Image generation pipeline¶
This guide describes how a client (mobile app, script, or Comfy Portal) runs a workflow on a ComfyUI instance protected by MSS-Login, from authentication through to downloading output images.
Overview¶
ComfyUI owns execution after you submit a prompt. MSS-Login adds:
- Authentication — who is calling
- RBAC — whether they may run, upload, or access APIs
- Model validation — workflow may not reference models the user cannot use
- Per-user isolation — optional separate output folders and queue history (
SEPERATE_USERS) - NSFW enforcement — at save time and when serving
/view
sequenceDiagram
participant Mobile
participant JWT as jwt_auth
participant WF as workflow_interceptor
participant RBAC as access_control
participant Comfy as ComfyUI_core
participant NSFW as node_interceptor
Mobile->>JWT: Bearer token
JWT->>WF: request user set
WF->>RBAC: can_run check
RBAC->>Comfy: POST /prompt
Comfy->>NSFW: SaveImage
NSFW-->>Comfy: save or black frame
Mobile->>JWT: GET /view
JWT->>WF: NSFW metadata check
WF-->>Mobile: image or 403
Step 1: Obtain a token¶
Use a long-lived API token for mobile apps. See Authentication.
POST /mss-login/generate_token
Content-Type: application/json
{"username": "user", "password": "password"}
Store the returned token securely. Send it as:
Authorization: Bearer <token>
Step 2: Confirm identity and permissions¶
GET /mss-login/api/me
Authorization: Bearer <token>
Check that the user's role allows can_run and can_access_api. Without can_run, POST /prompt returns 403.
Optional: GET /mss-login/api/is-https if you need to build absolute URLs for assets.
Step 3: Discover node definitions¶
Load ComfyUI's node schema so you can build or validate workflow JSON:
GET /object_info
Authorization: Bearer <token>
Model list endpoints (GET /models/{folder}, GET /embeddings) are filtered per user unless they have can_view_all_comfyui_items.
Step 4: Submit a workflow¶
POST /prompt
Authorization: Bearer <token>
Content-Type: application/json
{
"prompt": { ... },
"client_id": "your-app-client-id"
}
The prompt object is standard ComfyUI workflow JSON (node IDs → class type, inputs, etc.).
What MSS-Login does on submit¶
- JWT middleware — resolves user from Bearer token, cookie, or query.
- Workflow interceptor — records the username for NSFW policy in worker threads; runs model validation (
validate_prompt_models). If the workflow references a checkpoint/LoRA/etc. the user cannot use, response is 403 withMODEL_NOT_ALLOWED. - RBAC — denies if
can_runis false. - Queue patch (when
SEPERATE_USERS=true) — stampsuser_idon queue items; filters history/queue per user.
ComfyUI then queues and executes the graph normally.
Step 5: Monitor progress¶
Use any combination:
| Method | Endpoint / URL |
|---|---|
| WebSocket | ws://host/ws?token=<token> — progress, previews, completion |
| Queue | GET /queue |
| History | GET /history |
Send the same token on WebSocket (query param is typical for mobile).
Preview images
MSS-Login disables latent previews globally to reduce NSFW leakage over WebSocket. Rely on /history and /view for final outputs.
Step 6: Fetch output images¶
When execution completes, history entries reference output files. Request:
GET /view?filename=<name>&subfolder=<subfolder>&type=output
Authorization: Bearer <token>
Success and failure¶
| Status | Meaning |
|---|---|
| 200 | Image bytes returned |
| 403 | NSFW blocked for this user (SFW enforced and image flagged) |
| 401 | Missing or invalid token |
If SEPERATE_USERS=true, outputs are stored under per-user prefixes; use the filename / subfolder values from your history entry.
Workflows (save / load)¶
Per-user workflow storage uses ComfyUI's userdata API (intercepted by MSS-Login):
| Action | Method | Path |
|---|---|---|
| List | GET | /api/userdata?dir=workflows |
| Load | GET | /api/userdata/workflows/{filename} |
| Save | POST | /api/userdata/workflows/... (requires can_modify_workflows) |
| Delete | DELETE | same base path |
Details: Workflow & intercepted endpoints.
Uploading inputs¶
POST /upload/image
Authorization: Bearer <token>
Requires can_upload. Use returned filename in workflow LoadImage nodes.
Error codes to handle in mobile apps¶
| Code / body | Cause |
|---|---|
| 401 | Token missing, expired, or revoked |
403 can_run |
Role cannot execute prompts |
403 MODEL_NOT_ALLOWED |
Workflow uses a model the user cannot access |
403 NSFW on /view |
Output blocked for SFW user |
| MFA challenge on login | Complete MFA before obtaining API token |
Middleware order (reference)¶
For debugging, requests pass through (among others): IP filter → sanitizer → remote API guard → JWT auth → workflow interceptor → model filter → folder access → RBAC → handler.
Custom nodes¶
MSS-Login does not register ComfyUI graph nodes. NSFW enforcement hooks core SaveImage / PreviewImage (and some animated save nodes). Third-party nodes that write images without those classes may bypass save-time checks; /view may still block based on metadata when available. See NSFW and outputs.