pokemon/nuzlocke-tracker
1
1
Fork 0
Code Issues Pull Requests 10 Actions Packages Projects Releases Wiki Activity

Merge pull request 'fix:add debugging endpoint for auth issues' (#90) from develop into main

Browse Source 
Reviewed-on: #90
This commit was merged in pull request #90.
This commit is contained in:
TheFurya
2026-03-22 12:17:30 +01:00
parent 403ad823ef d8fec0e5d7
commit dc75c94fac
2 changed files with 48 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
backend/src/app/api/health.py
View File

@@ -1,6 +1,10 @@
from fastapi import APIRouter import urllib.request
from fastapi import APIRouter, Request
from sqlalchemy import text from sqlalchemy import text
from app.core.auth import _build_jwks_url, _extract_token, _get_jwks_client
from app.core.config import settings
from app.core.database import async_session from app.core.database import async_session
router = APIRouter(tags=["health"]) router = APIRouter(tags=["health"])
@@ -23,3 +27,45 @@ async def health_check():
async def root(): async def root():
"""Root endpoint.""" """Root endpoint."""
return {"message": "Nuzlocke Tracker API", "docs": "/docs"} return {"message": "Nuzlocke Tracker API", "docs": "/docs"}
@router.get("/auth-debug")
async def auth_debug(request: Request):
"""Temporary diagnostic endpoint for auth debugging."""
result: dict = {}
# Config
result["supabase_url"] = settings.supabase_url
result["has_jwt_secret"] = bool(settings.supabase_jwt_secret)
result["jwks_url"] = (
_build_jwks_url(settings.supabase_url) if settings.supabase_url else None
)
# JWKS fetch
jwks_url = result["jwks_url"]
if jwks_url:
try:
with urllib.request.urlopen(jwks_url, timeout=5) as resp:
result["jwks_status"] = resp.status
result["jwks_body"] = resp.read().decode()
except Exception as e:
result["jwks_fetch_error"] = str(e)
# JWKS client
client = _get_jwks_client()
result["jwks_client_exists"] = client is not None
# Token info (header only, no secrets)
token = _extract_token(request)
if token:
import jwt
try:
header = jwt.get_unverified_header(token)
result["token_header"] = header
except Exception as e:
result["token_header_error"] = str(e)
else:
result["token"] = "not provided"
return result

2
backend/src/app/core/auth.py
View File

@@ -90,7 +90,7 @@ def _verify_jwt(token: str) -> dict | None:
except PyJWKSetError as e: except PyJWKSetError as e:
logger.warning("JWKS set error: %s", e) logger.warning("JWKS set error: %s", e)
else: else:
logger.debug("No JWKS client available (SUPABASE_URL not set?)") logger.warning("No JWKS client available (SUPABASE_URL not set?)")
return _verify_jwt_hs256(token) return _verify_jwt_hs256(token)