Ling0925
/
buster
mirror of https://github.com/buster-so/buster.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'evals' of https://github.com/buster-so/buster into evals

This commit is contained in:
Nate Kelley 2025-03-17 16:20:17 -06:00
parent bc3558315f d6539e8078
commit 4dcb40f49e
No known key found for this signature in database
GPG Key ID: FD90372AB8D98B4F
3 changed files with 10 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/libs/braintrust/tests/integration_tests.rs
View File

@ -85,7 +85,7 @@ async fn test_real_trace_with_spans() -> Result<()> {
}
// Create client (None means use env var)
let client = BraintrustClient::new(None, "c7b996a6-1c7c-482d-b23f-3d39de16f433")?;
let client = BraintrustClient::new(None, "172afc4a-16b7-4d59-978e-4c87cade87b6")?;
// Create a trace
let trace_id = uuid::Uuid::new_v4().to_string();

1
api/libs/middleware/Cargo.toml
View File

@ -14,6 +14,7 @@ tracing = { workspace = true }
uuid = { workspace = true }
diesel = { workspace = true }
diesel-async = { workspace = true }
lazy_static = { workspace = true }
# Auth-specific dependencies
jsonwebtoken = { workspace = true }

21
api/libs/middleware/src/auth.rs
View File

@ -12,9 +12,15 @@ use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation};
use serde::{Deserialize, Serialize};
use std::{collections::HashMap, env};
use uuid::Uuid;
use lazy_static::lazy_static;
use crate::types::{AuthenticatedUser, OrganizationMembership, TeamMembership};
lazy_static! {
static ref JWT_SECRET: String = env::var("JWT_SECRET").expect("JWT_SECRET is not set");
static ref WEBHOOK_TOKEN: String = env::var("BUSTER_WH_TOKEN").expect("BUSTER_WH_TOKEN is not set");
}
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct JwtClaims {
pub aud: String,
@ -44,8 +50,6 @@ pub async fn auth(mut req: Request, next: Next) -> Result<Response, StatusCode>
}
};
let buster_wh_token = env::var("BUSTER_WH_TOKEN").expect("BUSTER_WH_TOKEN is not set");
let bearer_token = req.headers().get("Authorization").and_then(|value| {
value.to_str().ok().and_then(|v| {
if v.starts_with("Bearer ") {
@ -57,7 +61,7 @@ pub async fn auth(mut req: Request, next: Next) -> Result<Response, StatusCode>
});
if let Some(token) = bearer_token {
if token == buster_wh_token {
if token == *WEBHOOK_TOKEN {
return Ok(next.run(req).await);
}
}
@ -95,20 +99,11 @@ pub async fn auth(mut req: Request, next: Next) -> Result<Response, StatusCode>
}
async fn authorize_current_user(token: &str) -> Result<Option<AuthenticatedUser>> {
let pg_pool = get_pg_pool();
let _conn = pg_pool.get().await.map_err(|e| {
tracing::error!("Pool connection error in auth: {:?}", e);
anyhow!("Database connection error in auth")
})?;
let key = env::var("JWT_SECRET").expect("JWT_SECRET is not set");
let mut validation = Validation::new(Algorithm::HS256);
validation.set_audience(&["authenticated", "api"]);
let token_data =
match decode::<JwtClaims>(token, &DecodingKey::from_secret(key.as_ref()), &validation) {
match decode::<JwtClaims>(token, &DecodingKey::from_secret(JWT_SECRET.as_ref()), &validation) {
Ok(jwt_claims) => jwt_claims.claims,
Err(e) => {
return Err(anyhow!("Error while decoding the token: {}", e));