feat(api): MCP, OpenAPI & Dynamic Introspection

New Features: - API endpoints now support comprehensive input validation with detailed error responses via Pydantic models. - OpenAPI specification endpoint (/openapi.json) and interactive Swagger UI documentation (/docs) now available for API discovery. - Enhanced MCP session lifecycle management with create, retrieve, and delete operations. - Network diagnostic tools: traceroute, nslookup, NMAP scanning, and network topology viewing exposed via API. - Device search, filtering by status (including 'offline'), and bulk operations (copy, delete, update). - Wake-on-LAN functionality for remote device management. - Added dynamic tool disablement and status reporting. Bug Fixes: - Fixed get_tools_status in registry to correctly return boolean values instead of None for enabled tools. - Improved error handling for invalid API inputs with standardized validation responses. - Fixed OPTIONS request handling for cross-origin requests. Refactoring: - Significant refactoring of api_server_start.py to use decorator-based validation (@validate_request).
2026-04-01 15:52:28 -07:00 · 2026-01-18 18:16:18 +00:00
parent cea3369b5e
commit ecea1d1fbd
46 changed files with 5195 additions and 1053 deletions
--- a/server/api_server/sse_endpoint.py
+++ b/server/api_server/sse_endpoint.py
@@ -8,7 +8,7 @@ import json
 import threading
 import time
 from collections import deque
-from flask import Response, request
+from flask import Response, request, jsonify
 from logger import mylog

 # Thread-safe event queue
@@ -129,11 +129,17 @@ def create_sse_endpoint(app, is_authorized=None) -> None:
        is_authorized: Optional function to check authorization (if None, allows all)
    """

-    @app.route("/sse/state", methods=["GET"])
+    @app.route("/sse/state", methods=["GET", "OPTIONS"])
    def api_sse_state():
-        """SSE endpoint for real-time state updates"""
+        if request.method == "OPTIONS":
+            response = jsonify({"success": True})
+            response.headers["Access-Control-Allow-Origin"] = request.headers.get("Origin", "*")
+            response.headers["Access-Control-Allow-Methods"] = "GET, OPTIONS"
+            response.headers["Access-Control-Allow-Headers"] = "Content-Type, Authorization"
+            return response, 200
+
        if is_authorized and not is_authorized():
-            return {"none": "Unauthorized"}, 401
+            return jsonify({"success": False, "error": "Unauthorized"}), 401

        client_id = request.args.get("client", f"client-{int(time.time() * 1000)}")
        mylog("debug", [f"[SSE] Client connected: {client_id}"])
@@ -148,11 +154,14 @@ def create_sse_endpoint(app, is_authorized=None) -> None:
            },
        )

-    @app.route("/sse/stats", methods=["GET"])
+    @app.route("/sse/stats", methods=["GET", "OPTIONS"])
    def api_sse_stats():
        """Get SSE endpoint statistics for debugging"""
+        if request.method == "OPTIONS":
+            return jsonify({"success": True}), 200
+
        if is_authorized and not is_authorized():
-            return {"none": "Unauthorized"}, 401
+            return {"success": False, "error": "Unauthorized"}, 401

        return {
            "success": True,