Merge branch 'main' into convo-redirect

frontend/src/routes/conversation.tsx

@@ -36,6 +36,7 @@ import { useDocumentTitleFromState } from "#/hooks/use-document-title-from-state
 import { transformVSCodeUrl } from "#/utils/vscode-url-helper";
 import OpenHands from "#/api/open-hands";
 import { TabContent } from "#/components/layout/tab-content";
+import { useIsAuthed } from "#/hooks/query/use-is-authed";
 
 function AppContent() {
   useConversationConfig();
@@ -43,6 +44,7 @@ function AppContent() {
   const { data: settings } = useSettings();
   const { conversationId } = useConversationId();
   const { data: conversation, isFetched } = useActiveConversation();
+  const { data: isAuthed } = useIsAuthed();
 
   const { curAgentState } = useSelector((state: RootState) => state.agent);
   const dispatch = useDispatch();
@@ -54,13 +56,13 @@ function AppContent() {
   const [width, setWidth] = React.useState(window.innerWidth);
 
   React.useEffect(() => {
-    if (isFetched && !conversation) {
+    if (isFetched && !conversation && isAuthed) {
       displayErrorToast(
         "This conversation does not exist, or you do not have permission to access it.",
       );
       navigate("/");
     }
-  }, [conversation, isFetched]);
+  }, [conversation, isFetched, isAuthed]);
 
   React.useEffect(() => {
     dispatch(clearTerminal());

openhands/server/middleware.py

@@ -24,7 +24,14 @@ class LocalhostCORSMiddleware(CORSMiddleware):
     while using standard CORS rules for other origins.
     """
 
-    def __init__(self, app: ASGIApp) -> None:
+    def __init__(
+        self,
+        app,
+        allow_origins=None,
+        allow_credentials=False,
+        allow_methods=None,
+        allow_headers=None,
+    ):
         allow_origins_str = os.getenv('PERMITTED_CORS_ORIGINS')
         if allow_origins_str:
             allow_origins = tuple(