PowerOn/gateway
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: CSRF exemption for bot endpoints, WS ping timeout, clean up debug logs

Browse source 
Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
patrick-motsch 2026-02-19 00:46:42 +01:00
parent f9aa35647b
commit 9c23fc6c52
3 changed files with 26 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
app.py
View file

@ -570,3 +570,17 @@ from modules.system.registry import loadFeatureRouters
featureLoadResults = loadFeatureRouters(app) featureLoadResults = loadFeatureRouters(app)
logger.info(f"Feature router load results: {featureLoadResults}") logger.info(f"Feature router load results: {featureLoadResults}")
# ============================================================================
# LOCAL DEV / DIRECT RUN
# ============================================================================
if __name__ == "__main__":
import uvicorn
uvicorn.run(
"app:app",
host="0.0.0.0",
port=int(os.environ.get("PORT", "8000")),
ws_ping_interval=300,
ws_ping_timeout=300,
reload=True,
)

4
modules/auth/csrf.py
View file

@ -46,9 +46,9 @@ class CSRFMiddleware(BaseHTTPMiddleware):
if request.url.path in self.exempt_paths: if request.url.path in self.exempt_paths:
return await call_next(request) return await call_next(request)
# Skip CSRF check for exempt path prefixes (bridge callbacks etc.) # Skip CSRF check for exempt path prefixes (service-to-service callbacks)
if any(request.url.path.startswith(p) for p in self._exemptPrefixes): if any(request.url.path.startswith(p) for p in self._exemptPrefixes):
if "/bridge/" in request.url.path: if "/bridge/" in request.url.path or "/bot/" in request.url.path:
return await call_next(request) return await call_next(request)
# Skip CSRF check for non-state-changing methods # Skip CSRF check for non-state-changing methods

19
modules/features/teamsbot/service.py
View file

@ -248,7 +248,7 @@ class TeamsbotService:
except Exception: except Exception:
self._botAccountEmail = None self._botAccountEmail = None
logger.info(f"[WS-DEBUG] WebSocket handler started for session {sessionId}") logger.info(f"[WS] Handler started for session {sessionId}")
try: try:
msgCount = 0 msgCount = 0
@ -257,16 +257,17 @@ class TeamsbotService:
msgCount += 1 msgCount += 1
if "text" not in data: if "text" not in data:
logger.debug(f"[WS-DEBUG] session={sessionId} msg #{msgCount}: non-text data received (keys: {list(data.keys())})") logger.debug(f"[WS] session={sessionId} msg #{msgCount}: non-text data (keys: {list(data.keys())})")
continue continue
message = json.loads(data["text"]) message = json.loads(data["text"])
msgType = message.get("type") msgType = message.get("type")
logger.info(f"[WS-DEBUG] session={sessionId} msg #{msgCount}: type={msgType}") if msgType not in ("audioChunk", "ping"):
logger.info(f"[WS] session={sessionId} msg #{msgCount}: type={msgType}")
if msgType == "transcript": if msgType == "transcript":
transcript = message.get("transcript", {}) transcript = message.get("transcript", {})
logger.info(f"[WS-DEBUG] Transcript received: speaker={transcript.get('speaker')}, text={transcript.get('text', '')[:60]}...") logger.info(f"[WS] Transcript: speaker={transcript.get('speaker')}, text={transcript.get('text', '')[:60]}...")
await self._processTranscript( await self._processTranscript(
sessionId=sessionId, sessionId=sessionId,
speaker=transcript.get("speaker", "Unknown"), speaker=transcript.get("speaker", "Unknown"),
@ -279,7 +280,7 @@ class TeamsbotService:
elif msgType == "chatMessage": elif msgType == "chatMessage":
chat = message.get("chat", {}) chat = message.get("chat", {})
logger.info(f"[WS-DEBUG] Chat message received: speaker={chat.get('speaker')}, text={chat.get('text', '')[:60]}...") logger.info(f"[WS] Chat: speaker={chat.get('speaker')}, text={chat.get('text', '')[:60]}...")
await self._processTranscript( await self._processTranscript(
sessionId=sessionId, sessionId=sessionId,
speaker=chat.get("speaker", "Unknown"), speaker=chat.get("speaker", "Unknown"),
@ -294,7 +295,7 @@ class TeamsbotService:
elif msgType == "status": elif msgType == "status":
status = message.get("status") status = message.get("status")
errorMessage = message.get("message") errorMessage = message.get("message")
logger.info(f"[WS-DEBUG] Status received: status={status}, message={errorMessage}") logger.info(f"[WS] Status: status={status}, message={errorMessage}")
await self._handleBotStatus(sessionId, status, errorMessage, interface) await self._handleBotStatus(sessionId, status, errorMessage, interface)
elif msgType == "audioChunk": elif msgType == "audioChunk":
@ -314,7 +315,7 @@ class TeamsbotService:
elif msgType == "voiceGreeting": elif msgType == "voiceGreeting":
greetingText = message.get("text", "") greetingText = message.get("text", "")
greetingLang = message.get("language", self.config.language) greetingLang = message.get("language", self.config.language)
logger.info(f"[WS-DEBUG] Voice greeting request: text={greetingText[:60]}..., language={greetingLang}") logger.info(f"[WS] Voice greeting: text={greetingText[:60]}..., language={greetingLang}")
if greetingText and voiceInterface: if greetingText and voiceInterface:
try: try:
ttsResult = await voiceInterface.textToSpeech( ttsResult = await voiceInterface.textToSpeech(
@ -342,9 +343,9 @@ class TeamsbotService:
except Exception as e: except Exception as e:
if "disconnect" not in str(e).lower(): if "disconnect" not in str(e).lower():
logger.error(f"[WS-DEBUG] WebSocket error for session {sessionId}: {type(e).__name__}: {e}") logger.error(f"[WS] Error for session {sessionId}: {type(e).__name__}: {e}")
logger.info(f"[WS-DEBUG] WebSocket handler ended for session {sessionId} after {msgCount} messages") logger.info(f"[WS] Handler ended for session {sessionId} after {msgCount} messages")
async def _handleBotStatus( async def _handleBotStatus(
self, self,