add token

browser_qwen/background.js

@@ -1,24 +1,23 @@
 var database;
 
 function send_data(msg){
-    chrome.storage.local.get(['database_host'], function(result) {
-        if (result.database_host) {
-            console.log('database_host currently is ' + result.database_host);
-            database = "https://taohongxiu-qwen-agent.hf.space/endpoint";
-        } else {
-            database = "https://taohongxiu-qwen-agent.hf.space/endpoint";
+    chrome.storage.local.get(['access_token'], function(result) {
+        if (result.access_token) {
+            console.log('access_token currently is ' + result.access_token);
+            database_url = "https://taohongxiu-qwen-agent.hf.space/endpoint";
+            fetch(database_url, {
+                method: "POST",
+                headers: {
+                  "Content-Type": "application/json",
+                  "Authorization": result.access_token
+                },
+                body: JSON.stringify(msg),
+            })
+              .then((response) => response.json())
+              .then((data) => {
+                console.log(data.result);
+              });
         }
-        fetch(database, {
-            method: "POST",
-            headers: {
-              "Content-Type": "application/json",
-            },
-            body: JSON.stringify(msg),
-        })
-          .then((response) => response.json())
-          .then((data) => {
-            console.log(data.result);
-          });
      });
 }
 

browser_qwen/src/popup.html

@@ -116,6 +116,10 @@
 <input type="text" id="addr" name="addr" class="input-text" style="display: none;">
 <button id="set_addr" class="upload_btn" style="display: none;">Change</button>
 
+<h3>Customize Token:</h3>
+<input type="text" id="access_token" name="access_token" class="input-text" placeholder="input and chick change button, then reopen this">
+<button id="set_access_token" class="upload_btn">Change</button>
+
 <script src="popup.js"></script>
 </body>
 </html>

browser_qwen/src/popup.js

@@ -24,23 +24,20 @@ document.addEventListener('DOMContentLoaded', function() {
 
     });
     setTimeout(function() {
-//        console.log('This message will be logged after 0.5 second');
+        console.log('This message will be logged after 0.5 second');
         var popup_url='';
-        chrome.storage.local.get(['database_host'], function(result) {
-            if (result.database_host) {
-                console.log('database_host currently is ' + result.database_host);
-                popup_url = "https://taohongxiu-qwen-agent.hf.space/";
-            } else {
-                popup_url = "https://taohongxiu-qwen-agent.hf.space/";
+        chrome.storage.local.get(['access_token'], function(result) {
+            if (result.access_token) {
+                console.log('access_token currently is ' + result.access_token);
+                popup_url = "https://taohongxiu-qwen-agent.hf.space/?access_token"+access_token;
+                var iframe = document.createElement('iframe');
+                iframe.src = popup_url;
+                iframe.height = '570px';
+    //            iframe.sandbox = 'allow-same-origin allow-scripts';
+    //            iframe.allow = "geolocation *;";
+                var iframe_area = document.getElementById('iframe_area')
+                iframe_area.appendChild(iframe);
             }
-            var iframe = document.createElement('iframe');
-            iframe.src = popup_url;
-            iframe.height = '570px';
-//            iframe.sandbox = 'allow-same-origin allow-scripts';
-//            iframe.allow = "geolocation *;";
-            var iframe_area = document.getElementById('iframe_area')
-            iframe_area.appendChild(iframe);
-
         });
     }, 500);
 
@@ -63,3 +60,13 @@ document.getElementById('set_addr').addEventListener('click', function() {
       document.getElementById('addr').value = '';
     });
 })
+
+document.getElementById('set_access_token').addEventListener('click', function() {
+    var access_token = document.getElementById('access_token').value;
+    // save config
+    chrome.storage.local.set({access_token: access_token}, function() {
+      console.log('access_token is set to ' + access_token);
+//      chrome.runtime.sendMessage({ data: access_token , close: true , flag: 'set_access_token'});
+      document.getElementById('access_token').value = '';
+    });
+})

qwen_server/assistant_server.py

@@ -24,8 +24,7 @@ llm = get_chat_model(model=server_config.server.llm,
 mem = Memory(llm=llm, stream=False)
 
 cache_file = os.path.join(server_config.path.cache_root, 'browse.jsonl')
-cache_file_popup_url = os.path.join(server_config.path.cache_root,
-                                    'popup_url.jsonl')
+cache_file_popup_url = os.path.join(server_config.path.cache_root, 'popup_url.jsonl')
 
 PAGE_URL = []
 
@@ -35,12 +34,35 @@ with open(Path(__file__).resolve().parent / 'js/main.js', 'r') as f:
     js = f.read()
 
 
-def add_text(history, text):
+def check_access_token(access_token):
+    if not access_token:
+        gr.Info('The access token is not valid, please reset!')
+        return False
+    return True
+
+
+def initialize(request: gr.Request):
+    set_page_url()
+    # print("Request headers dictionary:", request.headers)
+    params = dict(request.query_params)
+    access_token = params.get("access_token")
+    if not access_token or os.getenv("ACCESS_TOKEN") != access_token:
+        gr.Info('The access token is not valid, please reset!')
+        return ''
+    # print("Query parameters:", dict(request.query_params))
+    return access_token
+
+
+def add_text(history, text, access_token):
+    if not check_access_token(access_token):
+        return
     history = history + [(text, None)]
     return history, gr.update(value='', interactive=False)
 
 
-def rm_text(history):
+def rm_text(history, access_token):
+    if not check_access_token(access_token):
+        return
     if not history:
         gr.Warning('No input content!')
     elif not history[-1][1]:
@@ -51,7 +73,7 @@ def rm_text(history):
 
 
 def add_file(history, file):
-    history = history + [((file.name, ), None)]
+    history = history + [((file.name,), None)]
     return history
 
 
@@ -63,7 +85,6 @@ def set_page_url():
     PAGE_URL.append(lines[-1]['url'])
     logger.info('The current access page is: ' + PAGE_URL[-1])
 
-
 def bot(history):
     set_page_url()
     if not history:
@@ -72,7 +93,7 @@ def bot(history):
         now_page = None
         _ref = ''
         if not os.path.exists(cache_file):
-            gr.Info("Please add this page to Qwen's Reading List first!")
+            gr.Info("Please add this page to ChatGPT's Reading List first!")
         else:
             for line in jsonlines.open(cache_file):
                 if line['url'] == PAGE_URL[-1]:
@@ -80,10 +101,10 @@ def bot(history):
 
             if not now_page:
                 gr.Info(
-                    "This page has not yet been added to the Qwen's reading list!"
+                    "This page has not yet been added to the ChatGPT's reading list!"
                 )
             elif not now_page['raw']:
-                gr.Info('Please reopen later, Qwen is analyzing this page...')
+                gr.Info('Please reopen later, ChatGPT is analyzing this page...')
             else:
                 _ref_list = mem.get(
                     history[-1][0], [now_page],
@@ -118,24 +139,28 @@ def bot(history):
                     writer.write(new_line)
 
 
-def load_history_session(history):
+def load_history_session(history, access_token):
+    if not check_access_token(access_token):
+        return
     now_page = None
     if not os.path.exists(cache_file):
-        gr.Info("Please add this page to Qwen's Reading List first!")
+        gr.Info("Please add this page to ChatGPT's Reading List first!")
         return []
     for line in jsonlines.open(cache_file):
         if line['url'] == PAGE_URL[-1]:
             now_page = line
     if not now_page:
-        gr.Info("Please add this page to Qwen's Reading List first!")
+        gr.Info("Please add this page to ChatGPT's Reading List first!")
         return []
     if not now_page['raw']:
-        gr.Info('Please wait, Qwen is analyzing this page...')
+        gr.Info('Please wait, ChatGPT is analyzing this page...')
         return []
     return now_page['session']
 
 
-def clear_session():
+def clear_session(access_token):
+    if not check_access_token(access_token):
+        return
     if not os.path.exists(cache_file):
         return None
     now_page = None
@@ -157,6 +182,7 @@ def clear_session():
 
 
 with gr.Blocks(css=css, theme='soft') as demo:
+    access_token = gr.State("")
     chatbot = gr.Chatbot([],
                          elem_id='chatbot',
                          height=480,
@@ -166,7 +192,7 @@ with gr.Blocks(css=css, theme='soft') as demo:
     with gr.Row():
         with gr.Column(scale=7):
             txt = gr.Textbox(show_label=False,
-                             placeholder='Chat with Qwen...',
+                             placeholder='Chat with ChatGPT...',
                              container=False)
         # with gr.Column(scale=0.06, min_width=0):
         #     smt_bt = gr.Button('⏎')
@@ -177,7 +203,7 @@ with gr.Blocks(css=css, theme='soft') as demo:
         with gr.Column(scale=1, min_width=0):
             re_bt = gr.Button('🔁', elem_classes='bt_small_font')
 
-    txt_msg = txt.submit(add_text, [chatbot, txt], [chatbot, txt],
+    txt_msg = txt.submit(add_text, [chatbot, txt, access_token], [chatbot, txt],
                          queue=False).then(bot, chatbot, chatbot)
     txt_msg.then(lambda: gr.update(interactive=True), None, [txt], queue=False)
 
@@ -187,8 +213,8 @@ with gr.Blocks(css=css, theme='soft') as demo:
     #                 None, [txt],
     #                 queue=False)
 
-    clr_bt.click(clear_session, None, chatbot, queue=False)
-    re_txt_msg = re_bt.click(rm_text, [chatbot], [chatbot, txt],
+    clr_bt.click(clear_session, [access_token], chatbot, queue=False)
+    re_txt_msg = re_bt.click(rm_text, [chatbot, access_token], [chatbot, txt],
                              queue=False).then(bot, chatbot, chatbot)
     re_txt_msg.then(lambda: gr.update(interactive=True),
                     None, [txt],
@@ -196,7 +222,7 @@ with gr.Blocks(css=css, theme='soft') as demo:
 
     stop_bt.click(None, None, None, cancels=[txt_msg, re_txt_msg], queue=False)
 
-    demo.load(set_page_url).then(load_history_session, chatbot, chatbot)
+    demo.load(initialize, [], [access_token]).then(load_history_session, [chatbot, access_token], chatbot)
     demo.queue()
 
 # demo.queue().launch(server_name=server_config.server.server_host, server_port=server_config.server.app_in_browser_port)

qwen_server/database_server.py

@@ -6,7 +6,7 @@ from pathlib import Path
 import add_qwen_libs  # NOQA
 import jsonlines
 import uvicorn
-from fastapi import FastAPI, Request
+from fastapi import FastAPI, Request, HTTPException, Response
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.responses import JSONResponse
 from fastapi.staticfiles import StaticFiles
@@ -15,6 +15,8 @@ from qwen_agent.log import logger
 from qwen_agent.utils.utils import get_local_ip
 from qwen_server.schema import GlobalConfig
 from qwen_server.utils import extract_and_cache_document
+from starlette.middleware.base import BaseHTTPMiddleware
+from fastapi.security import HTTPBearer
 
 # Read config
 with open(Path(__file__).resolve().parent / 'server_config.json', 'r') as f:
@@ -74,13 +76,37 @@ def change_checkbox_state(text, cache_file):
     return {'result': 'changed'}
 
 
+class BasicAuthMiddleware(BaseHTTPMiddleware):
+    def __init__(self, app, token: str):
+        super().__init__(app)
+        self.required_credentials = token
+
+    async def dispatch(self, request: Request, call_next):
+        authorization: str = request.headers.get("Authorization")
+        if authorization:
+            try:
+                schema, credentials = authorization.split()
+                if credentials == self.required_credentials:
+                    return await call_next(request)
+            except ValueError:
+                pass
+
+        headers = {'WWW-Authenticate': 'Basic'}
+        return Response(status_code=401, headers=headers)
+
+
+app.add_middleware(BasicAuthMiddleware, token=os.getenv("ACCESS_TOKEN"))
+
+
 @app.get('/healthz')
 async def healthz(request: Request):
     return JSONResponse({"healthz": True})
 
 
 @app.get('/cachedata/{file_name}')
-async def cache_data(file_name: str):
+async def cache_data(file_name: str, access_token: str):
+    if not access_token or os.getenv("ACCESS_TOKEN") != access_token:
+        raise HTTPException(401, "the access token is not valid")
     cache_file = os.path.join(server_config.path.cache_root, file_name)
     lines = []
     for line in jsonlines.open(cache_file):
@@ -91,6 +117,9 @@ async def cache_data(file_name: str):
 @app.post('/endpoint')
 async def web_listening(request: Request):
     data = await request.json()
+    access_token: str = request.headers.get("Authorization")
+    if not access_token or os.getenv("ACCESS_TOKEN") != access_token:
+        raise HTTPException(401, "the access token is not valid")
     msg_type = data['task']
 
     cache_file_popup_url = os.path.join(server_config.path.cache_root, 'popup_url.jsonl')