platform

yusiboyz/platform

Fork 0

Commit Graph

Author	SHA1	Message	Date
Yusuf Suleman	fcb9383623	fix(gateway): enforce API key auth on inventory and budget services (#5 ) - Added X-API-Key middleware to inventory-service and budget-service - Services reject all requests without valid API key (401) - Gateway proxy injects service API keys for inventory and budget - Dashboard widget fetchers inject API keys - Generated unique API keys per service, stored in .env - Added SERVICE_API_KEY env var to docker-compose for both services Partial fix for #5 — internal services now require auth. Remaining: document trust model, validate service token semantics.	2026-03-29 09:06:41 -05:00
Yusuf Suleman	d9768547be	fix: security and reliability improvements - Switch HTTPServer to ThreadingHTTPServer (concurrent request handling) - Replace SHA-256 password hashing with bcrypt (auth.py, database.py) - Add bcrypt to Dockerfile - Move qBittorrent env vars to config.py - Move _booklore_token state out of config into booklore.py - Remove dead fitness_token variable in command.py - Fix OpenAI call to use default SSL context instead of no-verify ctx - Log swallowed budget fetch error in dashboard.py	2026-03-29 07:02:09 -05:00
Yusuf Suleman	7cd81181ed	Refactor gateway into modular architecture Split 1878-line server.py into 15 focused modules: - config.py: all env vars and constants - database.py: schema, init, seed logic - sessions.py: session/token CRUD - proxy.py: proxy_request, SERVICE_MAP, resolve_service - responses.py: ResponseMixin for handler helpers - auth.py: login/logout/register handlers - dashboard.py: dashboard, apps, connections, pinning - command.py: AI command bar - integrations/booklore.py: auth, books, cover, import - integrations/kindle.py: send-to-kindle, file finder - integrations/karakeep.py: save/delete bookmarks - integrations/qbittorrent.py: download status - integrations/image_proxy.py: external image proxy server.py is now thin routing only (~344 lines). All routes, methods, status codes, and responses preserved exactly. Added PYTHONUNBUFFERED=1 to Dockerfile for live logging.	2026-03-29 00:14:46 -05:00

Author

SHA1

Message

Date

Yusuf Suleman

fcb9383623

fix(gateway): enforce API key auth on inventory and budget services (#5 )

- Added X-API-Key middleware to inventory-service and budget-service
- Services reject all requests without valid API key (401)
- Gateway proxy injects service API keys for inventory and budget
- Dashboard widget fetchers inject API keys
- Generated unique API keys per service, stored in .env
- Added SERVICE_API_KEY env var to docker-compose for both services

Partial fix for #5 — internal services now require auth.
Remaining: document trust model, validate service token semantics.

2026-03-29 09:06:41 -05:00

Yusuf Suleman

d9768547be

fix: security and reliability improvements

- Switch HTTPServer to ThreadingHTTPServer (concurrent request handling)
- Replace SHA-256 password hashing with bcrypt (auth.py, database.py)
- Add bcrypt to Dockerfile
- Move qBittorrent env vars to config.py
- Move _booklore_token state out of config into booklore.py
- Remove dead fitness_token variable in command.py
- Fix OpenAI call to use default SSL context instead of no-verify ctx
- Log swallowed budget fetch error in dashboard.py

2026-03-29 07:02:09 -05:00

Yusuf Suleman

7cd81181ed

Refactor gateway into modular architecture

Split 1878-line server.py into 15 focused modules:
- config.py: all env vars and constants
- database.py: schema, init, seed logic
- sessions.py: session/token CRUD
- proxy.py: proxy_request, SERVICE_MAP, resolve_service
- responses.py: ResponseMixin for handler helpers
- auth.py: login/logout/register handlers
- dashboard.py: dashboard, apps, connections, pinning
- command.py: AI command bar
- integrations/booklore.py: auth, books, cover, import
- integrations/kindle.py: send-to-kindle, file finder
- integrations/karakeep.py: save/delete bookmarks
- integrations/qbittorrent.py: download status
- integrations/image_proxy.py: external image proxy

server.py is now thin routing only (~344 lines).
All routes, methods, status codes, and responses preserved exactly.
Added PYTHONUNBUFFERED=1 to Dockerfile for live logging.

2026-03-29 00:14:46 -05:00

3 Commits