furyhawk/deer-flow
1
0
Fork 0
mirror of https://github.com/bytedance/deer-flow.git synced 2026-06-11 09:55:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use default user for auth-disabled local mode

Browse Source
This commit is contained in:
taohe
2026-06-11 16:33:37 +08:00
parent a4202028d9
commit 42fd0cc22f
3 changed files with 16 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/tests/test_auth_middleware.py
+10 -9
View File
@@ -185,7 +185,7 @@ def _make_auth_csrf_app():
@pytest.fixture
def client(monkeypatch):
monkeypatch.delenv("DEER_FLOW_AUTH_DISABLED", raising=False)
monkeypatch.setenv("DEER_FLOW_AUTH_DISABLED", "")
return TestClient(_make_app())
@@ -223,7 +223,7 @@ def test_auth_disabled_allows_protected_path_without_cookie(monkeypatch):
assert res.json() == {"models": []}
def test_auth_disabled_stamps_e2e_admin_user_without_cookie(monkeypatch):
def test_auth_disabled_stamps_default_admin_user_without_cookie(monkeypatch):
monkeypatch.setenv("DEER_FLOW_AUTH_DISABLED", "1")
client = TestClient(_make_app())
@@ -231,10 +231,10 @@ def test_auth_disabled_stamps_e2e_admin_user_without_cookie(monkeypatch):
assert res.status_code == 200
assert res.json() == {
"id": "e2e-user",
"email": "e2e@test.local",
"id": "default",
"email": "default@test.local",
"system_role": "admin",
"context_user_id": "e2e-user",
"context_user_id": "default",
}
@@ -246,8 +246,8 @@ def test_auth_disabled_auth_me_reuses_middleware_user_without_cookie(monkeypatch
assert res.status_code == 200
assert res.json() == {
"id": "e2e-user",
"email": "e2e@test.local",
"id": "default",
"email": "default@test.local",
"system_role": "admin",
"needs_setup": False,
}
@@ -331,7 +331,7 @@ def test_auth_disabled_startup_warning_when_effective(monkeypatch, caplog):
warn_if_auth_disabled_enabled()
assert "authentication is bypassed" in caplog.text
assert "e2e-user" in caplog.text
assert "default" in caplog.text
def test_auth_disabled_startup_warning_suppressed_in_explicit_production_env(monkeypatch, caplog):
@@ -350,7 +350,8 @@ def test_protected_path_with_junk_cookie_rejected(client):
"""Junk cookie → 401. Middleware strictly validates the JWT now
(AUTH_TEST_PLAN test 7.5.8); it no longer silently passes bad
tokens through to the route handler."""
res = client.get("/api/models", cookies={"access_token": "some-token"})
client.cookies.set("access_token", "some-token")
res = client.get("/api/models")
assert res.status_code == 401