refactor: enforcing authentication based on environment variable "ENFORCE_AUTH" (#1634)

Harsh-Microsoft · web-flow · commit 6f30b3f0a04e · 2025-03-24T15:39:08.000+05:30
diff --git a/code/backend/batch/utilities/helpers/env_helper.py b/code/backend/batch/utilities/helpers/env_helper.py
@@ -362,6 +362,9 @@ def __load_config(self, **kwargs) -> None:
         self.SEMENTIC_KERNEL_SYSTEM_PROMPT = os.getenv(
             "SEMENTIC_KERNEL_SYSTEM_PROMPT", ""
         )
+
+        self.ENFORCE_AUTH = self.get_env_var_bool("ENFORCE_AUTH", "True")
+
         logger.info("Initializing EnvHelper completed")
 
     def is_chat_model(self):
diff --git a/code/create_app.py b/code/create_app.py
@@ -541,5 +541,10 @@ def assistanttype():
         result = ConfigHelper.get_active_config_or_default()
         return jsonify({"ai_assistant_type": result.prompts.ai_assistant_type})
 
+    @app.route("/api/checkauth", methods=["GET"])
+    async def check_auth_enforced():
+        """Check if the authentiction is enforced."""
+        return jsonify({"is_auth_enforced": env_helper.ENFORCE_AUTH})
+
     app.register_blueprint(bp_chat_history_response, url_prefix="/api")
     return app
diff --git a/code/frontend/src/api/api.ts b/code/frontend/src/api/api.ts
@@ -54,6 +54,25 @@ export async function getUserInfo(): Promise<UserInfo[]> {
   }
 }
 
+export async function checkAuthEnforced(): Promise<boolean> {
+  try {
+    const response = await fetch("/api/checkauth", {
+      method: "GET",
+      headers: {
+        "Content-Type": "application/json",
+      },
+    });
+    if (!response.ok) {
+      throw new Error("Network response was not ok");
+    }
+    const config = await response.json(); // Parse JSON response
+    return config.is_auth_enforced;
+  } catch (error) {
+    console.error("Failed to fetch configuration:", error);
+    return true; // Return true because we need to enforce auth by default
+  }
+}
+
 export async function getAssistantTypeApi() {
   try {
     const response = await fetch("/api/assistanttype", {
diff --git a/code/frontend/src/pages/layout/Layout.test.tsx b/code/frontend/src/pages/layout/Layout.test.tsx
@@ -8,7 +8,7 @@ import {
 import Layout from "./Layout";
 
 import { BrowserRouter } from "react-router-dom";
-import { getUserInfo } from "../../api/api";
+import { getUserInfo, checkAuthEnforced } from "../../api/api";
 import { before } from "lodash";
 import { hostname } from "os";
 
@@ -29,7 +29,7 @@ const DefaultLayoutPropsloderfalse = {
   };
 
 jest.mock('../../api/api', () => ({
-    getUserInfo: jest.fn()
+    getUserInfo: jest.fn(), checkAuthEnforced: jest.fn()
 }));
 
 
@@ -72,6 +72,7 @@ describe("Layout Component", () => {
       },
   });
     ;(getUserInfo as jest.Mock).mockResolvedValue(mocklist)
+    ;(checkAuthEnforced as jest.Mock).mockResolvedValue(true)
     await act(async () => {
         render(
           <BrowserRouter>
diff --git a/code/frontend/src/pages/layout/Layout.tsx b/code/frontend/src/pages/layout/Layout.tsx
@@ -9,7 +9,7 @@ import {
 import { Dialog, Stack, TextField } from "@fluentui/react";
 import { ReactNode, useEffect, useRef, useState } from "react";
 import { HistoryButton } from "../../components/HistoryButton/HistoryButton";
-import { getUserInfo } from "../../api";
+import { getUserInfo, checkAuthEnforced } from "../../api";
 import SpinnerComponent from '../../components/Spinner/Spinner';
 
 
@@ -52,6 +52,12 @@ const Layout = ({ children,toggleSpinner, ...props }: LayoutProps) => {
   const firstRender = useRef(true);
 
   const getUserInfoList = async () => {
+    const isAuthEnforced = await checkAuthEnforced(); // Check if auth is enforced
+    if(!isAuthEnforced) {
+      setShowAuthMessage(false);
+      return;
+    }
+
     const userInfoList = await getUserInfo();
     if (
       userInfoList.length === 0 &&

Original file line number	Diff line number	Diff line change
`@@ -362,6 +362,9 @@ def __load_config(self, **kwargs) -> None:`
`362`	`362`	`self.SEMENTIC_KERNEL_SYSTEM_PROMPT = os.getenv(`
`363`	`363`	`"SEMENTIC_KERNEL_SYSTEM_PROMPT", ""`
`364`	`364`	`)`
	`365`	`+`
	`366`	`+ self.ENFORCE_AUTH = self.get_env_var_bool("ENFORCE_AUTH", "True")`
	`367`	`+`
`365`	`368`	`logger.info("Initializing EnvHelper completed")`
`366`	`369`
`367`	`370`	`def is_chat_model(self):`