Coderabit changes

2025-12-06 17:15:38 -08:00 · 2025-11-29 02:44:55 +00:00
parent 5e4ad10fe0
commit 531b66effe
3 changed files with 25 additions and 15 deletions
--- a/server/api_server/api_server_start.py
+++ b/server/api_server/api_server_start.py
@@ -76,9 +76,6 @@ from .mcp_routes import mcp_bp  # noqa: E402 [flake8 lint suppression]

 # Flask application
 app = Flask(__name__)
-# ... (CORS settings) ...
-
-# ... (rest of file) ...

 # Register Blueprints
 app.register_blueprint(tools_bp, url_prefix='/api/tools')
@@ -111,12 +108,14 @@ CORS(
 def log_request_info():
    """Log details of every incoming request."""
    # Filter out noisy requests if needed, but user asked for drastic logging
-    mylog("none", [f"[HTTP] {request.method} {request.path} from {request.remote_addr}"])
-    mylog("none", [f"[HTTP] Headers: {dict(request.headers)}"])
+    mylog("verbose", [f"[HTTP] {request.method} {request.path} from {request.remote_addr}"])
+    # Filter sensitive headers before logging  
+    safe_headers = {k: v for k, v in request.headers if k.lower() not in ('authorization', 'cookie', 'x-api-key')}  
+    mylog("debug", [f"[HTTP] Headers: {safe_headers}"]) 
    if request.method == "POST":
        # Be careful with large bodies, but log first 1000 chars
        data = request.get_data(as_text=True)
-        mylog("none", [f"[HTTP] Body: {data[:1000]}"])
+        mylog("debug", [f"[HTTP] Body length: {len(data)} chars"])  


@app.errorhandler(404)
--- a/server/api_server/mcp_routes.py
+++ b/server/api_server/mcp_routes.py
@@ -5,7 +5,9 @@ import uuid
 import queue
 import requests
 import threading
+import logging
 from flask import Blueprint, request, Response, stream_with_context, jsonify
+from helper import get_setting_value

 mcp_bp = Blueprint('mcp', __name__)

@@ -16,7 +18,9 @@ sessions_lock = threading.Lock()
 # Cache for OpenAPI spec to avoid fetching on every request
 openapi_spec_cache = None

-API_BASE_URL = "http://localhost:20212/api/tools"
+BACKEND_PORT = get_setting_value("GRAPHQL_PORT")
+
+API_BASE_URL = f"http://localhost:{BACKEND_PORT}/api/tools"


 def get_openapi_spec():
@@ -28,7 +32,7 @@ def get_openapi_spec():
    try:
        # Fetch from local server
        # We use localhost because this code runs on the server
-        response = requests.get(f"{API_BASE_URL}/openapi.json")
+        response = requests.get(f"{API_BASE_URL}/openapi.json", timeout=10)
        response.raise_for_status()
        openapi_spec_cache = response.json()
        return openapi_spec_cache
@@ -61,7 +65,11 @@ def map_openapi_to_mcp_tools(spec):
                    content = details["requestBody"].get("content", {})
                    if "application/json" in content:
                        schema = content["application/json"].get("schema", {})
-                        tool["inputSchema"] = schema
+                        tool["inputSchema"] = schema.copy()
+                        if "properties" not in tool["inputSchema"]:
+                            tool["inputSchema"]["properties"] = {}
+                        if "required" not in tool["inputSchema"]:
+                            tool["inputSchema"]["required"] = []

                # Extract parameters from 'parameters' list (query/path params) - simplistic support
                if "parameters" in details:
@@ -145,15 +153,16 @@ def process_mcp_request(data):
                headers = {
                    "Content-Type": "application/json"
                }
+
                if "Authorization" in request.headers:
                    headers["Authorization"] = request.headers["Authorization"]

                url = f"{API_BASE_URL}{target_path}"

                if target_method == "POST":
-                    api_res = requests.post(url, json=tool_args, headers=headers)
+                    api_res = requests.post(url, json=tool_args, headers=headers, timeout=30)
                elif target_method == "GET":
-                    api_res = requests.get(url, params=tool_args, headers=headers)
+                    api_res = requests.get(url, params=tool_args, headers=headers, timeout=30)
                else:
                    api_res = None

@@ -236,8 +245,9 @@ def handle_sse():
                else:
                    # Notification or no response needed
                    return "", 202
-        except Exception:
-            pass
+        except Exception as e:
+            # Log but don't fail - malformed requests shouldn't crash the endpoint
+            logging.getLogger(__name__).debug(f"SSE POST processing error: {e}")

        return jsonify({"status": "ok", "message": "MCP SSE endpoint active"}), 200

--- a/server/api_server/tools_routes.py
+++ b/server/api_server/tools_routes.py
@@ -208,7 +208,8 @@ def get_open_ports():
            cmd,
            capture_output=True,
            text=True,
-            check=True
+            check=True,
+            timeout=120
        )

        # Parse output for open ports
@@ -388,7 +389,7 @@ def wol_wake_device():
    try:
        # Using wakeonlan command
        result = subprocess.run(
-            ["wakeonlan", mac], capture_output=True, text=True, check=True
+            ["wakeonlan", mac], capture_output=True, text=True, check=True, timeout=10 
        )
        return jsonify(
            {