use deco to avoid current_user (#26077)

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

api/controllers/console/auth/activate.py

@@ -7,7 +7,7 @@ from controllers.console.error import AlreadyActivateError
 from extensions.ext_database import db
 from libs.datetime_utils import naive_utc_now
 from libs.helper import StrLen, email, extract_remote_ip, timezone
-from models.account import AccountStatus
+from models import AccountStatus
 from services.account_service import AccountService, RegisterService
 
 active_check_parser = reqparse.RequestParser()

api/controllers/console/auth/data_source_oauth.py

@@ -2,13 +2,12 @@ import logging
 
 import httpx
 from flask import current_app, redirect, request
-from flask_login import current_user
 from flask_restx import Resource, fields
 from werkzeug.exceptions import Forbidden
 
 from configs import dify_config
 from controllers.console import api, console_ns
-from libs.login import login_required
+from libs.login import current_account_with_tenant, login_required
 from libs.oauth_data_source import NotionOAuth
 
 from ..wraps import account_initialization_required, setup_required
@@ -45,6 +44,7 @@ class OAuthDataSource(Resource):
     @api.response(403, "Admin privileges required")
     def get(self, provider: str):
         # The role of the current user in the table must be admin or owner
+        current_user, _ = current_account_with_tenant()
         if not current_user.is_admin_or_owner:
             raise Forbidden()
         OAUTH_DATASOURCE_PROVIDERS = get_oauth_providers()

api/controllers/console/auth/email_register.py

@@ -19,7 +19,7 @@ from controllers.console.wraps import email_password_login_enabled, email_regist
 from extensions.ext_database import db
 from libs.helper import email, extract_remote_ip
 from libs.password import valid_password
-from models.account import Account
+from models import Account
 from services.account_service import AccountService
 from services.billing_service import BillingService
 from services.errors.account import AccountNotFoundError, AccountRegisterError

api/controllers/console/auth/forgot_password.py

@@ -20,7 +20,7 @@ from events.tenant_event import tenant_was_created
 from extensions.ext_database import db
 from libs.helper import email, extract_remote_ip
 from libs.password import hash_password, valid_password
-from models.account import Account
+from models import Account
 from services.account_service import AccountService, TenantService
 from services.feature_service import FeatureService
 

api/controllers/console/auth/login.py

@@ -1,5 +1,3 @@
-from typing import cast
-
 import flask_login
 from flask import request
 from flask_restx import Resource, reqparse
@@ -26,7 +24,7 @@ from controllers.console.error import (
 from controllers.console.wraps import email_password_login_enabled, setup_required
 from events.tenant_event import tenant_was_created
 from libs.helper import email, extract_remote_ip
-from models.account import Account
+from libs.login import current_account_with_tenant
 from services.account_service import AccountService, RegisterService, TenantService
 from services.billing_service import BillingService
 from services.errors.account import AccountRegisterError
@@ -96,7 +94,8 @@ class LoginApi(Resource):
 class LogoutApi(Resource):
     @setup_required
     def get(self):
-        account = cast(Account, flask_login.current_user)
+        current_user, _ = current_account_with_tenant()
+        account = current_user
         if isinstance(account, flask_login.AnonymousUserMixin):
             return {"result": "success"}
         AccountService.logout(account=account)

api/controllers/console/auth/oauth.py

@@ -14,8 +14,7 @@ from extensions.ext_database import db
 from libs.datetime_utils import naive_utc_now
 from libs.helper import extract_remote_ip
 from libs.oauth import GitHubOAuth, GoogleOAuth, OAuthUserInfo
-from models import Account
-from models.account import AccountStatus
+from models import Account, AccountStatus
 from services.account_service import AccountService, RegisterService, TenantService
 from services.billing_service import BillingService
 from services.errors.account import AccountNotFoundError, AccountRegisterError

api/controllers/console/auth/oauth_server.py

@@ -1,16 +1,15 @@
 from collections.abc import Callable
 from functools import wraps
-from typing import Concatenate, ParamSpec, TypeVar, cast
+from typing import Concatenate, ParamSpec, TypeVar
 
-import flask_login
 from flask import jsonify, request
 from flask_restx import Resource, reqparse
 from werkzeug.exceptions import BadRequest, NotFound
 
 from controllers.console.wraps import account_initialization_required, setup_required
 from core.model_runtime.utils.encoders import jsonable_encoder
-from libs.login import login_required
-from models.account import Account
+from libs.login import current_account_with_tenant, login_required
+from models import Account
 from models.model import OAuthProviderApp
 from services.oauth_server import OAUTH_ACCESS_TOKEN_EXPIRES_IN, OAuthGrantType, OAuthServerService
 
@@ -116,7 +115,8 @@ class OAuthServerUserAuthorizeApi(Resource):
     @account_initialization_required
     @oauth_server_client_id_required
     def post(self, oauth_provider_app: OAuthProviderApp):
-        account = cast(Account, flask_login.current_user)
+        current_user, _ = current_account_with_tenant()
+        account = current_user
         user_account_id = account.id
 
         code = OAuthServerService.sign_oauth_authorization_code(oauth_provider_app.client_id, user_account_id)