jonas/alpinebits_python
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

email_notifications #7

Merged
jonas merged 18 commits from email_notifications into main 2025-10-16 13:20:27 +00:00
Conversation 0 Commits 18 Files Changed 27 +21 -2
1 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 9104c60956 - Show all commits

23
src/alpine_bits_python/api.py
View File

@@ -57,6 +57,9 @@ security_basic = HTTPBasic()
# HTTP Bearer auth for API endpoints # HTTP Bearer auth for API endpoints
security_bearer = HTTPBearer() security_bearer = HTTPBearer()
# Constants for token sanitization
TOKEN_LOG_LENGTH = 10
# Pydantic models for language detection # Pydantic models for language detection
class LanguageDetectionRequest(BaseModel): class LanguageDetectionRequest(BaseModel):
@@ -405,9 +408,25 @@ async def detect_language(
token = credentials.credentials token = credentials.credentials
config = request.app.state.config config = request.app.state.config
# Check if token is valid (you may want to implement proper token validation) # Check if token is valid
valid_tokens = config.get("api_tokens", []) valid_tokens = config.get("api_tokens", [])
if not valid_tokens or token not in valid_tokens:
# If no tokens configured, reject authentication
if not valid_tokens:
_LOGGER.error("No api_tokens configured in config.yaml")
raise HTTPException(
status_code=401,
detail="Authentication token not configured on server",
)
if token not in valid_tokens:
# Log sanitized token (first TOKEN_LOG_LENGTH chars) for security
sanitized_token = (
token[:TOKEN_LOG_LENGTH] + "..."
if len(token) > TOKEN_LOG_LENGTH
else token
)
_LOGGER.warning("Invalid token attempt: %s", sanitized_token)
raise HTTPException( raise HTTPException(
status_code=401, status_code=401,
detail="Invalid authentication token", detail="Invalid authentication token",