cqrenet/aoc
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 29 Wiki Activity

hotfix(v1.7.9): auth diagnostics and rate-limit exemptions
All checks were successful
CI / lint-and-test (push) Successful in 2m30s
Details
Release / build-and-push (push) Successful in 4m46s
Details

Browse Source 
- Exempt /api/config/auth, /api/config/features, /health, /metrics from rate limiting
- Fix generic exception handler to return proper JSON for HTTPException instead of re-raising
- Add startup log with auth_enabled and version
- Add frontend console logging for auth config fetch errors
- Show 'Auth: OFF' or 'Auth: misconfigured' on auth button instead of empty text
- Add backend debug logging to /api/config/auth endpoint
This commit is contained in:
Tomas Kracmar
2026-04-27 10:09:44 +02:00
parent 7fe53f882a
commit e2cea50d87
4 changed files with 41 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
backend/main.py
View File

@@ -1,5 +1,6 @@
import asyncio
import logging
import os
import time
from contextlib import suppress
from pathlib import Path
@@ -104,7 +105,9 @@ async def cache_control_middleware(request: Request, call_next):
@app.middleware("http")
async def rate_limit_middleware(request: Request, call_next):
"""Apply Redis-backed rate limiting before processing the request."""
if request.url.path.startswith("/api/"):
# Exempt config and health endpoints from rate limiting
exempt_paths = {"/api/config/auth", "/api/config/features", "/health", "/metrics"}
if request.url.path.startswith("/api/") and request.url.path not in exempt_paths:
from rate_limiter import check_rate_limit
await check_rate_limit(request)
@@ -168,8 +171,6 @@ async def metrics():
@app.get("/api/version")
async def version():
import os
return {"version": os.environ.get("VERSION", "unknown")}
@@ -177,7 +178,13 @@ async def version():
async def generic_exception_handler(request: Request, exc: Exception):
"""Return generic error messages for unhandled exceptions to avoid info leakage."""
if isinstance(exc, HTTPException):
raise exc
from fastapi.responses import JSONResponse
return JSONResponse(
status_code=exc.status_code,
content={"detail": exc.detail},
headers=getattr(exc, "headers", None) or {},
)
logger.error("Unhandled exception", path=request.url.path, error=str(exc))
return Response(
content='{"detail":"Internal server error"}',
@@ -206,6 +213,12 @@ async def start_periodic_fetch():
from rules import seed_default_rules
seed_default_rules()
logger.info(
"AOC startup",
version=os.environ.get("VERSION", "unknown"),
auth_enabled=AUTH_ENABLED,
ai_enabled=AI_FEATURES_ENABLED,
)
if ENABLE_PERIODIC_FETCH:
app.state.fetch_task = asyncio.create_task(_periodic_fetch())