8d26731096
Replace all logging.warning(f'Bad Token: {token}') calls with
logging.warning('Bad Token: [REDACTED]') across 30 router files.
Full bearer tokens were being written to log files on auth failures.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
34 lines
958 B
Python
34 lines
958 B
Python
from fastapi import APIRouter, Depends, HTTPException
|
|
import logging
|
|
|
|
from ..db_engine import Player
|
|
from ..dependencies import oauth2_scheme, valid_token, LOG_DATA, PRIVATE_IN_SCHEMA
|
|
|
|
logging.basicConfig(
|
|
filename=LOG_DATA['filename'],
|
|
format=LOG_DATA['format'],
|
|
level=LOG_DATA['log_level']
|
|
)
|
|
|
|
router = APIRouter(
|
|
prefix='/api/v2/admin',
|
|
tags=['Admin']
|
|
)
|
|
|
|
|
|
@router.post('/stl-fix', include_in_schema=PRIVATE_IN_SCHEMA)
|
|
async def stl_cardinals_fix(token: str = Depends(oauth2_scheme)):
|
|
if not valid_token(token):
|
|
logging.warning('Bad Token: [REDACTED]')
|
|
raise HTTPException(
|
|
status_code=401,
|
|
detail='You are not authorized to post. This event has been logged.'
|
|
)
|
|
|
|
p_query = Player.update(mlbclub='St Louis Cardinals', franchise='St Louis Cardinals').where(
|
|
Player.mlbclub == 'St. Louis Cardinals'
|
|
).execute()
|
|
|
|
return {'detail': f'Removed the period from St Louis'}
|
|
|