cal/paper-dynasty-database
1
0
Fork 0
Code Issues 7 Pull Requests 4 Actions Packages Projects Releases Wiki Activity

fix: remove plaintext bearer token from warning logs (#7)

Browse Source 
Replace all logging.warning(f'Bad Token: {token}') calls with
logging.warning('Bad Token: [REDACTED]') across 30 router files.
Full bearer tokens were being written to log files on auth failures.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Cal Corum 2026-03-03 23:02:11 -06:00
parent 761c0a6dab
commit 8d26731096
30 changed files with 107 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/routers_v2/admin.py
View File

@ -19,7 +19,7 @@ router = APIRouter(
@router.post('/stl-fix', include_in_schema=PRIVATE_IN_SCHEMA)
async def stl_cardinals_fix(token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post. This event has been logged.'

4
app/routers_v2/awards.py
View File

@ -99,7 +99,7 @@ async def get_one_award(award_id, csv: Optional[bool] = None):
@router.post('', include_in_schema=PRIVATE_IN_SCHEMA)
async def post_awards(award: AwardModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post awards. This event has been logged.'
@ -128,7 +128,7 @@ async def post_awards(award: AwardModel, token: str = Depends(oauth2_scheme)):
@router.delete('/{award_id}', include_in_schema=PRIVATE_IN_SCHEMA)
async def delete_award(award_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete awards. This event has been logged.'

4
app/routers_v2/batstats.py
View File

@ -178,7 +178,7 @@ async def get_player_stats(
@router.post('', include_in_schema=PRIVATE_IN_SCHEMA)
async def post_batstats(stats: BattingStatModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post stats. This event has been logged.'
@ -234,7 +234,7 @@ async def post_batstats(stats: BattingStatModel, token: str = Depends(oauth2_sch
@router.delete('/{stat_id}', include_in_schema=PRIVATE_IN_SCHEMA)
async def delete_batstat(stat_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete stats. This event has been logged.'

14
app/routers_v2/battingcardratings.py
View File

@ -159,7 +159,7 @@ async def get_card_ratings(
status_code=401, detail="You are not authorized to pull card ratings."
)
# elif not valid_token(token):
# logging.warning(f'Bad Token: {token}')
# logging.warning('Bad Token: [REDACTED]')
# db.close()
# raise HTTPException(
# status_code=401,
@ -354,7 +354,7 @@ async def get_card_scouting(team_id: int, ts: str):
@router.post("/calculate/scouting", include_in_schema=PRIVATE_IN_SCHEMA)
async def post_calc_scouting(token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to calculate card ratings."
)
@ -390,7 +390,7 @@ async def get_basic_scouting(cardset_id: list = Query(default=None)):
@router.post("/calculate/basic", include_in_schema=PRIVATE_IN_SCHEMA)
async def post_calc_basic(token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to calculate basic ratings."
)
@ -636,7 +636,7 @@ async def post_calc_basic(token: str = Depends(oauth2_scheme)):
@router.get("/{ratings_id}")
async def get_one_rating(ratings_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to pull card ratings."
)
@ -659,7 +659,7 @@ async def get_player_ratings(
token: str = Depends(oauth2_scheme),
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to pull card ratings."
)
@ -686,7 +686,7 @@ async def get_player_ratings(
@router.put("", include_in_schema=PRIVATE_IN_SCHEMA)
async def put_ratings(ratings: RatingsList, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to post card ratings."
)
@ -720,7 +720,7 @@ async def put_ratings(ratings: RatingsList, token: str = Depends(oauth2_scheme))
@router.delete("/{ratings_id}", include_in_schema=PRIVATE_IN_SCHEMA)
async def delete_rating(ratings_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to post card ratings."
)

8
app/routers_v2/battingcards.py
View File

@ -102,7 +102,7 @@ async def get_player_cards(
@router.put("")
async def put_cards(cards: BattingCardList, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post batting cards. This event has been logged.",
@ -170,7 +170,7 @@ async def patch_card(
token: str = Depends(oauth2_scheme),
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to patch batting cards. This event has been logged.",
@ -214,7 +214,7 @@ async def patch_card(
@router.delete("/{card_id}")
async def delete_card(card_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete batting cards. This event has been logged.",
@ -239,7 +239,7 @@ async def delete_card(card_id: int, token: str = Depends(oauth2_scheme)):
@router.delete("")
async def delete_all_cards(token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete batting cards. This event has been logged.",

4
app/routers_v2/cardpositions.py
View File

@ -113,7 +113,7 @@ async def get_one_position(position_id: int):
@router.put("")
async def put_positions(positions: PositionList, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post card positions. This event has been logged.",
@ -151,7 +151,7 @@ async def put_positions(positions: PositionList, token: str = Depends(oauth2_sch
@router.delete("/{position_id}")
async def delete_position(position_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete card positions. This event has been logged.",

16
app/routers_v2/cards.py
View File

@ -150,7 +150,7 @@ async def v1_cards_get_one(card_id, csv: Optional[bool] = False):
@router.post('')
async def v1_cards_post(cards: CardModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post cards. This event has been logged.'
@ -192,7 +192,7 @@ async def v1_cards_post(cards: CardModel, token: str = Depends(oauth2_scheme)):
# @router.post('/ai-update')
# async def v1_cards_ai_update(token: str = Depends(oauth2_scheme)):
# if not valid_token(token):
# logging.warning(f'Bad Token: {token}')
# logging.warning('Bad Token: [REDACTED]')
# db.close()
# raise HTTPException(
# status_code=401,
@ -207,7 +207,7 @@ async def v1_cards_post(cards: CardModel, token: str = Depends(oauth2_scheme)):
async def v1_cards_legal_check(
rarity_name: str, card_id: list = Query(default=None), token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='Unauthorized'
@ -239,7 +239,7 @@ async def v1_cards_legal_check(
@router.post('/post-update/{starting_id}')
async def v1_cards_post_update(starting_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to update card lists. This event has been logged.'
@ -252,7 +252,7 @@ async def v1_cards_post_update(starting_id: int, token: str = Depends(oauth2_sch
@router.post('/post-delete')
async def v1_cards_post_delete(del_ids: str, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete card lists. This event has been logged.'
@ -265,7 +265,7 @@ async def v1_cards_post_delete(del_ids: str, token: str = Depends(oauth2_scheme)
@router.post('/wipe-team/{team_id}')
async def v1_cards_wipe_team(team_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to wipe teams. This event has been logged.'
@ -287,7 +287,7 @@ async def v1_cards_patch(
value: Optional[int] = None, variant: Optional[int] = None, roster1_id: Optional[int] = None, roster2_id: Optional[int] = None,
roster3_id: Optional[int] = None, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch cards. This event has been logged.'
@ -330,7 +330,7 @@ async def v1_cards_patch(
@router.delete('/{card_id}')
async def v1_cards_delete(card_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete packs. This event has been logged.'

6
app/routers_v2/cardsets.py
View File

@ -174,7 +174,7 @@ async def get_one_cardset(cardset_id, csv: Optional[bool] = False):
@router.post('')
async def post_cardsets(cardset: CardsetModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post cardsets. This event has been logged.'
@ -203,7 +203,7 @@ async def patch_cardsets(
for_purchase: Optional[bool] = None, total_cards: Optional[int] = None, ranked_legal: Optional[bool] = None,
token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch cardsets. This event has been logged.'
@ -239,7 +239,7 @@ async def patch_cardsets(
@router.delete('/{cardset_id}')
async def delete_cardsets(cardset_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete cardsets. This event has been logged.'

6
app/routers_v2/current.py
View File

@ -69,7 +69,7 @@ async def get_one_current(current_id, csv: Optional[bool] = False):
@router.post('', include_in_schema=PRIVATE_IN_SCHEMA)
async def post_current(current: CurrentModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post current. This event has been logged.'
@ -100,7 +100,7 @@ async def patch_current(
gsheet_template: Optional[str] = None, gsheet_version: Optional[str] = None,
live_scoreboard: Optional[int] = None, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch current. This event has been logged.'
@ -134,7 +134,7 @@ async def patch_current(
@router.delete('/{current_id}', include_in_schema=PRIVATE_IN_SCHEMA)
async def delete_current(current_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete current. This event has been logged.'

8
app/routers_v2/decisions.py
View File

@ -206,7 +206,7 @@ async def patch_decision(
token: str = Depends(oauth2_scheme),
):
if not valid_token(token):
logging.warning(f"patch_decision - Bad Token: {token}")
logging.warning("patch_decision - Bad Token: [REDACTED]")
raise HTTPException(status_code=401, detail="Unauthorized")
this_dec = Decision.get_or_none(Decision.id == decision_id)
@ -246,7 +246,7 @@ async def patch_decision(
@router.post("")
async def post_decisions(dec_list: DecisionList, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"post_decisions - Bad Token: {token}")
logging.warning("post_decisions - Bad Token: [REDACTED]")
raise HTTPException(status_code=401, detail="Unauthorized")
new_dec = []
@ -276,7 +276,7 @@ async def post_decisions(dec_list: DecisionList, token: str = Depends(oauth2_sch
@router.delete("/{decision_id}")
async def delete_decision(decision_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"delete_decision - Bad Token: {token}")
logging.warning("delete_decision - Bad Token: [REDACTED]")
raise HTTPException(status_code=401, detail="Unauthorized")
this_dec = Decision.get_or_none(Decision.id == decision_id)
@ -298,7 +298,7 @@ async def delete_decision(decision_id: int, token: str = Depends(oauth2_scheme))
@router.delete("/game/{game_id}")
async def delete_decisions_game(game_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"delete_decisions_game - Bad Token: {token}")
logging.warning("delete_decisions_game - Bad Token: [REDACTED]")
raise HTTPException(status_code=401, detail="Unauthorized")
this_game = StratGame.get_or_none(StratGame.id == game_id)

6
app/routers_v2/events.py
View File

@ -89,7 +89,7 @@ async def v1_events_get_one(event_id, csv: Optional[bool] = False):
@router.post('')
async def v1_events_post(event: EventModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post events. This event has been logged.'
@ -125,7 +125,7 @@ async def v1_events_patch(
url: Optional[str] = None, thumbnail: Optional[str] = None, active: Optional[bool] = None,
token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch events. This event has been logged.'
@ -161,7 +161,7 @@ async def v1_events_patch(
@router.delete('/{event_id}')
async def v1_events_delete(event_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete events. This event has been logged.'

6
app/routers_v2/gamerewards.py
View File

@ -89,7 +89,7 @@ async def v1_gamerewards_get_one(gamereward_id, csv: Optional[bool] = None):
@router.post('')
async def v1_gamerewards_post(game_reward: GameRewardModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post game rewards. This event has been logged.'
@ -118,7 +118,7 @@ async def v1_gamerewards_patch(
game_reward_id: int, name: Optional[str] = None, pack_type_id: Optional[int] = None,
player_id: Optional[int] = None, money: Optional[int] = None, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch gamerewards. This event has been logged.'
@ -159,7 +159,7 @@ async def v1_gamerewards_patch(
@router.delete('/{gamereward_id}')
async def v1_gamerewards_delete(gamereward_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete awards. This event has been logged.'

4
app/routers_v2/gauntletrewards.py
View File

@ -83,7 +83,7 @@ async def v1_gauntletreward_patch(
token: str = Depends(oauth2_scheme),
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to patch gauntlet rewards. This event has been logged.",
@ -116,7 +116,7 @@ async def v1_gauntletreward_post(
gauntletreward: GauntletRewardList, token: str = Depends(oauth2_scheme)
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post gauntlets. This event has been logged.",

4
app/routers_v2/gauntletruns.py
View File

@ -102,7 +102,7 @@ async def patch_gauntletrun(
gsheet: Optional[str] = None, created: Optional[bool] = None, ended: Optional[bool] = None,
token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch gauntlet runs. This event has been logged.'
@ -141,7 +141,7 @@ async def patch_gauntletrun(
@router.post('')
async def post_gauntletrun(gauntletrun: GauntletRunModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post gauntlets. This event has been logged.'

14
app/routers_v2/mlbplayers.py
View File

@ -142,7 +142,7 @@ async def patch_player(
token: str = Depends(oauth2_scheme),
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to patch mlb players. This event has been logged.",
@ -182,7 +182,7 @@ async def patch_player(
@router.post("")
async def post_players(players: PlayerList, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post mlb players. This event has been logged.",
@ -215,7 +215,7 @@ async def post_players(players: PlayerList, token: str = Depends(oauth2_scheme))
@router.post("/one")
async def post_one_player(player: PlayerModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post mlb players. This event has been logged.",
@ -250,7 +250,7 @@ async def post_one_player(player: PlayerModel, token: str = Depends(oauth2_schem
@router.delete("/{player_id}")
async def delete_player(player_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete mlb players. This event has been logged.",
@ -280,7 +280,7 @@ async def update_columns(
mlbplayer_id: Optional[int] = None, token: str = Depends(oauth2_scheme)
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to update mlb players. This event has been logged.",
@ -315,7 +315,7 @@ async def update_names(
mlbplayer_id: Optional[int] = None, token: str = Depends(oauth2_scheme)
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to update mlb players. This event has been logged.",
@ -343,7 +343,7 @@ async def update_names(
# @router.post('/link-players')
# async def post_players(token: str = Depends(oauth2_scheme)):
# if not valid_token(token):
# logging.warning(f'Bad Token: {token}')
# logging.warning('Bad Token: [REDACTED]')
# db.close()
# raise HTTPException(
# status_code=401,

6
app/routers_v2/notifications.py
View File

@ -100,7 +100,7 @@ async def get_one_notif(notif_id, csv: Optional[bool] = None):
@router.post('')
async def post_notif(notif: NotifModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post notifications. This event has been logged.'
@ -133,7 +133,7 @@ async def patch_notif(
field_name: Optional[str] = None, message: Optional[str] = None, about: Optional[str] = None,
ack: Optional[bool] = None, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch notifications. This event has been logged.'
@ -171,7 +171,7 @@ async def patch_notif(
@router.delete('/{notif_id}')
async def delete_notif(notif_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete notifications. This event has been logged.'

8
app/routers_v2/packs.py
View File

@ -133,7 +133,7 @@ async def get_one_pack(pack_id, csv: Optional[bool] = False):
@router.post('')
async def post_pack(packs: PackModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post packs. This event has been logged.'
@ -159,7 +159,7 @@ async def post_pack(packs: PackModel, token: str = Depends(oauth2_scheme)):
@router.post('/one')
async def post_one_pack(pack: PackPydantic, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post packs. This event has been logged.'
@ -189,7 +189,7 @@ async def patch_pack(
pack_id, team_id: Optional[int] = None, pack_type_id: Optional[int] = None, open_time: Optional[int] = None,
pack_team_id: Optional[int] = None, pack_cardset_id: Optional[int] = None, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch packs. This event has been logged.'
@ -232,7 +232,7 @@ async def patch_pack(
@router.delete('/{pack_id}')
async def delete_pack(pack_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete packs. This event has been logged.'

6
app/routers_v2/packtypes.py
View File

@ -93,7 +93,7 @@ async def get_one_packtype(packtype_id, csv: Optional[bool] = False):
@router.post('')
async def post_packtypes(packtype: PacktypeModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post packtypes. This event has been logged.'
@ -127,7 +127,7 @@ async def patch_packtype(
packtype_id, name: Optional[str] = None, card_count: Optional[int] = None, description: Optional[str] = None,
cost: Optional[int] = None, available: Optional[bool] = None, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch packtypes. This event has been logged.'
@ -161,7 +161,7 @@ async def patch_packtype(
@router.delete('/{packtype_id}')
async def delete_packtype(packtype_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete packtypes. This event has been logged.'

8
app/routers_v2/paperdex.py
View File

@ -100,7 +100,7 @@ async def get_one_paperdex(paperdex_id, csv: Optional[bool] = False):
@router.post('')
async def post_paperdex(paperdex: PaperdexModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post paperdex. This event has been logged.'
@ -133,7 +133,7 @@ async def patch_paperdex(
paperdex_id, team_id: Optional[int] = None, player_id: Optional[int] = None, created: Optional[int] = None,
token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch paperdex. This event has been logged.'
@ -163,7 +163,7 @@ async def patch_paperdex(
@router.delete('/{paperdex_id}')
async def delete_paperdex(paperdex_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete rewards. This event has been logged.'
@ -184,7 +184,7 @@ async def delete_paperdex(paperdex_id, token: str = Depends(oauth2_scheme)):
@router.post('/wipe-ai')
async def wipe_ai_paperdex(token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='Unauthorized'

12
app/routers_v2/pitchingcardratings.py
View File

@ -151,7 +151,7 @@ async def get_card_ratings(
token: str = Depends(oauth2_scheme),
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to pull card ratings."
)
@ -274,7 +274,7 @@ async def get_card_scouting(team_id: int, ts: str):
@router.post("/calculate/scouting")
async def post_calc_scouting(token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to calculate card ratings."
)
@ -310,7 +310,7 @@ async def get_basic_scouting():
@router.post("/calculate/basic")
async def post_calc_basic(token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to calculate basic ratings."
)
@ -489,7 +489,7 @@ async def post_calc_basic(token: str = Depends(oauth2_scheme)):
@router.get("/{ratings_id}")
async def get_one_rating(ratings_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to pull card ratings."
)
@ -530,7 +530,7 @@ async def get_player_ratings(
@router.put("")
async def put_ratings(ratings: RatingsList, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to post card ratings."
)
@ -564,7 +564,7 @@ async def put_ratings(ratings: RatingsList, token: str = Depends(oauth2_scheme))
@router.delete("/{ratings_id}")
async def delete_rating(ratings_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401, detail="You are not authorized to post card ratings."
)

8
app/routers_v2/pitchingcards.py
View File

@ -99,7 +99,7 @@ async def get_player_cards(
@router.put("")
async def put_cards(cards: PitchingCardList, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post pitching cards. This event has been logged.",
@ -164,7 +164,7 @@ async def patch_card(
token: str = Depends(oauth2_scheme),
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to patch pitching cards. This event has been logged.",
@ -204,7 +204,7 @@ async def patch_card(
@router.delete("/{card_id}")
async def delete_card(card_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete pitching cards. This event has been logged.",
@ -227,7 +227,7 @@ async def delete_card(card_id: int, token: str = Depends(oauth2_scheme)):
@router.delete("")
async def delete_all_cards(token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete pitching cards. This event has been logged.",

4
app/routers_v2/pitstats.py
View File

@ -121,7 +121,7 @@ async def get_pit_stats(
@router.post('')
async def post_pitstat(stats: PitchingStatModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post stats. This event has been logged.'
@ -168,7 +168,7 @@ async def post_pitstat(stats: PitchingStatModel, token: str = Depends(oauth2_sch
@router.delete('/{stat_id}')
async def delete_pitstat(stat_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete stats. This event has been logged.'

10
app/routers_v2/players.py
View File

@ -865,7 +865,7 @@ async def v1_players_patch(
token: str = Depends(oauth2_scheme),
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to patch players. This event has been logged.",
@ -977,7 +977,7 @@ async def v1_players_patch(
@router.put("")
async def put_players(players: PlayerModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post players. This event has been logged.",
@ -1056,7 +1056,7 @@ async def put_players(players: PlayerModel, token: str = Depends(oauth2_scheme))
@router.post("")
async def post_players(new_player: PlayerPydantic, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post players. This event has been logged.",
@ -1087,7 +1087,7 @@ async def post_image_reset(
player_id: int, dev: bool = False, token: str = Depends(oauth2_scheme)
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to modify players. This event has been logged.",
@ -1121,7 +1121,7 @@ async def post_image_reset(
@router.delete("/{player_id}")
async def delete_player(player_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete players. This event has been logged.",

6
app/routers_v2/rarity.py
View File

@ -91,7 +91,7 @@ async def get_one_rarity(rarity_id, csv: Optional[bool] = False):
@router.post('')
async def post_rarity(rarity: RarityModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post rarities. This event has been logged.'
@ -123,7 +123,7 @@ async def patch_rarity(
rarity_id, value: Optional[int] = None, name: Optional[str] = None, color: Optional[str] = None,
token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch rarities. This event has been logged.'
@ -153,7 +153,7 @@ async def patch_rarity(
@router.delete('/{rarity_id}')
async def v1_rarities_delete(rarity_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete rarities. This event has been logged.'

6
app/routers_v2/results.py
View File

@ -250,7 +250,7 @@ async def get_team_results(
@router.post('')
async def post_result(result: ResultModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post results. This event has been logged.'
@ -330,7 +330,7 @@ async def patch_result(
season: Optional[int] = None, short_game: Optional[bool] = None, game_type: Optional[str] = None,
token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch results. This event has been logged.'
@ -389,7 +389,7 @@ async def patch_result(
@router.delete('/{result_id}')
async def delete_result(result_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post results. This event has been logged.'

6
app/routers_v2/rewards.py
View File

@ -100,7 +100,7 @@ async def get_one_reward(reward_id, csv: Optional[bool] = False):
@router.post('')
async def post_rewards(reward: RewardModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to post rewards. This event has been logged.'
@ -128,7 +128,7 @@ async def patch_reward(
reward_id, name: Optional[str] = None, team_id: Optional[int] = None, created: Optional[int] = None,
token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to patch rewards. This event has been logged.'
@ -159,7 +159,7 @@ async def patch_reward(
@router.delete('/{reward_id}')
async def delete_reward(reward_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to delete rewards. This event has been logged.'

4
app/routers_v2/scouting.py
View File

@ -52,7 +52,7 @@ async def get_player_keys(player_id: list = Query(default=None)):
@router.post('/live-update/batting')
def live_update_batting(files: BattingFiles, cardset_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to initiate live updates.'
@ -86,7 +86,7 @@ def live_update_batting(files: BattingFiles, cardset_id: int, token: str = Depen
@router.post('/live-update/pitching')
def live_update_pitching(files: BattingFiles, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'Bad Token: {token}')
logging.warning('Bad Token: [REDACTED]')
raise HTTPException(
status_code=401,
detail='You are not authorized to initiate live updates.'

6
app/routers_v2/stratgame.py
View File

@ -110,7 +110,7 @@ async def patch_game(
game_id: int, game_type: Optional[str] = None, away_score: Optional[int] = None,
home_score: Optional[int] = None, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'patch_game - Bad Token: {token}')
logging.warning('patch_game - Bad Token: [REDACTED]')
raise HTTPException(status_code=401, detail='Unauthorized')
this_game = StratGame.get_or_none(StratGame.id == game_id)
@ -134,7 +134,7 @@ async def patch_game(
@router.post('')
async def post_game(this_game: GameModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'post_games - Bad Token: {token}')
logging.warning('post_games - Bad Token: [REDACTED]')
raise HTTPException(status_code=401, detail='Unauthorized')
this_game = StratGame(**this_game.dict())
@ -153,7 +153,7 @@ async def post_game(this_game: GameModel, token: str = Depends(oauth2_scheme)):
@router.delete('/{game_id}')
async def delete_game(game_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f'delete_game - Bad Token: {token}')
logging.warning('delete_game - Bad Token: [REDACTED]')
raise HTTPException(status_code=401, detail='Unauthorized')
this_game = StratGame.get_or_none(StratGame.id == game_id)

8
app/routers_v2/stratplays.py
View File

@ -1406,7 +1406,7 @@ async def patch_play(
play_id: int, new_play: PlayModel, token: str = Depends(oauth2_scheme)
):
if not valid_token(token):
logging.warning(f"patch_play - Bad Token: {token}")
logging.warning("patch_play - Bad Token: [REDACTED]")
raise HTTPException(status_code=401, detail="Unauthorized")
if StratPlay.get_or_none(StratPlay.id == play_id) is None:
@ -1420,7 +1420,7 @@ async def patch_play(
@router.post("")
async def post_plays(p_list: PlayList, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"post_plays - Bad Token: {token}")
logging.warning("post_plays - Bad Token: [REDACTED]")
raise HTTPException(status_code=401, detail="Unauthorized")
new_plays = []
@ -1470,7 +1470,7 @@ async def post_plays(p_list: PlayList, token: str = Depends(oauth2_scheme)):
@router.delete("/{play_id}")
async def delete_play(play_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"delete_play - Bad Token: {token}")
logging.warning("delete_play - Bad Token: [REDACTED]")
raise HTTPException(status_code=401, detail="Unauthorized")
this_play = StratPlay.get_or_none(StratPlay.id == play_id)
@ -1490,7 +1490,7 @@ async def delete_play(play_id: int, token: str = Depends(oauth2_scheme)):
@router.delete("/game/{game_id}")
async def delete_plays_game(game_id: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"delete_plays_game - Bad Token: {token}")
logging.warning("delete_plays_game - Bad Token: [REDACTED]")
raise HTTPException(status_code=401, detail="Unauthorized")
this_game = StratGame.get_or_none(StratGame.id == game_id)

10
app/routers_v2/teams.py
View File

@ -1317,7 +1317,7 @@ async def get_team_cards(team_id, csv: Optional[bool] = True):
@router.post("", include_in_schema=PRIVATE_IN_SCHEMA)
async def post_team(team: TeamModel, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post teams. This event has been logged.",
@ -1363,7 +1363,7 @@ async def post_team(team: TeamModel, token: str = Depends(oauth2_scheme)):
@router.post("/new-season/{new_season}", include_in_schema=PRIVATE_IN_SCHEMA)
async def team_season_update(new_season: int, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to post teams. This event has been logged.",
@ -1386,7 +1386,7 @@ async def team_update_money(
team_id: int, delta: int, token: str = Depends(oauth2_scheme)
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to adjust wallets. This event has been logged.",
@ -1431,7 +1431,7 @@ async def patch_team(
abbrev: Optional[str] = None,
):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete teams. This event has been logged.",
@ -1493,7 +1493,7 @@ async def patch_team(
@router.delete("/{team_id}", include_in_schema=PRIVATE_IN_SCHEMA)
async def delete_team(team_id, token: str = Depends(oauth2_scheme)):
if not valid_token(token):
logging.warning(f"Bad Token: {token}")
logging.warning("Bad Token: [REDACTED]")
raise HTTPException(
status_code=401,
detail="You are not authorized to delete teams. This event has been logged.",