fix: add missing Response param to all rate-limited OTP endpoints to resolve slowapi decorator errors

docs/hflogs/runtimeerror.txt

@@ -1,33 +1,70 @@
-===== Application Startup at 2025-11-16 12:09:02 =====
+===== Application Startup at 2025-11-16 12:16:24 =====
 
-INFO:     Started server process [7]
+INFO:     Started server process [8]
 INFO:     Waiting for application startup.
-INFO: 2025-11-16T12:09:12 - app.main: ============================================================
-INFO: 2025-11-16T12:09:12 - app.main: 🚀 SwiftOps API v1.0.0 | PRODUCTION
-INFO: 2025-11-16T12:09:12 - app.main: ============================================================
-INFO: 2025-11-16T12:09:12 - app.main: 📦 Database:
-INFO: 2025-11-16T12:09:16 - app.main:    ✓ Connected | 42 tables | 10 users
-INFO: 2025-11-16T12:09:16 - app.main: 💾 Cache & Sessions:
-INFO: 2025-11-16T12:09:17 - app.services.otp_service: ✅ OTP Service initialized with Redis storage
-INFO: 2025-11-16T12:09:17 - app.main:    ✓ Redis: Connected
-INFO: 2025-11-16T12:09:17 - app.main: 🔌 External Services:
-INFO: 2025-11-16T12:09:18 - app.main:    ✓ Cloudinary: Connected
-INFO: 2025-11-16T12:09:18 - app.main:    ✓ Resend: Configured
-INFO: 2025-11-16T12:09:18 - app.main:    ✓ WASender: Connected
-INFO: 2025-11-16T12:09:18 - app.main:    ✓ Supabase: Connected | 6 buckets
-INFO: 2025-11-16T12:09:18 - app.main: ============================================================
-INFO: 2025-11-16T12:09:18 - app.main: ✅ Startup complete | Ready to serve requests
-INFO: 2025-11-16T12:09:18 - app.main: ============================================================
+INFO: 2025-11-16T12:16:33 - app.main: ============================================================
+INFO: 2025-11-16T12:16:33 - app.main: 🚀 SwiftOps API v1.0.0 | PRODUCTION
+INFO: 2025-11-16T12:16:33 - app.main: ============================================================
+INFO: 2025-11-16T12:16:33 - app.main: 📦 Database:
+INFO: 2025-11-16T12:16:37 - app.main:    ✓ Connected | 42 tables | 10 users
+INFO: 2025-11-16T12:16:37 - app.main: 💾 Cache & Sessions:
+INFO: 2025-11-16T12:16:38 - app.services.otp_service: ✅ OTP Service initialized with Redis storage
+INFO: 2025-11-16T12:16:38 - app.main:    ✓ Redis: Connected
+INFO: 2025-11-16T12:16:38 - app.main: 🔌 External Services:
+INFO: 2025-11-16T12:16:39 - app.main:    ✓ Cloudinary: Connected
+INFO: 2025-11-16T12:16:39 - app.main:    ✓ Resend: Configured
+INFO: 2025-11-16T12:16:39 - app.main:    ✓ WASender: Connected
+INFO: 2025-11-16T12:16:39 - app.main:    ✓ Supabase: Connected | 6 buckets
+INFO: 2025-11-16T12:16:39 - app.main: ============================================================
+INFO: 2025-11-16T12:16:39 - app.main: ✅ Startup complete | Ready to serve requests
+INFO: 2025-11-16T12:16:39 - app.main: ============================================================
 INFO:     Application startup complete.
 INFO:     Uvicorn running on http://0.0.0.0:7860 (Press CTRL+C to quit)
-INFO:     10.16.6.135:21683 - "GET /health HTTP/1.1" 200 OK
-INFO: 2025-11-16T12:11:47 - app.services.otp_service: OTP sent via whatsapp for password_reset (storage: redis)
-ERROR: 2025-11-16T12:11:48 - app.services.otp_service: Failed to send OTP: (psycopg2.errors.InvalidTextRepresentation) invalid input value for enum auditaction: "otp_sent"
-LINE 1: ...f4c9737343b'::uuid::UUID, NULL::UUID, NULL, NULL, 'otp_sent'...
-                                                             ^
-
-[SQL: INSERT INTO audit_logs (id, user_id, user_email, user_role, action, entity_type, entity_id, description, changes, ip_address, user_agent, request_id, latitude, longitude, additional_metadata, created_at) VALUES (%(id)s::UUID, %(user_id)s::UUID, %(user_email)s, %(user_role)s, %(action)s, %(entity_type)s, %(entity_id)s::UUID, %(description)s, %(changes)s, %(ip_address)s, %(user_agent)s, %(request_id)s, %(latitude)s, %(longitude)s, %(additional_metadata)s, %(created_at)s)]
-[parameters: {'id': UUID('9ae9e1ef-8b0c-4dc7-959a-4f4c9737343b'), 'user_id': None, 'user_email': None, 'user_role': None, 'action': 'otp_sent', 'entity_type': 'otp', 'entity_id': None, 'description': 'OTP sent via whatsapp for password_reset', 'changes': '{}', 'ip_address': None, 'user_agent': None, 'request_id': None, 'latitude': None, 'longitude': None, 'additional_metadata': '"{\\"purpose\\": \\"password_reset\\", \\"delivery_method\\": \\"whatsapp\\", \\"masked_contact\\": \\"l***y@example.com\\", \\"storage_type\\": \\"redis\\"}"', 'created_at': '2025-11-16T12:11:48.027066'}]
-(Background on this error at: https://sqlalche.me/e/20/9h9h)
-INFO:     10.16.39.23:4464 - "GET /?logs=container HTTP/1.1" 200 OK
-INFO:     10.16.6.135:1179 - "POST /api/v1/otp/send-public HTTP/1.1" 500 Internal Server Error
+INFO:     10.16.39.23:21217 - "GET /health HTTP/1.1" 200 OK
+INFO: 2025-11-16T12:17:25 - app.services.otp_service: OTP sent via whatsapp for password_reset (storage: redis)
+INFO: 2025-11-16T12:17:26 - app.services.audit_service: Audit log created: create on otp by system
+INFO:     10.16.39.23:46042 - "POST /api/v1/otp/send-public HTTP/1.1" 500 Internal Server Error
+ERROR:    Exception in ASGI application
+Traceback (most recent call last):
+  File "/usr/local/lib/python3.11/site-packages/uvicorn/protocols/http/httptools_impl.py", line 426, in run_asgi
+    result = await app(  # type: ignore[func-returns-value]
+             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+  File "/usr/local/lib/python3.11/site-packages/uvicorn/middleware/proxy_headers.py", line 84, in __call__
+    return await self.app(scope, receive, send)
+           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+  File "/usr/local/lib/python3.11/site-packages/fastapi/applications.py", line 1106, in __call__
+    await super().__call__(scope, receive, send)
+  File "/usr/local/lib/python3.11/site-packages/starlette/applications.py", line 122, in __call__
+    await self.middleware_stack(scope, receive, send)
+  File "/usr/local/lib/python3.11/site-packages/starlette/middleware/errors.py", line 184, in __call__
+    raise exc
+  File "/usr/local/lib/python3.11/site-packages/starlette/middleware/errors.py", line 162, in __call__
+    await self.app(scope, receive, _send)
+  File "/usr/local/lib/python3.11/site-packages/starlette/middleware/cors.py", line 83, in __call__
+    await self.app(scope, receive, send)
+  File "/usr/local/lib/python3.11/site-packages/starlette/middleware/exceptions.py", line 79, in __call__
+    raise exc
+  File "/usr/local/lib/python3.11/site-packages/starlette/middleware/exceptions.py", line 68, in __call__
+    await self.app(scope, receive, sender)
+  File "/usr/local/lib/python3.11/site-packages/fastapi/middleware/asyncexitstack.py", line 20, in __call__
+    raise e
+  File "/usr/local/lib/python3.11/site-packages/fastapi/middleware/asyncexitstack.py", line 17, in __call__
+    await self.app(scope, receive, send)
+  File "/usr/local/lib/python3.11/site-packages/starlette/routing.py", line 718, in __call__
+    await route.handle(scope, receive, send)
+  File "/usr/local/lib/python3.11/site-packages/starlette/routing.py", line 276, in handle
+    await self.app(scope, receive, send)
+  File "/usr/local/lib/python3.11/site-packages/starlette/routing.py", line 66, in app
+    response = await func(request)
+               ^^^^^^^^^^^^^^^^^^^
+  File "/usr/local/lib/python3.11/site-packages/fastapi/routing.py", line 274, in app
+    raw_response = await run_endpoint_function(
+                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+  File "/usr/local/lib/python3.11/site-packages/fastapi/routing.py", line 191, in run_endpoint_function
+    return await dependant.call(**values)
+           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+  File "/usr/local/lib/python3.11/site-packages/slowapi/extension.py", line 738, in async_wrapper
+    self._inject_headers(
+  File "/usr/local/lib/python3.11/site-packages/slowapi/extension.py", line 382, in _inject_headers
+    raise Exception(
+Exception: parameter `response` must be an instance of starlette.responses.Response

src/app/api/v1/otp.py

@@ -2,7 +2,7 @@
 OTP (One-Time Password) Endpoints
 For verification codes via email, WhatsApp, or SMS
 """
-from fastapi import APIRouter, Depends, HTTPException, status, Request
+from fastapi import APIRouter, Depends, HTTPException, status, Request, Response
 from sqlalchemy.orm import Session
 
 from app.api.deps import get_db, get_current_active_user
@@ -32,6 +32,7 @@ def get_otp_service() -> OTPService:
 @limiter.limit("5/hour")  # 5 OTP requests per hour
 async def send_otp(
     request: Request,
+    response: Response,
     otp_request: OTPRequest,
     current_user: User = Depends(get_current_active_user),
     db: Session = Depends(get_db)
@@ -94,6 +95,7 @@ async def send_otp(
 @limiter.limit("10/hour")  # 10 verification attempts per hour
 async def verify_otp(
     request: Request,
+    response: Response,
     otp_verify: OTPVerify,
     current_user: User = Depends(get_current_active_user),
     db: Session = Depends(get_db)
@@ -143,6 +145,7 @@ async def verify_otp(
 @limiter.limit("3/hour")  # 3 OTP requests per hour per IP
 async def send_otp_public(
     request: Request,
+    response: Response,
     otp_request: OTPRequest,
     db: Session = Depends(get_db)
 ):
@@ -208,6 +211,7 @@ async def send_otp_public(
 @limiter.limit("5/hour")  # 5 verification attempts per hour per IP
 async def verify_otp_public(
     request: Request,
+    response: Response,
     otp_verify: OTPVerify,
     db: Session = Depends(get_db)
 ):