feat: add ragflow web project & add pnpm workspace file

2025-11-09 11:18:58 +08:00
parent ed6e0ab282
commit b2053760be
1566 changed files with 218623 additions and 57 deletions
--- a/packages/auth-gateway/README.md
+++ b/packages/auth-gateway/README.md
@@ -0,0 +1,51 @@
+# @teres/auth-gateway
+
+Minimal Node session service to share auth token via Cookie or API.
+
+## Run
+
+```sh
+pnpm -F @teres/auth-gateway dev
+```
+
+Default port: `7000`. Configure via env:
+
+- `PORT=7000`
+- `ALLOWED_ORIGINS=http://localhost:5173,http://localhost:6006`
+- `COOKIE_NAME=sid`
+- `COOKIE_DOMAIN=` (optional)
+- `COOKIE_SECURE=false` (set `true` in HTTPS)
+- `COOKIE_SAMESITE=lax` (`lax|strict|none`)
+- `EXPOSE_TOKEN=true` (set `false` to hide token in GET response)
+
+## Endpoints
+
+- `GET /health` → `{ ok: true }`
+- `POST /auth/session` → set token; accepts JSON `{ token }` or `Authorization: Bearer <token>`
+- `GET /auth/session` → read session; returns `{ exists, updatedAt, token? }`
+- `DELETE /auth/session` → clear session and cookie
+
+## Frontend usage
+
+After login in host app:
+
+```ts
+await fetch("http://localhost:7000/auth/session", {
+  method: "POST",
+  headers: { "Content-Type": "application/json" },
+  body: JSON.stringify({ token }),
+  credentials: "include",
+});
+```
+
+In iframe app (ragflow) to read the token (if `EXPOSE_TOKEN=true`):
+
+```ts
+const res = await fetch("http://localhost:7000/auth/session", {
+  credentials: "include",
+});
+const data = await res.json();
+const token = data.token; // may be undefined if EXPOSE_TOKEN=false
+```
+
+Alternatively, keep `EXPOSE_TOKEN=false` and use a backend that reads the cookie server-side. Or pass the token via your `iframe-bridge`/Penpal channel.