refactor: use dify_config to replace legacy usage of flask app's config (#9089)

api/libs/helper.py

@@ -12,9 +12,10 @@ from hashlib import sha256
 from typing import Any, Optional, Union
 from zoneinfo import available_timezones
 
-from flask import Response, current_app, stream_with_context
+from flask import Response, stream_with_context
 from flask_restful import fields
 
+from configs import dify_config
 from core.app.features.rate_limiting.rate_limit import RateLimitGenerator
 from core.file import helpers as file_helpers
 from extensions.ext_redis import redis_client
@@ -214,7 +215,7 @@ class TokenManager:
         if additional_data:
             token_data.update(additional_data)
 
-        expiry_minutes = current_app.config[f"{token_type.upper()}_TOKEN_EXPIRY_MINUTES"]
+        expiry_minutes = dify_config.model_dump().get(f"{token_type.upper()}_TOKEN_EXPIRY_MINUTES")
         token_key = cls._get_token_key(token, token_type)
         expiry_time = int(expiry_minutes * 60)
         redis_client.setex(token_key, expiry_time, json.dumps(token_data))

api/libs/login.py

@@ -1,4 +1,3 @@
-import os
 from functools import wraps
 
 from flask import current_app, g, has_request_context, request
@@ -7,6 +6,7 @@ from flask_login.config import EXEMPT_METHODS
 from werkzeug.exceptions import Unauthorized
 from werkzeug.local import LocalProxy
 
+from configs import dify_config
 from extensions.ext_database import db
 from models.account import Account, Tenant, TenantAccountJoin
 
@@ -52,8 +52,7 @@ def login_required(func):
     @wraps(func)
     def decorated_view(*args, **kwargs):
         auth_header = request.headers.get("Authorization")
-        admin_api_key_enable = os.getenv("ADMIN_API_KEY_ENABLE", default="False")
-        if admin_api_key_enable.lower() == "true":
+        if dify_config.ADMIN_API_KEY_ENABLE:
             if auth_header:
                 if " " not in auth_header:
                     raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")
@@ -61,10 +60,10 @@ def login_required(func):
                 auth_scheme = auth_scheme.lower()
                 if auth_scheme != "bearer":
                     raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")
-                admin_api_key = os.getenv("ADMIN_API_KEY")
 
+                admin_api_key = dify_config.ADMIN_API_KEY
                 if admin_api_key:
-                    if os.getenv("ADMIN_API_KEY") == auth_token:
+                    if admin_api_key == auth_token:
                         workspace_id = request.headers.get("X-WORKSPACE-ID")
                         if workspace_id:
                             tenant_account_join = (
@@ -82,7 +81,7 @@ def login_required(func):
                                     account.current_tenant = tenant
                                     current_app.login_manager._update_request_context_with_user(account)
                                     user_logged_in.send(current_app._get_current_object(), user=_get_user())
-        if request.method in EXEMPT_METHODS or current_app.config.get("LOGIN_DISABLED"):
+        if request.method in EXEMPT_METHODS or dify_config.LOGIN_DISABLED:
             pass
         elif not current_user.is_authenticated:
             return current_app.login_manager.unauthorized()