From 5dfb8f6d6b37a73f9800e90fc137aa627e6ca9d5 Mon Sep 17 00:00:00 2001 From: Eu Pin Tien Date: Fri, 16 Jan 2026 09:28:47 +0000 Subject: [PATCH 1/3] Forward the request headers from the frontend to the auth server --- src/murfey/server/api/auth.py | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/src/murfey/server/api/auth.py b/src/murfey/server/api/auth.py index a09c7eeac..53f143184 100644 --- a/src/murfey/server/api/auth.py +++ b/src/murfey/server/api/auth.py @@ -8,7 +8,7 @@ import aiohttp import requests -from fastapi import APIRouter, Depends, HTTPException, status +from fastapi import APIRouter, Depends, HTTPException, Request, status from fastapi.security import ( APIKeyCookie, OAuth2PasswordBearer, @@ -84,18 +84,16 @@ def check_user(username: str) -> bool: return username in [u.username for u in users] -async def validate_token(token: Annotated[str, Depends(oauth2_scheme)]): +async def validate_token( + token: Annotated[str, Depends(oauth2_scheme)], + request: Request, +): """ Used by the backend routers to validate requests coming in from frontend. """ try: # Validate using auth URL if provided; will error if invalid if auth_url: - headers = ( - {} - if security_config.auth_type == "cookie" - else {"Authorization": f"Bearer {token}"} - ) cookies = ( {security_config.cookie_key: token} if security_config.auth_type == "cookie" @@ -104,7 +102,7 @@ async def validate_token(token: Annotated[str, Depends(oauth2_scheme)]): async with aiohttp.ClientSession(cookies=cookies) as session: async with session.get( f"{auth_url}/validate_token", - headers=headers, + headers=request.headers, ) as response: success = response.status == 200 validation_outcome = await response.json() From 71cdc947d5b6243a69b1450916544c798953c564 Mon Sep 17 00:00:00 2001 From: Stephen Riggs <122790971+stephen-riggs@users.noreply.github.com> Date: Fri, 16 Jan 2026 09:26:11 +0000 Subject: [PATCH 2/3] Images-Disc was missing from metadata source (#727) --- src/murfey/client/multigrid_control.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/murfey/client/multigrid_control.py b/src/murfey/client/multigrid_control.py index aa1dd9a8d..819bfbe8b 100644 --- a/src/murfey/client/multigrid_control.py +++ b/src/murfey/client/multigrid_control.py @@ -592,7 +592,7 @@ def _start_dc(self, metadata_json, from_form: bool = False): metadata_source_as_str = ( "/".join(source.parts[:-2]) + f"/{self._environment.visit}/" - + source.parts[-2] + + "/".join(source.parts[-2:]) ) metadata_source = Path(metadata_source_as_str.replace("//", "/")) ensure_dcg_exists( From 8a571f083b2ac8bd348782994edbb2b69c6e11c0 Mon Sep 17 00:00:00 2001 From: Eu Pin Tien Date: Fri, 16 Jan 2026 09:55:11 +0000 Subject: [PATCH 3/3] Re-added old logic to support using auth server with password-based authentication --- src/murfey/server/api/auth.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/murfey/server/api/auth.py b/src/murfey/server/api/auth.py index 53f143184..6576f2097 100644 --- a/src/murfey/server/api/auth.py +++ b/src/murfey/server/api/auth.py @@ -94,6 +94,12 @@ async def validate_token( try: # Validate using auth URL if provided; will error if invalid if auth_url: + # Extract and forward headers as-is + headers = dict(request.headers) + # Update/add authorization header if authenticating using password + if security_config.auth_type == "password": + headers["authorization"] = f"Bearer {token}" + # Forward the cookie along if authenticating using cookie cookies = ( {security_config.cookie_key: token} if security_config.auth_type == "cookie" @@ -102,7 +108,7 @@ async def validate_token( async with aiohttp.ClientSession(cookies=cookies) as session: async with session.get( f"{auth_url}/validate_token", - headers=request.headers, + headers=headers, ) as response: success = response.status == 200 validation_outcome = await response.json()