Merge branch 'evals' of https://github.com/buster-so/buster into evals

2025-03-17 16:20:17 -06:00 · 2025-03-17 16:20:17 -06:00 · 4dcb40f49e
parent bc3558315f d6539e8078
commit 4dcb40f49e
3 changed files with 10 additions and 14 deletions
--- a/api/libs/braintrust/tests/integration_tests.rs
+++ b/api/libs/braintrust/tests/integration_tests.rs
@ -85,7 +85,7 @@ async fn test_real_trace_with_spans() -> Result<()> {
    }
    // Create client (None means use env var)
-    let client = BraintrustClient::new(None, "c7b996a6-1c7c-482d-b23f-3d39de16f433")?;
+    let client = BraintrustClient::new(None, "172afc4a-16b7-4d59-978e-4c87cade87b6")?;
    // Create a trace
    let trace_id = uuid::Uuid::new_v4().to_string();
--- a/api/libs/middleware/Cargo.toml
+++ b/api/libs/middleware/Cargo.toml
@ -14,6 +14,7 @@ tracing = { workspace = true }
 uuid = { workspace = true }
 diesel = { workspace = true }
 diesel-async = { workspace = true }
 lazy_static = { workspace = true }
 # Auth-specific dependencies
 jsonwebtoken = { workspace = true }
--- a/api/libs/middleware/src/auth.rs
+++ b/api/libs/middleware/src/auth.rs
@ -12,9 +12,15 @@ use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation};
 use serde::{Deserialize, Serialize};
 use std::{collections::HashMap, env};
 use uuid::Uuid;
 use lazy_static::lazy_static;
 use crate::types::{AuthenticatedUser, OrganizationMembership, TeamMembership};
 lazy_static! {
    static ref JWT_SECRET: String = env::var("JWT_SECRET").expect("JWT_SECRET is not set");
    static ref WEBHOOK_TOKEN: String = env::var("BUSTER_WH_TOKEN").expect("BUSTER_WH_TOKEN is not set");
 }
 #[derive(Serialize, Deserialize, Debug, Clone)]
 pub struct JwtClaims {
    pub aud: String,
@ -44,8 +50,6 @@ pub async fn auth(mut req: Request, next: Next) -> Result<Response, StatusCode>
        }
    };
    let buster_wh_token = env::var("BUSTER_WH_TOKEN").expect("BUSTER_WH_TOKEN is not set");
    let bearer_token = req.headers().get("Authorization").and_then(|value| {
        value.to_str().ok().and_then(|v| {
            if v.starts_with("Bearer ") {
@ -57,7 +61,7 @@ pub async fn auth(mut req: Request, next: Next) -> Result<Response, StatusCode>
    });
    if let Some(token) = bearer_token {
-        if token == buster_wh_token {
+        if token == *WEBHOOK_TOKEN {
            return Ok(next.run(req).await);
        }
    }
@ -95,20 +99,11 @@ pub async fn auth(mut req: Request, next: Next) -> Result<Response, StatusCode>
 }
 async fn authorize_current_user(token: &str) -> Result<Option<AuthenticatedUser>> {
    let pg_pool = get_pg_pool();
    let _conn = pg_pool.get().await.map_err(|e| {
        tracing::error!("Pool connection error in auth: {:?}", e);
        anyhow!("Database connection error in auth")
    })?;
    let key = env::var("JWT_SECRET").expect("JWT_SECRET is not set");
    let mut validation = Validation::new(Algorithm::HS256);
    validation.set_audience(&["authenticated", "api"]);
    let token_data =
-        match decode::<JwtClaims>(token, &DecodingKey::from_secret(key.as_ref()), &validation) {
+        match decode::<JwtClaims>(token, &DecodingKey::from_secret(JWT_SECRET.as_ref()), &validation) {
            Ok(jwt_claims) => jwt_claims.claims,
            Err(e) => {
                return Err(anyhow!("Error while decoding the token: {}", e));