[PR #234] [CLOSED] Fix/jwt auth middleware validation #970

New issue

Closed

opened 2026-05-07 00:15:14 +02:00 by BreizhHardware · 0 comments

BreizhHardware commented

2026-05-07 00:15:14 +02:00

Owner

📋 Pull Request Information

Original PR: https://github.com/maziggy/bambuddy/pull/234
Author: @deathly1987
Created: 2/2/2026
Status: ❌ Closed

Base: main ← Head: fix/jwt-auth-middleware-validation

📝 Commits (9)

70f5b6a Bumped version
db68dda Document intentional JWT secret storage (CodeQL Alert #69)
7eb6058 Spoolman: Show "Open in Spoolman" for linked spools (Issue #210)
475773c Housekeeping
71def0a Added full i8n localization support. Available languages are English and German
be18ebb Fix P2S printer support - disable vibration_cali and fix FTP SSL
ef64687 Merge pull request #227 from deathly1987/fix/p2s-printer-support
588a771 Added Japanese language pack (Thanks to @nmori)
d56c73d fix: JWT token validation middleware - allow authenticated requests

📊 Changes

53 files changed (+18577 additions, -11208 deletions)

View changed files

📝 CHANGELOG.md (+14 -0)
➖ PLAN.md (+0 -247)
➖ RELEASE_NOTES_0.1.6.md (+0 -318)
📝 backend/app/api/routes/spoolman.py (+36 -1)
📝 backend/app/core/auth.py (+4 -1)
📝 backend/app/core/config.py (+1 -1)
📝 backend/app/main.py (+10 -0)
📝 backend/app/services/bambu_ftp.py (+2 -1)
📝 backend/app/services/bambu_mqtt.py (+18 -1)
📝 backend/app/services/print_scheduler.py (+8 -3)
📝 backend/app/services/printer_manager.py (+1 -0)
📝 backend/tests/integration/test_spoolman_api.py (+77 -0)
📝 frontend/src/__tests__/components/ConfirmModal.test.tsx (+1 -1)
➕ frontend/src/__tests__/components/LinkSpoolModal.test.tsx (+291 -0)
➕ frontend/src/__tests__/i18n/locales.test.ts (+35 -0)
📝 frontend/src/__tests__/pages/CameraPage.test.tsx (+18 -12)
📝 frontend/src/api/client.ts (+6 -0)
📝 frontend/src/components/ConfirmModal.tsx (+10 -5)
📝 frontend/src/components/EditArchiveModal.tsx (+50 -50)
📝 frontend/src/components/FilamentHoverCard.tsx (+34 -14)

...and 33 more files

📄 Description

fix: JWT token validation middleware - allow authenticated requests

The auth_middleware was validating JWT tokens but not allowing the request
to proceed after successful validation. This caused all authenticated requests
to fail with 401 Unauthorized.

Changes:

Add missing 'return await call_next(request)' after JWT token validation
Add support endpoints to PUBLIC_API_ROUTES
Add Spoolman endpoints to PUBLIC_API_ROUTES
Remove code duplication in middleware

Fixes Spoolman integration and support bundle download with authentication enabled

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/maziggy/bambuddy/pull/234 **Author:** [@deathly1987](https://github.com/deathly1987) **Created:** 2/2/2026 **Status:** ❌ Closed **Base:** `main` ← **Head:** `fix/jwt-auth-middleware-validation` --- ### 📝 Commits (9) - [`70f5b6a`](https://github.com/maziggy/bambuddy/commit/70f5b6ae98a6b8eed60dd39351bae221b494ef3c) Bumped version - [`db68dda`](https://github.com/maziggy/bambuddy/commit/db68dda1f5b408da1ef3ff127289b87a93c76580) Document intentional JWT secret storage (CodeQL Alert #69) - [`7eb6058`](https://github.com/maziggy/bambuddy/commit/7eb60589289b386db3689b9c3d0df262fdf21b75) Spoolman: Show "Open in Spoolman" for linked spools (Issue #210) - [`475773c`](https://github.com/maziggy/bambuddy/commit/475773c64d70f34566cb957ee353cdcb3587afd5) Housekeeping - [`71def0a`](https://github.com/maziggy/bambuddy/commit/71def0a9dceedb83686a649eb5cc606cde28d59c) Added full i8n localization support. Available languages are English and German - [`be18ebb`](https://github.com/maziggy/bambuddy/commit/be18ebb36cf60c7e74fe63f21718e62e6ee4d3b7) Fix P2S printer support - disable vibration_cali and fix FTP SSL - [`ef64687`](https://github.com/maziggy/bambuddy/commit/ef6468708055fb83229888515482b3c253e202c1) Merge pull request #227 from deathly1987/fix/p2s-printer-support - [`588a771`](https://github.com/maziggy/bambuddy/commit/588a771ea3477adac9b3d21e6f529d6f7fdf0b31) Added Japanese language pack (Thanks to @nmori) - [`d56c73d`](https://github.com/maziggy/bambuddy/commit/d56c73d053cab6317520f6d33b0e571174923f0e) fix: JWT token validation middleware - allow authenticated requests ### 📊 Changes **53 files changed** (+18577 additions, -11208 deletions) <details> <summary>View changed files</summary> 📝 `CHANGELOG.md` (+14 -0) ➖ `PLAN.md` (+0 -247) ➖ `RELEASE_NOTES_0.1.6.md` (+0 -318) 📝 `backend/app/api/routes/spoolman.py` (+36 -1) 📝 `backend/app/core/auth.py` (+4 -1) 📝 `backend/app/core/config.py` (+1 -1) 📝 `backend/app/main.py` (+10 -0) 📝 `backend/app/services/bambu_ftp.py` (+2 -1) 📝 `backend/app/services/bambu_mqtt.py` (+18 -1) 📝 `backend/app/services/print_scheduler.py` (+8 -3) 📝 `backend/app/services/printer_manager.py` (+1 -0) 📝 `backend/tests/integration/test_spoolman_api.py` (+77 -0) 📝 `frontend/src/__tests__/components/ConfirmModal.test.tsx` (+1 -1) ➕ `frontend/src/__tests__/components/LinkSpoolModal.test.tsx` (+291 -0) ➕ `frontend/src/__tests__/i18n/locales.test.ts` (+35 -0) 📝 `frontend/src/__tests__/pages/CameraPage.test.tsx` (+18 -12) 📝 `frontend/src/api/client.ts` (+6 -0) 📝 `frontend/src/components/ConfirmModal.tsx` (+10 -5) 📝 `frontend/src/components/EditArchiveModal.tsx` (+50 -50) 📝 `frontend/src/components/FilamentHoverCard.tsx` (+34 -14) _...and 33 more files_ </details> ### 📄 Description fix: JWT token validation middleware - allow authenticated requests The auth_middleware was validating JWT tokens but not allowing the request to proceed after successful validation. This caused all authenticated requests to fail with 401 Unauthorized. Changes: - Add missing 'return await call_next(request)' after JWT token validation - Add support endpoints to PUBLIC_API_ROUTES - Add Spoolman endpoints to PUBLIC_API_ROUTES - Remove code duplication in middleware Fixes Spoolman integration and support bundle download with authentication enabled --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>