feat: one-click upstream auth refresh from custom page viewer
- Add linked_upstream_id to CustomPage model with DB migration
- New POST /api/custom-pages/{pid}/refresh-auth endpoint extracts
credentials from active remote browser and updates linked upstream
- PageViewer toolbar shows key icon button when page has linked upstream
- CustomPages form adds upstream dropdown for remote_browser pages
- Auth capture extracts New-Api-User from localStorage uid/user/self API
- Upstream client sends New-Api-User header in cookie auth mode
- Fix auth capture dialog: transparent background, field persistence,
login URL defaults to base_url/login, focus on click for keyboard input
- Fix upstream test ASCII encoding with non-header characters validation
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
SmartUp Developer
@@ -1,5 +1,6 @@
|
||||
import asyncio
|
||||
|
||||
from app.routers.auth_capture import _sanitize_candidate
|
||||
from app.services.browser_session_service import BrowserSessionService
|
||||
|
||||
|
||||
@@ -102,3 +103,27 @@ def test_autofill_returns_without_selectors_when_disabled_or_missing_credentials
|
||||
poll_interval_seconds=0,
|
||||
))
|
||||
assert missing_password_page.queries == []
|
||||
|
||||
|
||||
def test_sanitize_candidate_strips_secret_fields_but_keeps_metadata():
|
||||
sanitized = _sanitize_candidate({
|
||||
"type": "cookie",
|
||||
"source": "cookie:session",
|
||||
"value": "Bearer secret-token",
|
||||
"preview": "Bearer s…token",
|
||||
"label": "session cookie",
|
||||
"confidence": 90,
|
||||
"cookie_name": "session",
|
||||
"cookie_value": "secret-cookie",
|
||||
"domain": "example.test",
|
||||
})
|
||||
|
||||
assert sanitized == {
|
||||
"type": "cookie",
|
||||
"source": "cookie:session",
|
||||
"preview": "Bearer s…token",
|
||||
"label": "session cookie",
|
||||
"confidence": 90,
|
||||
"cookie_name": "session",
|
||||
"domain": "example.test",
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user