Comments (8)
@ogabrielluiz It looks like new registrations are offline, either that or the auth is broken. Whenever I try to register or login, it just loops back to the login page.
I know they have been acquired by Datastax but I'd hope they wouldn't shut out new users during the transition.
from langflow.
Same here
from langflow.
same here
from langflow.
Hi!
Do you all have access to the Langflow Store? The API key is generated there.
from langflow.
same here
from langflow.
Same here
from langflow.
I have assembled some notes below that may crack the code of how store API keys are used, how LangFlow interacts with a Directus instance using that API key to manage components, etc. Hopefully the following is helpful, as I tried to derive an Open API schema that can be used to perhaps provide your own store implementation. I plan to use Supabase to implement mine, using edge functions to provide the same URL resource pattern expected by this code:
To provide a comprehensive analysis of the provided code, let's break it down into its components, focusing on its functionality, interaction with Directus, and how it manages the store. Afterward, I'll attempt to construct an OpenAPI 3 schema for the calls made to the Directus "store" instance.
Code Analysis
Overview
The code is a Python module designed to interact with a Directus-based store for managing components in the LangFlow application. It includes functionality for creating, querying, downloading, liking, and updating components, as well as managing user data and tags.
Key Classes and Functions
-
StoreService
Class: This is the main class that provides methods to interact with the store. It uses thehttpx
library for asynchronous HTTP requests to the Directus API. -
user_data_context
Function: An asynchronous context manager that sets user data in a context variable based on an API key. This is used to fetch and temporarily store user data for the duration of a request. -
StoreService
Methods:_get
: A utility method for performing GET requests to the Directus API.check_api_key
: Validates the provided API key by attempting to fetch user data.call_webhook
: Calls a specified webhook URL, used for download and like actions.build_tags_filter
andbuild_search_filter_conditions
: Helper methods to construct filter conditions for querying components based on tags or search queries.query_components
: Queries components from the store based on various filters and conditions.download
andupload
: Methods for downloading and uploading components to the store.like_component
: Allows a user to like a component.get_list_component_response_model
: Aggregates data for a list of components, including pagination and authorization checks.
Interaction with Directus
The code interacts with Directus primarily through HTTP requests to the Directus API endpoints. It uses bearer token authentication (Authorization: Bearer {api_key}
) for requests that require user authorization. The Directus instance manages components as items within a collection, likely named components
, and uses standard Directus features like filtering, sorting, and aggregation to query and manipulate these items.
OpenAPI 3 Schema Construction (Hypothetical)
Given the code's functionality, an OpenAPI 3 schema for the Directus "store" instance might include endpoints for components, users, and tags. Here's a simplified example for components:
openapi: 3.0.0
info:
title: LangFlow Store API
version: 1.0.0
paths:
/items/components:
get:
summary: List components
parameters:
- in: query
name: filter
schema:
type: string
description: JSON-encoded filter conditions
- in: query
name: sort
schema:
type: string
description: Fields to sort by
- in: query
name: page
schema:
type: integer
description: Page number for pagination
- in: query
name: limit
schema:
type: integer
description: Number of items per page
responses:
'200':
description: A list of components
content:
application/json:
schema:
type: object
properties:
data:
type: array
items:
$ref: '#/components/schemas/Component'
meta:
$ref: '#/components/schemas/MetaData'
post:
summary: Create a new component
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ComponentCreate'
responses:
'200':
description: The created component
content:
application/json:
schema:
$ref: '#/components/schemas/Component'
components:
schemas:
Component:
type: object
properties:
id:
type: string
format: uuid
name:
type: string
description:
type: string
tags:
type: array
items:
type: string
ComponentCreate:
type: object
properties:
name:
type: string
description:
type: string
tags:
type: array
items:
type: string
MetaData:
type: object
properties:
totalItems:
type: integer
itemCount:
type: integer
itemsPerPage:
type: integer
totalPages:
type: integer
currentPage:
type: integer
This schema is a simplified example and would need to be expanded based on the full Directus schema for the LangFlow store, including authentication and error handling components.
Store API Key Validation
The validation of the store API key in the provided code base is performed through a combination of methods within the StoreService
class, specifically through the check_api_key
method. Here's a breakdown of how the API key validation process works:
Step 1: Sending a Request to Directus
The check_api_key
method attempts to validate the API key by making a GET request to the Directus API endpoint /users/me
, which is designed to return information about the current user based on the provided API key. The method constructs this request by appending /users/me
to the base URL of the store (Directus instance) and includes the API key in the request headers as a Bearer token.
Step 2: Analyzing the Response
Upon receiving the response from Directus, the method checks if the response contains a user ID ("id"
in the user data). If the user ID is present, it indicates that the API key is valid because Directus has successfully returned information about the user associated with that API key.
Step 3: Handling Errors and Status Codes
The method also includes error handling for HTTP status codes and other exceptions:
- If a
HTTPStatusError
is caught and the status code is either403
(Forbidden) or401
(Unauthorized), the method concludes that the API key is invalid. These status codes indicate that the provided API key does not have the necessary permissions or is not recognized by Directus. - For any other unexpected status code or exception, the method raises a
ValueError
with details about the error, indicating that the API key validation process encountered an unexpected issue.
Code Snippet for check_api_key
async def check_api_key(self, api_key: str):
try:
user_data, _ = await self._get(f"{self.base_url}/users/me", api_key, params={"fields": "id"})
return "id" in user_data[0]
except HTTPStatusError as exc:
if exc.response.status_code in [403, 401]:
return False
else:
raise ValueError(f"Unexpected status code: {exc.response.status_code}")
except Exception as exc:
raise ValueError(f"Unexpected error: {exc}")
Summary
The validation of the store API key is essentially a process of making an authenticated request to a known Directus endpoint that requires valid authentication. If the request succeeds and returns user data, the API key is considered valid. If the request fails with specific status codes related to authentication or permissions, or if no user data is returned, the API key is considered invalid. This method leverages Directus's built-in authentication and user management to verify API keys.
from langflow.
We are working getting everyone off the waitlist very soon.
from langflow.
Related Issues (20)
- Langfuse question HOT 1
- Python crashes while building a flow that includes Hugging Face Embeddings sentence_transformers HOT 5
- What is the input value for vector store search when running as json flow? HOT 4
- AstraDB component won't build citing OpenAI quota issue. HOT 1
- Cannot edit Environment Variables for sign in and sign up HOT 8
- Fixed bugs HOT 1
- Passing a new query in retrieval QA chain its building the entire flow. HOT 1
- Cannot set a server for chroma db component because it no longer compiles due to chroma_server_cors_allow_origins value is not a valid list HOT 9
- Cannot run Langflow in a vanilla environment on OSX HOT 2
- Langflow global variables are "unset" on UI refresh HOT 1
- getting a column size error when using MySQL. HOT 1
- Wrong version HOT 5
- Agent tools / function calling UX improvement HOT 1
- ModuleNotFoundError: No module named 'langchain_experimental.agents' HOT 1
- updating prompt template severs existing connections in flow HOT 1
- Astra Connector needs a truncate operation
- Astra UI component: Astra URL component is not validated on entry
- On a component box, it is not clear that the red "X" will re-run the component unless you hover over or click HOT 1
- ERR by redis : RedisCache.upsert() got an unexpected keyword argument 'lock' HOT 1
- version HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from langflow.