-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem: Crash when trying to auth via websocket #630
Conversation
The auth function in websocket was crashing when the header "X-Auth-Signature" wasn't passed, even that authentification method wasn't used. Make it an option in the method so we can still have error raised in normal header auth
SummaryThe PR modifies two files in the In the In the HighlightsIn the -def authenticate_api_request(request: web.Request) -> bool:
+def authenticate_api_request(request: web.Request, raises_on_missing_header=True) -> bool: In the -if authenticate_api_request(request):
+if authenticate_api_request(request, raises_on_missing_header=False): ConclusionThis PR appears to be at the 'BLUE' level of complexity. It involves small changes and refactorings that are unlikely to introduce bugs or risks. User Message--- aleph-im/aleph-node --- Rules: No additional rules provided Diff: class SyncManager: diff --git a/src/aleph/node/sync/sync_util.py b/src/aleph/node/sync/sync_util.py
AssistantCategory: RED SummaryThe PR introduces a new file The PR also modifies an existing file HighlightsIn the import asyncio
from typing import Optional
from aleph.model.message import Message
from aleph.model import MessageType
from aleph.model.storage import MessageStorage
async def get_last_message(storage: MessageStorage, type_: MessageType, address: Optional[str] = None) -> Optional[Message]:
"""Get the last message of a given type."""
return await storage.get_last_message(type_, address) In the from . import syncer
from . import sync_status
from . import sync_history
from . import sync_progress
+from . import sync_util
class SyncManager:
"""Manage sync tasks.""" ConclusionThis PR appears to be at the 'RED' level of complexity. It introduces a new utility function and adds a new module to an existing package, which could potentially introduce new bugs or risks if not properly implemented. However, the impact on the codebase and the need for a deeper review is moderate, as the new module and function are relatively small and isolated. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #630 +/- ##
==========================================
- Coverage 53.87% 53.82% -0.06%
==========================================
Files 58 58
Lines 5310 5306 -4
Branches 594 593 -1
==========================================
- Hits 2861 2856 -5
Misses 2311 2311
- Partials 138 139 +1 ☔ View full report in Codecov by Sentry. |
Calling My proposal on this branch: #632 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My proposal on this branch: #632
…connections (#632) Fix: Endpoint `authenticate_api_request` is not adequate for Websocket connections This caused issues when header "X-Auth-Signature" was not passed.
The auth function in websocket was crashing when the header "X-Auth-Signature" wasn't passed, even that authentification method wasn't used.
Make it an option in the method so we can still have error raised in normal header auth