Fix .gitignore and add missing authentication source files
This commit fixes overly broad .gitignore patterns that were excluding important source code files from version control. Previously, wildcard patterns like *auth*, *token*, *secret*, *connection*, and *credential* were excluding ALL files containing these words, including critical application code. Changes: - Updated .gitignore with specific patterns for sensitive config files (*.json, *.txt, *.yml, *.yaml extensions only) - Removed broad wildcards that excluded source code files Added missing source files: - shared/auth/ (9 files): Complete authentication system - JWT handler, middleware, auth service, models, routes - reports-app/backend/app/routers/auth.py: Authentication API router - reports-app/backend/app/auth_middleware_wrapper.py: Middleware wrapper - reports-app/frontend/src/stores/auth.js: Vue.js auth store - reports-app/frontend/tests/: E2E tests and fixtures for auth - reports-app/telegram-bot/app/auth/: Telegram auth linking module - deployment/windows/scripts/Setup-ClaudeAuth.ps1: Windows deployment script - security/secrets_scanner.py: Security scanning utility These files are essential for the application to function and should have been included in the initial commit. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
78
reports-app/backend/app/auth_middleware_wrapper.py
Normal file
78
reports-app/backend/app/auth_middleware_wrapper.py
Normal file
@@ -0,0 +1,78 @@
|
||||
"""
|
||||
Wrapper pentru AuthenticationMiddleware cu fix pentru endpoint-urile protejate
|
||||
"""
|
||||
from fastapi import Request, status
|
||||
from fastapi.responses import JSONResponse
|
||||
from starlette.middleware.base import BaseHTTPMiddleware
|
||||
import sys
|
||||
import os
|
||||
|
||||
sys.path.append(os.path.join(os.path.dirname(__file__), '../../../shared'))
|
||||
|
||||
from auth.middleware import AuthenticationMiddleware
|
||||
from auth.models import AuthError
|
||||
|
||||
|
||||
class FixedAuthenticationMiddleware(BaseHTTPMiddleware):
|
||||
"""
|
||||
Wrapper pentru AuthenticationMiddleware care aplică fix-ul pentru endpoint-urile protejate
|
||||
"""
|
||||
|
||||
def __init__(self, app, **kwargs):
|
||||
super().__init__(app)
|
||||
# Create the original middleware instance without wrapping in BaseHTTPMiddleware
|
||||
self.auth_middleware = AuthenticationMiddleware(app, **kwargs)
|
||||
print("[FIXED MIDDLEWARE] FixedAuthenticationMiddleware initialized")
|
||||
print(f"[FIXED MIDDLEWARE] Original middleware type: {type(self.auth_middleware)}")
|
||||
|
||||
async def dispatch(self, request: Request, call_next):
|
||||
"""
|
||||
Aplică fix-ul pentru endpoint-urile protejate:
|
||||
- Returnează 401 pentru căile protejate fără token în loc să seteze request.state
|
||||
"""
|
||||
path = request.url.path
|
||||
print(f"[FIXED MIDDLEWARE] Processing path: {path}")
|
||||
|
||||
# Verifică dacă path-ul trebuie exclus
|
||||
excluded_paths = ["/docs", "/health", "/api/auth/login", "/redoc", "/openapi.json"]
|
||||
is_excluded = (path == "/" or any(path.startswith(excluded) for excluded in excluded_paths))
|
||||
print(f"[FIXED MIDDLEWARE] Checking exclusions for {path}")
|
||||
print(f"[FIXED MIDDLEWARE] Excluded paths: {excluded_paths}")
|
||||
print(f"[FIXED MIDDLEWARE] Is excluded: {is_excluded}")
|
||||
|
||||
if is_excluded:
|
||||
print(f"[FIXED MIDDLEWARE] Path {path} is excluded, skipping auth")
|
||||
request.state.user = None
|
||||
request.state.is_authenticated = False
|
||||
response = await call_next(request)
|
||||
return response
|
||||
|
||||
# Extrage token-ul
|
||||
authorization = request.headers.get("Authorization")
|
||||
print(f"[FIXED MIDDLEWARE] Authorization header: {authorization}")
|
||||
|
||||
if not authorization or not authorization.startswith("Bearer "):
|
||||
print(f"[FIXED MIDDLEWARE] No valid token for protected path {path}, returning 401")
|
||||
|
||||
error = AuthError(
|
||||
error="authentication_required",
|
||||
error_description="Authentication required",
|
||||
error_code="AUTH_003"
|
||||
)
|
||||
|
||||
return JSONResponse(
|
||||
status_code=status.HTTP_401_UNAUTHORIZED,
|
||||
content=error.dict(),
|
||||
headers={"WWW-Authenticate": "Bearer"}
|
||||
)
|
||||
|
||||
# Token există, să îl validez prin middleware-ul original
|
||||
print(f"[FIXED MIDDLEWARE] Token found, delegating to original middleware")
|
||||
try:
|
||||
result = await self.auth_middleware.dispatch(request, call_next)
|
||||
print(f"[FIXED MIDDLEWARE] Original middleware returned: {type(result)}")
|
||||
print(f"[FIXED MIDDLEWARE] Request state after middleware: user={getattr(request.state, 'user', 'MISSING')}, is_authenticated={getattr(request.state, 'is_authenticated', 'MISSING')}")
|
||||
return result
|
||||
except Exception as e:
|
||||
print(f"[FIXED MIDDLEWARE] Exception in original middleware: {str(e)}")
|
||||
raise
|
||||
Reference in New Issue
Block a user