ChatGPT/FastGPT
1
0
Fork 0
mirror of https://github.com/labring/FastGPT.git synced 2026-05-05 01:02:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: mcp auth (#6733)

Browse Source 
* fix: mcp auth

* doc

* doc
This commit is contained in:
Archer
2026-04-09 15:12:39 +08:00
committed by GitHub
parent d2d48fc177
commit e3b5b3788f
6 changed files with 30 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
projects/app/src/pages/api/core/app/mcpTools/getChildren.ts
+3 -4
View File
@@ -1,6 +1,5 @@
import type { ApiRequestProps, ApiResponseType } from '@fastgpt/service/type/next';
import { NextAPI } from '@/service/middleware/entry';
import { MongoApp } from '@fastgpt/service/core/app/schema';
import { AppTypeEnum } from '@fastgpt/global/core/app/constants';
import { UserError } from '@fastgpt/global/common/error/utils';
import { getMCPChildren } from '@fastgpt/service/core/app/mcp';
@@ -11,6 +10,8 @@ import {
type GetMcpChildrenQueryType,
type GetMcpChildrenResponseType
} from '@fastgpt/global/openapi/core/app/mcpTools/api';
import { authApp } from '@fastgpt/service/support/permission/app/auth';
import { ReadPermissionVal } from '@fastgpt/global/support/permission/constant';
async function handler(
req: ApiRequestProps<{}, GetMcpChildrenQueryType>,
@@ -18,9 +19,7 @@ async function handler(
): Promise<GetMcpChildrenResponseType> {
const { id, searchKey } = GetMcpChildrenQuerySchema.parse(req.query);
const app = await MongoApp.findOne({ _id: id }).lean();
if (!app) return Promise.reject(new UserError('No Mcp Toolset found'));
const { app } = await authApp({ req, authToken: true, appId: id, per: ReadPermissionVal });
if (app.type !== AppTypeEnum.mcpToolSet)
return Promise.reject(new UserError('the parent is not a mcp toolset'));
projects/app/src/pages/api/core/app/mcpTools/getTools.ts
+3
View File
@@ -9,11 +9,14 @@ import {
type GetMcpToolsResponseType
} from '@fastgpt/global/openapi/core/app/mcpTools/api';
import { isInternalAddress, PRIVATE_URL_TEXT } from '@fastgpt/service/common/system/utils';
import { authCert } from '@fastgpt/service/support/permission/auth/common';
async function handler(
req: ApiRequestProps<GetMcpToolsBodyType>,
_res: ApiResponseType<any>
): Promise<GetMcpToolsResponseType> {
await authCert({ req, authToken: true });
const { url, headerSecret } = GetMcpToolsBodySchema.parse(req.body);
if (await isInternalAddress(url)) {
projects/app/src/pages/api/core/app/mcpTools/runTool.ts
+3
View File
@@ -8,11 +8,14 @@ import {
type RunMcpToolResponseType
} from '@fastgpt/global/openapi/core/app/mcpTools/api';
import { isInternalAddress, PRIVATE_URL_TEXT } from '@fastgpt/service/common/system/utils';
import { authCert } from '@fastgpt/service/support/permission/auth/common';
async function handler(
req: ApiRequestProps<RunMcpToolBodyType>,
_res: ApiResponseType<any>
): Promise<RunMcpToolResponseType> {
await authCert({ req, authToken: true });
const { url, toolName, headerSecret, params } = RunMcpToolBodySchema.parse(req.body);
if (await isInternalAddress(url)) {