath := strings.Split(ctx.HandlerName(), "/")
+		handleName := ""
+		if len(handlerPkgPath) > 0 {
+			handleName = handlerPkgPath[len(handlerPkgPath)-1]
+		}
+
+		requestType := ctx.GetInt32(RequestAuthTypeStr)
+		baseLog := fmt.Sprintf("| %s | %s | %d | %v | %s | %s | %v | %s | %d ｜ %s",
+			string(ctx.GetRequest().Scheme()), ctx.Host(), status,
+			latency, clientIP, method, path, handleName, requestType, i18n.GetLocale(c))
+
+		switch {
+		case status >= http.StatusInternalServerError:
+			logs.CtxErrorf(c, "%s", baseLog)
+		case status >= http.StatusBadRequest:
+			logs.CtxWarnf(c, "%s", baseLog)
+		default:
+			urlQuery := ctx.Request.URI().QueryString()
+			reqBody := bytesToString(ctx.Request.Body())
+			respBody := bytesToString(ctx.Response.Body())
+			maxPrintLen := 3 * 1024
+			if len(respBody) > maxPrintLen {
+				respBody = respBody[:maxPrintLen]
+			}
+			if len(reqBody) > maxPrintLen {
+				reqBody = reqBody[:maxPrintLen]
+			}
+
+			requestAuthType := ctx.GetInt32(RequestAuthTypeStr)
+			if requestAuthType != int32(RequestAuthTypeStaticFile) && filepath.Ext(path) == "" {
+				logs.CtxInfof(c, "%s ", baseLog)
+				logs.CtxDebugf(c, "query : %s \nreq : %s \nresp: %s",
+					urlQuery, reqBody, respBody)
+			}
+		}
+	}
+}
+
+func SetLogIDMW() app.HandlerFunc {
+	return func(ctx context.Context, c *app.RequestContext) {
+		logID := uuid.New().String()
+		ctx = context.WithValue(ctx, "log-id", logID)
+
+		c.Header("X-Log-ID", logID)
+		c.Next(ctx)
+	}
+}
+
+func bytesToString(b []byte) string {
+	return *(*string)(unsafe.Pointer(&b)) // nolint
+}
--- a/backend/api/middleware/openapi_auth.go
+++ b/backend/api/middleware/openapi_auth.go
@@ -0,0 +1,141 @@
+/*
+ * Copyright 2025 coze-dev Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package middleware
+
+import (
+	"context"
+	"crypto/md5"
+	"encoding/hex"
+	"regexp"
+	"strings"
+
+	"github.com/cloudwego/hertz/pkg/app"
+
+	"github.com/coze-dev/coze-studio/backend/api/internal/httputil"
+	"github.com/coze-dev/coze-studio/backend/application/openauth"
+	"github.com/coze-dev/coze-studio/backend/pkg/ctxcache"
+	"github.com/coze-dev/coze-studio/backend/pkg/errorx"
+	"github.com/coze-dev/coze-studio/backend/pkg/lang/conv"
+	"github.com/coze-dev/coze-studio/backend/pkg/logs"
+	"github.com/coze-dev/coze-studio/backend/types/consts"
+	"github.com/coze-dev/coze-studio/backend/types/errno"
+)
+
+const HeaderAuthorizationKey = "Authorization"
+
+var needAuthPath = map[string]bool{
+	"/v3/chat":                      true,
+	"/v1/conversations":             true,
+	"/v1/conversation/create":       true,
+	"/v1/conversation/message/list": true,
+	"/v1/files/upload":              true,
+	"/v1/workflow/run":              true,
+	"/v1/workflow/stream_run":       true,
+	"/v1/workflow/stream_resume":    true,
+	"/v1/workflow/get_run_history":  true,
+	"/v1/bot/get_online_info":       true,
+}
+
+var needAuthFunc = map[string]bool{
+	"^/v1/conversations/[0-9]+/clear$": true, // v1/conversations/:conversation_id/clear
+}
+
+func parseBearerAuthToken(authHeader string) string {
+	if len(authHeader) == 0 {
+		return ""
+	}
+	parts := strings.Split(authHeader, "Bearer")
+	if len(parts) != 2 {
+		return ""
+	}
+
+	token := strings.TrimSpace(parts[1])
+	if len(token) == 0 {
+		return ""
+	}
+
+	return token
+}
+
+func isNeedOpenapiAuth(c *app.RequestContext) bool {
+	isNeedAuth := false
+
+	uriPath := c.URI().Path()
+
+	for rule, res := range needAuthFunc {
+		if regexp.MustCompile(rule).MatchString(string(uriPath)) {
+			isNeedAuth = res
+			break
+		}
+	}
+
+	if needAuthPath[string(c.GetRequest().URI().Path())] {
+		isNeedAuth = true
+	}
+
+	return isNeedAuth
+}
+
+func OpenapiAuthMW() app.HandlerFunc {
+	return func(ctx context.Context, c *app.RequestContext) {
+		requestAuthType := c.GetInt32(RequestAuthTypeStr)
+		if requestAuthType != int32(RequestAuthTypeOpenAPI) {
+			c.Next(ctx)
+			return
+		}
+
+		// open api auth
+		if len(c.Request.Header.Get(HeaderAuthorizationKey)) == 0 {
+			httputil.InternalError(ctx, c,
+				errorx.New(errno.ErrUserAuthenticationFailed, errorx.KV("reason", "missing authorization in header")))
+			return
+		}
+
+		apiKey := parseBearerAuthToken(c.Request.Header.Get(HeaderAuthorizationKey))
+		if len(apiKey) == 0 {
+			httputil.InternalError(ctx, c,
+				errorx.New(errno.ErrUserAuthenticationFailed, errorx.KV("reason", "missing api_key in request")))
+			return
+		}
+
+		md5Hash := md5.Sum([]byte(apiKey))
+		md5Key := hex.EncodeToString(md5Hash[:])
+		apiKeyInfo, err := openauth.OpenAuthApplication.CheckPermission(ctx, md5Key)
+
+		if err != nil {
+			logs.CtxErrorf(ctx, "OpenAuthApplication.CheckPermission failed, err=%v", err)
+			httputil.InternalError(ctx, c,
+				errorx.New(errno.ErrUserAuthenticationFailed, errorx.KV("reason", err.Error())))
+			return
+		}
+
+		if apiKeyInfo == nil {
+			httputil.InternalError(ctx, c,
+				errorx.New(errno.ErrUserAuthenticationFailed, errorx.KV("reason", "api key invalid")))
+			return
+		}
+
+		apiKeyInfo.ConnectorID = consts.APIConnectorID
+		logs.CtxInfof(ctx, "OpenapiAuthMW: apiKeyInfo=%v", conv.DebugJsonToStr(apiKeyInfo))
+		ctxcache.Store(ctx, consts.OpenapiAuthKeyInCtx, apiKeyInfo)
+		err = openauth.OpenAuthApplication.UpdateLastUsedAt(ctx, apiKeyInfo.ID, apiKeyInfo.UserID)
+		if err != nil {
+			logs.CtxErrorf(ctx, "OpenAuthApplication.UpdateLastUsedAt failed, err=%v", err)
+		}
+		c.Next(ctx)
+	}
+}
--- a/backend/api/middleware/request_inspector.go
+++ b/backend/api/middleware/request_inspector.go
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2025 coze-dev Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package middleware
+
+import (
+	"context"
+	"strings"
+
+	"github.com/cloudwego/hertz/pkg/app"
+)
+
+const RequestAuthTypeStr = "RequestAuthTypeStr"
+
+type RequestAuthType = int32
+
+const (
+	RequestAuthTypeWebAPI     RequestAuthType = 0
+	RequestAuthTypeOpenAPI    RequestAuthType = 1
+	RequestAuthTypeStaticFile RequestAuthType = 2
+)
+
+func RequestInspectorMW() app.HandlerFunc {
+	return func(c context.Context, ctx *app.RequestContext) {
+		authType := RequestAuthTypeWebAPI // default is web api, session auth
+
+		if isNeedOpenapiAuth(ctx) {
+			authType = RequestAuthTypeOpenAPI
+		} else if isStaticFile(ctx) {
+			authType = RequestAuthTypeStaticFile
+		}
+
+		ctx.Set(RequestAuthTypeStr, authType)
+		ctx.Next(c)
+	}
+}
+
+var staticFilePath = map[string]bool{
+	"/static":      true,
+	"/":            true,
+	"/sign":        true,
+	"/favicon.png": true,
+}
+
+func isStaticFile(ctx *app.RequestContext) bool {
+	path := string(ctx.GetRequest().URI().Path())
+	if staticFilePath[path] {
+		return true
+	}
+
+	if strings.HasPrefix(string(path), "/static/") ||
+		strings.HasPrefix(string(path), "/explore/") ||
+		strings.HasPrefix(string(path), "/space/") {
+		return true
+	}
+
+	return false
+}
--- a/backend/api/middleware/session.go
+++ b/backend/api/middleware/session.go
@@ -0,0 +1,75 @@
+/*
+ * Copyright 2025 coze-dev Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package middleware
+
+import (
+	"context"
+
+	"github.com/cloudwego/hertz/pkg/app"
+
+	"github.com/coze-dev/coze-studio/backend/domain/user/entity"
+	"github.com/coze-dev/coze-studio/backend/pkg/errorx"
+	"github.com/coze-dev/coze-studio/backend/types/errno"
+
+	"github.com/coze-dev/coze-studio/backend/api/internal/httputil"
+	"github.com/coze-dev/coze-studio/backend/application/user"
+	"github.com/coze-dev/coze-studio/backend/pkg/ctxcache"
+	"github.com/coze-dev/coze-studio/backend/pkg/logs"
+	"github.com/coze-dev/coze-studio/backend/types/consts"
+)
+
+var noNeedSessionCheckPath = map[string]bool{
+	"/api/passport/web/email/login/":       true,
+	"/api/passport/web/email/register/v2/": true,
+}
+
+func SessionAuthMW() app.HandlerFunc {
+	return func(c context.Context, ctx *app.RequestContext) {
+		requestAuthType := ctx.GetInt32(RequestAuthTypeStr)
+		if requestAuthType != int32(RequestAuthTypeWebAPI) {
+			ctx.Next(c)
+			return
+		}
+
+		if noNeedSessionCheckPath[string(ctx.GetRequest().URI().Path())] {
+			ctx.Next(c)
+			return
+		}
+
+		s := ctx.Cookie(entity.SessionKey)
+		if len(s) == 0 {
+			logs.Errorf("[SessionAuthMW] session id is nil")
+			httputil.InternalError(c, ctx,
+				errorx.New(errno.ErrUserAuthenticationFailed, errorx.KV("reason", "missing session_key in cookie")))
+			return
+		}
+
+		// sessionID -> sessionData
+		session, err := user.UserApplicationSVC.ValidateSession(c, string(s))
+		if err != nil {
+			logs.Errorf("[SessionAuthMW] validate session failed, err: %v", err)
+			httputil.InternalError(c, ctx, err)
+			return
+		}
+
+		if session != nil {
+			ctxcache.Store(c, consts.SessionDataKeyInCtx, session)
+		}
+
+		ctx.Next(c)
+	}
+}