feat: add /reset-password page
Browse files
app.py
CHANGED
|
@@ -101,6 +101,17 @@ _INTERNAL_PROXY_DOMAINS = {
|
|
| 101 |
"proxy.spaces.internal.huggingface.tech",
|
| 102 |
}
|
| 103 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 104 |
# --- Request Logging Middleware ---
|
| 105 |
def _resolve_source(request: Request) -> dict | None:
|
| 106 |
"""リクエストヘッダから流入元を判定して source_domain を返す。
|
|
@@ -148,12 +159,14 @@ class RequestLoggingMiddleware(BaseHTTPMiddleware):
|
|
| 148 |
duration = time.time() - start_time
|
| 149 |
# print(f"[RESPONSE] method={method} path={path} status={response.status_code} duration={duration:.3f}s{user_tag}")
|
| 150 |
if response.status_code >= 400:
|
| 151 |
-
|
| 152 |
-
|
| 153 |
-
|
| 154 |
-
|
| 155 |
-
|
| 156 |
-
|
|
|
|
|
|
|
| 157 |
return response
|
| 158 |
except Exception as e:
|
| 159 |
duration = time.time() - start_time
|
|
@@ -259,7 +272,8 @@ def get_current_user(request: Request):
|
|
| 259 |
|
| 260 |
if not token:
|
| 261 |
print("[AUTH_CHECK] No sb_access_token cookie – unauthenticated access")
|
| 262 |
-
|
|
|
|
| 263 |
return None
|
| 264 |
|
| 265 |
try:
|
|
|
|
| 101 |
"proxy.spaces.internal.huggingface.tech",
|
| 102 |
}
|
| 103 |
|
| 104 |
+
# Gradio バックグラウンド通信のパス(未認証ノイズを抑制)
|
| 105 |
+
def _is_gradio_background_path(path: str) -> bool:
|
| 106 |
+
"""Gradio が自動送信するバックグラウンドリクエストかどうかを判定する。
|
| 107 |
+
これらは未認証時でも大量に飛んでくるためログ対象外とする。
|
| 108 |
+
"""
|
| 109 |
+
return (
|
| 110 |
+
path.startswith("/app/gradio_api/heartbeat/")
|
| 111 |
+
or path == "/app/gradio_api/queue/join"
|
| 112 |
+
or path.startswith("/app/gradio_api/queue/join/")
|
| 113 |
+
)
|
| 114 |
+
|
| 115 |
# --- Request Logging Middleware ---
|
| 116 |
def _resolve_source(request: Request) -> dict | None:
|
| 117 |
"""リクエストヘッダから流入元を判定して source_domain を返す。
|
|
|
|
| 159 |
duration = time.time() - start_time
|
| 160 |
# print(f"[RESPONSE] method={method} path={path} status={response.status_code} duration={duration:.3f}s{user_tag}")
|
| 161 |
if response.status_code >= 400:
|
| 162 |
+
# Gradio バックグラウンド通信の 401 は未認証ノイズなので記録しない
|
| 163 |
+
if not (response.status_code == 401 and _is_gradio_background_path(path)):
|
| 164 |
+
log_event(
|
| 165 |
+
"error",
|
| 166 |
+
"http_response_error",
|
| 167 |
+
level="WARNING",
|
| 168 |
+
metadata={"method": method, "path": path, "status": response.status_code, "duration": round(duration, 3)},
|
| 169 |
+
)
|
| 170 |
return response
|
| 171 |
except Exception as e:
|
| 172 |
duration = time.time() - start_time
|
|
|
|
| 272 |
|
| 273 |
if not token:
|
| 274 |
print("[AUTH_CHECK] No sb_access_token cookie – unauthenticated access")
|
| 275 |
+
if not _is_gradio_background_path(str(request.url.path)):
|
| 276 |
+
log_event("auth", "unauthenticated_access", level="INFO", metadata={"path": str(request.url.path)})
|
| 277 |
return None
|
| 278 |
|
| 279 |
try:
|