Fix WebSocket 403 — bypass FastAPI Depends for WS auth

Fork: 0

root / navi-1

Browse code Fix WebSocket 403 — bypass FastAPI Depends for WS auth - websocket.py: resolve user by calling get_current_user_ws directly inside the handler instead of using Depends(). This avoids FastAPI returning HTTP 403 on the upgrade request when auth resolution fails. - websocket.py: accept WebSocket before access check, close with 4003 for auth failures instead of HTTP 403. - auth/deps.py: remove debug logging from get_current_user_ws. - tests/conftest.py: monkeypatch get_current_user_ws directly since Depends() is no longer used on the WebSocket endpoint. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> feature/navi-code master vmkdemo
1 parent 3279640 commit 53ffcafde4961501fe92845591bad980af9d81ac Eugene Sukhodolskiy authored on 4 May

Browse code

- websocket.py: resolve user by calling get_current_user_ws directly
  inside the handler instead of using Depends(). This avoids FastAPI
  returning HTTP 403 on the upgrade request when auth resolution fails.
- websocket.py: accept WebSocket before access check, close with 4003
  for auth failures instead of HTTP 403.
- auth/deps.py: remove debug logging from get_current_user_ws.
- tests/conftest.py: monkeypatch get_current_user_ws directly since
  Depends() is no longer used on the WebSocket endpoint.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

feature/navi-code master vmkdemo

1 parent 3279640 commit 53ffcafde4961501fe92845591bad980af9d81ac

Eugene Sukhodolskiy authored on 4 May

Patch

Unified Split

Showing 3 changed files

Ignore Space Show notes View navi/api/websocket.py

Ignore Space Show notes View navi/auth/deps.py

Ignore Space Show notes View tests/integration/conftest.py

Show line notes below