refactor(auth): centralize the internal-tool pseudo-username into a constant (#4333)

The in-process tool loopback stamps current_user = "internal-tool" and require_admin grants admin to that sentinel; it is also a reserved username. That security-sensitive string was hand-typed in ~7 places (stamp, admin gate, RESERVED_USERNAMES, and standalone admin-equivalent checks in note/research/ shell/task routes), where a typo silently breaks an auth gate. Add INTERNAL_TOOL_USER in core/middleware.py next to INTERNAL_TOOL_TOKEN/ INTERNAL_TOOL_HEADER and use it at every such site. A typo is now an ImportError, not a silent mismatch. auth.py importing middleware is acyclic (middleware imports no app modules). Behaviour is unchanged. The multi-sentinel sets bundling internal-tool with api/demo/system (assistant_routes, task_scheduler, research_routes) are a separate reserved-set dedup, left for a follow-up. Closes #4332
2026-06-17 10:15:27 -04:00 · 2026-06-16 13:13:00 +02:00
parent bf56010aad
commit a2261c38c1
7 changed files with 15 additions and 8 deletions
@@ -10,6 +10,7 @@ from fastapi import APIRouter, HTTPException, Request
 from pydantic import BaseModel

 from core.database import SessionLocal, Note
+from core.middleware import INTERNAL_TOOL_USER
 from src.auth_helpers import require_user
 from src.constants import DATA_DIR
 from sqlalchemy.orm.attributes import flag_modified
@@ -582,7 +583,7 @@ def setup_note_routes(task_scheduler=None):
        return require_user(request) or None

    def _is_admin_or_single_user(request: Request, user: str | None) -> bool:
-        if user == "internal-tool":
+        if user == INTERNAL_TOOL_USER:
            return True
        if not user:
            # require_user() already admitted this request, which only happens