Harden screening API and deployment defaults#16
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 20847831bb
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| q: Annotated[str, Form()] = "", | ||
| threshold: Annotated[float, Form(ge=0.0, le=1.0)] = 0.7, |
There was a problem hiding this comment.
Declare python-multipart for form parsing
The new /search POST handler introduces Form() parameters, which makes FastAPI require python-multipart at runtime when the route is registered. This commit did not add that package to runtime dependencies, so an environment installed from the current requirements.txt can fail at application startup with the form-data dependency error. Add python-multipart to dependencies (or avoid Form() inputs) to keep deployments bootable.
Useful? React with 👍 / 👎.
| limited, retry_after = await _rate_limit_exceeded(request) | ||
| if limited: |
There was a problem hiding this comment.
Rate-limit requests before auth rejection
The middleware performs the Basic Auth check and returns 401 before executing the rate limiter, so repeated invalid-credential requests to protected endpoints are never throttled. In production this undermines the hardening goal by allowing unlimited brute-force attempts and high-rate unauthenticated probing from the same client. Apply rate limiting before the auth early-return (or add a dedicated failed-auth limiter).
Useful? React with 👍 / 👎.
Summary
/search,/api/screen,/api/status, and docs endpoints with Basic Auth, rate limiting, and stricter response headersno-storecaching controls, and replace the external Tailwind CDN dependency with inline styles and a CSPTesting
git diff --checkpytest(not installed in this environment)ruff(not installed in this environment)docker compose config/ container smoke tests (dockerunavailable in this environment)Notes
BEYOND_AI_AUTH_REQUIRED=true; deployments must setBEYOND_AI_BASIC_AUTH_USERandBEYOND_AI_BASIC_AUTH_PASSWORD.YENTE_ES_PASSWORD, and Neo4j startup now fails fast ifNEO4J_PASSWORDis missing.