art-dag/celery
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix authentication to support both header and cookie auth

Browse Source 
All API endpoints now use require_auth or get_current_user which handle
both Authorization header (for CLI) and cookies (for browser). Previously
many endpoints only checked cookies via get_user_from_cookie.

Changed files:
- runs.py: list_runs, run_detail, run_plan, run_artifacts, plan_node_detail, ui_discard_run
- recipes.py: list_recipes, get_recipe, ui_discard_recipe
- storage.py: list_storage, add_storage_form, delete_storage, test_storage, storage_type_page
- cache.py: get_cached, list_media, get_metadata_form, update_metadata_htmx

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
gilesb
2026-01-12 14:56:52 +00:00
parent 79a74df2bb
commit 280dddebd0
4 changed files with 19 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
app/routers/cache.py
View File

@@ -47,8 +47,7 @@ async def get_cached(
cache_service: CacheService = Depends(get_cache_service),
):
"""Get cached content by hash. Content negotiation: HTML for browsers, JSON for APIs."""
auth_service = AuthService(get_redis_client())
ctx = auth_service.get_user_from_cookie(request)
ctx = await get_current_user(request)
# Pass actor_id to get friendly name and user-specific metadata
actor_id = ctx.actor_id if ctx else None
@@ -255,17 +254,9 @@ async def list_media(
limit: int = 24,
media_type: Optional[str] = None,
cache_service: CacheService = Depends(get_cache_service),
ctx: UserContext = Depends(require_auth),
):
"""List all media in cache."""
auth_service = AuthService(get_redis_client())
ctx = auth_service.get_user_from_cookie(request)
if not ctx:
if wants_json(request):
raise HTTPException(401, "Authentication required")
from fastapi.responses import RedirectResponse
return RedirectResponse(url="/auth", status_code=302)
items = await cache_service.list_media(
actor_id=ctx.actor_id,
username=ctx.username,
@@ -301,9 +292,7 @@ async def get_metadata_form(
cache_service: CacheService = Depends(get_cache_service),
):
"""Get metadata editing form (HTMX)."""
auth_service = AuthService(get_redis_client())
ctx = auth_service.get_user_from_cookie(request)
ctx = await get_current_user(request)
if not ctx:
return HTMLResponse('<div class="text-red-400">Login required</div>')
@@ -341,9 +330,7 @@ async def update_metadata_htmx(
cache_service: CacheService = Depends(get_cache_service),
):
"""Update metadata (HTMX form handler)."""
auth_service = AuthService(get_redis_client())
ctx = auth_service.get_user_from_cookie(request)
ctx = await get_current_user(request)
if not ctx:
return HTMLResponse('<div class="text-red-400">Login required</div>')