skills/deerflow2
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0966131b31
deerflow2/backend/docs
History
Nan Gao 0966131b31
fix(channels): require bound identity for user-owned IM messages (#3578) 
* fix(channels): require bound identity for user-owned IM messages

* make format

* docs: document bound identity channel config

* refactor: reuse channel connection config

* refactor _requires_bound_identity()

* refactor from_app_config()

* make format

* fix: reject unbound channel chats before semaphore

* security enhancement

* make format

* fix: enforce bound-identity admission at command entry point

The bound-identity gate only ran for non-command messages in
_handle_message() and as a fallback inside _handle_chat(). Commands had
no equivalent boundary, so an unbound platform user could send /new and
reach _create_thread() directly, creating an unowned Gateway thread and
empty checkpoint. Info commands (/status, /models, /memory) likewise
leaked Gateway state to unbound users.

Add the same _requires_bound_identity() check at the top of
_handle_command(), rejecting via _reject_unbound_channel_message() before
any thread creation or Gateway query. The gate is a no-op in legacy
open-bot mode (require_bound_identity=False) and auth-disabled mode.
Provider-level binding flows (/connect, /start) are consumed by the
provider adapter before reaching the manager, so they are unaffected.

Tests:
- unbound auth-enabled /new is rejected before threads.create
- bound auth-enabled /new still creates the thread

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(channels): carry workspace fallback decision on inbound messages

* fix(channels): recheck bound identity by normalized workspace

* fix(channels): avoid duplicate bound identity checks

* fix(channels): preserve verified routing for bound identity rejects

* fix(channels): clarify bound identity upgrade failures

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Willem Jiang <willem.jiang@gmail.com>
2026-06-16 23:04:39 +08:00
..
API.md fix(security): harden MCP config endpoint (#3425) 2026-06-08 12:21:02 +08:00
APPLE_CONTAINER.md Fix command syntax for container image pull (#1349) 2026-03-26 00:14:08 +08:00
ARCHITECTURE.md docs: clarify LangGraph compatibility entrypoints (#2914) 2026-05-12 23:15:11 +08:00
AUTH_DESIGN.md docs: document auth design and user isolation (#2913) 2026-05-12 23:07:11 +08:00
AUTH_TEST_DOCKER_GAP.md docs: clean gateway runtime transition remnants (#3334) 2026-06-02 10:03:28 +08:00
AUTH_TEST_PLAN.md docs: clean standalone LangGraph server remnants (#3301) 2026-05-29 11:36:45 +08:00
AUTH_UPGRADE.md docs: clean gateway runtime transition remnants (#3334) 2026-06-02 10:03:28 +08:00
AUTO_TITLE_GENERATION.md docs: fix some broken links (#1864) 2026-04-05 15:35:42 +08:00
BLOCKING_IO_DETECTION.md feat(skill): add blocking-io-guard — SOP skill for blocking-IO triage and runtime anchors (#3503) 2026-06-12 10:20:38 +08:00
CONFIGURATION.md fix(doc):update the document for the docker configuration 2026-06-14 11:35:01 +08:00
FILE_UPLOAD.md fix(uploads): enforce streaming upload limits in gateway (#2589) 2026-05-01 20:19:30 +08:00
GUARDRAILS.md fix: rename present_file to present_files in docs and prompts (#2393) 2026-04-21 16:10:14 +08:00
IM_CHANNEL_CONNECTIONS.md fix(channels): require bound identity for user-owned IM messages (#3578) 2026-06-16 23:04:39 +08:00
MCP_SERVER.md docs: discourage MCP filesystem workspace config (#3141) 2026-05-22 09:19:23 +08:00
MEMORY_IMPROVEMENTS_SUMMARY.md refactor: split backend into harness (deerflow.*) and app (app.*) (#1131) 2026-03-14 22:55:52 +08:00
MEMORY_IMPROVEMENTS.md feat(memory): add memory.token_counting config to avoid tiktoken network dependency (#3429) (#3465) 2026-06-10 23:26:15 +08:00
MEMORY_SETTINGS_REVIEW.md feat: support manual add and edit for memory facts (#1538) 2026-03-29 23:53:23 +08:00
memory-settings-sample.json feat: support manual add and edit for memory facts (#1538) 2026-03-29 23:53:23 +08:00
middleware-execution-flow.md feat(loop-detection): defer warning injection (#2752) 2026-05-21 14:36:07 +08:00
PATH_EXAMPLES.md refactor: split backend into harness (deerflow.*) and app (app.*) (#1131) 2026-03-14 22:55:52 +08:00
plan_mode_usage.md refactor(lead-agent): make build_middlewares public to drop the last cross-module private import (#3458) 2026-06-09 11:56:28 +08:00
README.md chore: add sandbox memory profiling tools (#3249) 2026-06-03 22:02:27 +08:00
REPLAY_E2E.md fix(replay-e2e): key fixtures by caller and conversation (#3453) 2026-06-09 21:58:31 +08:00
rfc-create-deerflow-agent.md feat: add create_deerflow_agent SDK entry point (Phase 1) (#1203) 2026-03-29 15:31:18 +08:00
rfc-extract-shared-modules.md refactor: extract shared skill installer and upload manager to harness (#1202) 2026-03-25 16:28:33 +08:00
rfc-grep-glob-tools.md feat(sandbox): add built-in grep and glob tools (#1784) 2026-04-03 16:03:06 +08:00
SANDBOX_MEMORY_PROFILING.md chore: add sandbox memory profiling tools (#3249) 2026-06-03 22:02:27 +08:00
SETUP.md fix(harness): resolve runtime paths from project root (#2642) 2026-05-01 22:19:50 +08:00
STREAMING.md fix(backend): stream DeerFlowClient AI text as token deltas (#1969) (#1974) 2026-04-10 18:16:38 +08:00
summarization.md fix(middleware): avoid rescuing non-skill tool outputs during summarization (#2458) 2026-04-24 21:19:46 +08:00
task_tool_improvements.md refactor: split backend into harness (deerflow.*) and app (app.*) (#1131) 2026-03-14 22:55:52 +08:00
TITLE_GENERATION_IMPLEMENTATION.md feat(persistence):Unified persistence layer with event store, feedback, and rebase cleanup (#2134) 2026-04-26 11:09:55 +08:00
TODO.md docs: clean standalone LangGraph server remnants (#3301) 2026-05-29 11:36:45 +08:00

README.md

Documentation

This directory contains detailed documentation for the DeerFlow backend.

Quick Links

Document Description
ARCHITECTURE.md System architecture overview
API.md Complete API reference
AUTH_DESIGN.md User authentication, CSRF, and per-user isolation design
CONFIGURATION.md Configuration options
SETUP.md Quick setup guide

Feature Documentation

Document Description
STREAMING.md Token-level streaming design: Gateway vs DeerFlowClient paths, stream_mode semantics, per-id dedup
FILE_UPLOAD.md File upload functionality
PATH_EXAMPLES.md Path types and usage examples
SANDBOX_MEMORY_PROFILING.md Sandbox memory baseline and runtime comparison guide
summarization.md Context summarization feature
plan_mode_usage.md Plan mode with TodoList
AUTO_TITLE_GENERATION.md Automatic title generation

Development

Document Description
TODO.md Planned features and known issues

Getting Started

  1. New to DeerFlow? Start with SETUP.md for quick installation
  2. Configuring the system? See CONFIGURATION.md
  3. Understanding the architecture? Read ARCHITECTURE.md
  4. Building integrations? Check API.md for API reference

Document Organization

docs/
├── README.md                  # This file
├── ARCHITECTURE.md            # System architecture
├── API.md                     # API reference
├── AUTH_DESIGN.md             # User authentication and isolation design
├── CONFIGURATION.md           # Configuration guide
├── SETUP.md                   # Setup instructions
├── FILE_UPLOAD.md             # File upload feature
├── PATH_EXAMPLES.md           # Path usage examples
├── summarization.md           # Summarization feature
├── plan_mode_usage.md         # Plan mode feature
├── STREAMING.md               # Token-level streaming design
├── AUTO_TITLE_GENERATION.md   # Title generation
├── TITLE_GENERATION_IMPLEMENTATION.md  # Title implementation details
└── TODO.md                    # Roadmap and issues