Spaces:
Sleeping
Sleeping
Commit Β·
f79d4f9
1
Parent(s): 36ecfa1
fix: add timeouts to Redis and Supabase DB calls in login endpoint
Browse filesSocket timeout prevents Redis from hanging indefinitely on Upstash.
DB auth wrapped in run_in_executor+wait_for so a slow Supabase call
cannot block the async event loop.
- src/auth/router.py +11 -2
src/auth/router.py
CHANGED
|
@@ -73,7 +73,12 @@ def _make_cookie_kwargs() -> dict:
|
|
| 73 |
|
| 74 |
|
| 75 |
async def _redis() -> aioredis.Redis:
|
| 76 |
-
return aioredis.from_url(
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 77 |
|
| 78 |
|
| 79 |
async def _get_session(session_id: str) -> dict | None:
|
|
@@ -127,10 +132,14 @@ async def login(body: LoginRequest, response: Response) -> dict:
|
|
| 127 |
|
| 128 |
# ββ Try DB-backed auth first βββββββββββββββββββββββββββββ
|
| 129 |
try:
|
|
|
|
| 130 |
import bcrypt
|
| 131 |
from src.auth.db import get_allowed_channel_ids, get_user_by_email, get_user_team_id
|
| 132 |
|
| 133 |
-
db_user =
|
|
|
|
|
|
|
|
|
|
| 134 |
if db_user and db_user.get("password_hash"):
|
| 135 |
pw_match = bcrypt.checkpw(
|
| 136 |
body.password.encode(),
|
|
|
|
| 73 |
|
| 74 |
|
| 75 |
async def _redis() -> aioredis.Redis:
|
| 76 |
+
return aioredis.from_url(
|
| 77 |
+
settings.redis_url,
|
| 78 |
+
decode_responses=True,
|
| 79 |
+
socket_timeout=5,
|
| 80 |
+
socket_connect_timeout=5,
|
| 81 |
+
)
|
| 82 |
|
| 83 |
|
| 84 |
async def _get_session(session_id: str) -> dict | None:
|
|
|
|
| 132 |
|
| 133 |
# ββ Try DB-backed auth first βββββββββββββββββββββββββββββ
|
| 134 |
try:
|
| 135 |
+
import asyncio
|
| 136 |
import bcrypt
|
| 137 |
from src.auth.db import get_allowed_channel_ids, get_user_by_email, get_user_team_id
|
| 138 |
|
| 139 |
+
db_user = await asyncio.wait_for(
|
| 140 |
+
asyncio.get_event_loop().run_in_executor(None, get_user_by_email, email),
|
| 141 |
+
timeout=5,
|
| 142 |
+
)
|
| 143 |
if db_user and db_user.get("password_hash"):
|
| 144 |
pw_match = bcrypt.checkpw(
|
| 145 |
body.password.encode(),
|