refactor(auth): centralize the internal-tool pseudo-username into a constant (#4333)

The in-process tool loopback stamps current_user = "internal-tool" and require_admin grants admin to that sentinel; it is also a reserved username. That security-sensitive string was hand-typed in ~7 places (stamp, admin gate, RESERVED_USERNAMES, and standalone admin-equivalent checks in note/research/ shell/task routes), where a typo silently breaks an auth gate. Add INTERNAL_TOOL_USER in core/middleware.py next to INTERNAL_TOOL_TOKEN/ INTERNAL_TOOL_HEADER and use it at every such site. A typo is now an ImportError, not a silent mismatch. auth.py importing middleware is acyclic (middleware imports no app modules). Behaviour is unchanged. The multi-sentinel sets bundling internal-tool with api/demo/system (assistant_routes, task_scheduler, research_routes) are a separate reserved-set dedup, left for a follow-up. Closes #4332
2026-06-30 00:22:10 -04:00 · 2026-06-16 13:13:00 +02:00
parent bf56010aad
commit a2261c38c1
7 changed files with 15 additions and 8 deletions
@@ -11,6 +11,7 @@ from fastapi import APIRouter, HTTPException, Request
 from pydantic import BaseModel

 from core.database import SessionLocal, ScheduledTask, TaskRun
+from core.middleware import INTERNAL_TOOL_USER
 from core.constants import internal_api_base
 from src.auth_helpers import get_current_user
 from src.constants import DATA_DIR, EMAIL_URGENCY_CACHE_DIR
@@ -427,7 +428,7 @@ def setup_task_routes(task_scheduler) -> APIRouter:
        # In-process tool-loopback marker — AuthMiddleware validated
        # the internal token + loopback client before stamping this,
        # so treat as admin-equivalent.
-        if user == "internal-tool":
+        if user == INTERNAL_TOOL_USER:
            return True
        try:
            from core.auth import AuthManager