Merge branch 'feat/new-login' into deploy/dev

* feat/new-login:
  fix: code reformat
  feat: add OAuth invite token check
  fix: reformat
  feat: remove self host judgement
  feat: update activate

api/controllers/console/auth/activate.py

@@ -27,10 +27,10 @@ def get(self):
         invitation = RegisterService.get_invitation_if_token_valid(workspaceId, reg_email, token)
         if invitation:
             data = invitation.get("data", {})
-            tenant: Tenant = invitation.get("tenant")
-            workspace_name = tenant.name if tenant else "Unknown Workspace"
-            workspace_id = tenant.id if tenant else "Unknown Workspace ID"
-            invitee_email = data.get("email", "Unknown Email")
+            tenant: Tenant = invitation.get("tenant", None)
+            workspace_name = tenant.name if tenant else None
+            workspace_id = tenant.id if tenant else None
+            invitee_email = data.get("email") if data else None
             return {
                 "is_valid": invitation is not None,
                 "data": {"workspace_name": workspace_name, "workspace_id": workspace_id, "email": invitee_email},

api/controllers/console/auth/oauth.py

@@ -76,12 +76,13 @@ def get(self, provider: str):
             logging.exception(f"An error occurred during the OAuth process with {provider}: {e.response.text}")
             return {"error": "OAuth process failed"}, 400
 
-        if invite_token:
+        if invite_token and RegisterService.is_valid_invite_token(invite_token):
             invitation = RegisterService._get_invitation_by_token(token=invite_token)
             if invitation:
                 invitation_email = invitation.get("email", None)
                 if invitation_email != user_info.email:
                     return redirect(f"{dify_config.CONSOLE_WEB_URL}/signin?message=InvalidToken")
+
             return redirect(f"{dify_config.CONSOLE_WEB_URL}/signin/invite-settings?invite_token={invite_token}")
 
         try:

api/services/account_service.py

@@ -620,16 +620,14 @@ def register(
 
             if open_id is not None or provider is not None:
                 AccountService.link_account_integrate(provider, open_id, account)
-            if dify_config.EDITION != "SELF_HOSTED":
-                should_create_workspace = not is_invite_member or (
-                    is_invite_member and dify_config.ALLOW_CREATE_WORKSPACE
-                )
 
-                if should_create_workspace:
-                    tenant = TenantService.create_tenant(f"{account.name}'s Workspace")
-                    TenantService.create_tenant_member(tenant, account, role="owner")
-                    account.current_tenant = tenant
-                    tenant_was_created.send(tenant)
+            should_create_workspace = not is_invite_member or (is_invite_member and dify_config.ALLOW_CREATE_WORKSPACE)
+
+            if should_create_workspace:
+                tenant = TenantService.create_tenant(f"{account.name}'s Workspace")
+                TenantService.create_tenant_member(tenant, account, role="owner")
+                account.current_tenant = tenant
+                tenant_was_created.send(tenant)
 
             db.session.commit()
         except Exception as e:
@@ -692,6 +690,11 @@ def generate_invite_token(cls, tenant: Tenant, account: Account) -> str:
         redis_client.setex(cls._get_invitation_token_key(token), expiryHours * 60 * 60, json.dumps(invitation_data))
         return token
 
+    @classmethod
+    def is_valid_invite_token(cls, token: str) -> bool:
+        data = redis_client.get(cls._get_invitation_token_key(token))
+        return data is not None
+
     @classmethod
     def revoke_token(cls, workspace_id: str, email: str, token: str):
         if workspace_id and email: