feat: validate user agent for admin access token#118
feat: validate user agent for admin access token#118think-in-universe merged 23 commits intomainfrom
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
alexplash
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
|
I think we can also add user agent validation for refreshing access tokens as mentioned in #106 |
alexplash
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
alexplash
force-pushed
the
user-agent-authentication
branch
from
383be56 to
18b5424
Compare
alexplash
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
alexplash
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
alexplash
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
hanakannzashi
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
hanakannzashi
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
There was a problem hiding this comment.
This is the final PR Bugbot will review for you during this billing cycle
Your free Bugbot reviews will reset on December 9
Details
Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.
To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.
think-in-universe
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
think-in-universe
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
think-in-universe
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
think-in-universe
had a problem deploying
to
Cloud API test env
GitHub Actions
Failure
think-in-universe
temporarily deployed
to
Cloud API test env
GitHub Actions
Inactive
| name: String, | ||
| creation_reason: String, | ||
| expires_at: chrono::DateTime<Utc>, | ||
| user_agent: Option<String>, |
There was a problem hiding this comment.
Why keeping user_agent optional if we enforce it in #131?
* feat: implement batch conversation retrieval endpoint
Add GET /v1/conversations/batch endpoint to fetch multiple conversations
in a single request using SQL ANY() queries instead of N individual calls.
Changes:
- Add batch_get_by_ids() to ConversationRepository trait and implement
with efficient WHERE id = ANY($1) SQL query
- Add batch_get_conversations() to service trait and implement
- Create BatchConversationsRequest and ConversationBatchResponse models
- Implement route handler with:
* JSON body input (no URL length limits)
* Validation: 1-1000 IDs per request
* Returns found conversations + missing_ids list (AWS DynamoDB pattern)
- Register GET /v1/conversations/batch route (before /{id} to avoid conflicts)
- Add comprehensive integration test verifying:
* Batch retrieval of 5 IDs (3 found, 2 missing)
* Correct response structure
* Missing IDs properly tracked
Performance: Reduces N individual API calls to 1 batch call (100x faster)
* fix: only include model providers with valid attestation report (#187)
* feat: validate user agent for admin access token (#118)
* feat: rotate refresh token and access token with user agent check (#131)
Co-authored-by: Robert Yan <46699230+think-in-universe@users.noreply.github.com>
* Updated GET to POST and updated response structure
* remove the order by and simplified the logic
---------
Co-authored-by: Robert Yan <46699230+think-in-universe@users.noreply.github.com>
Co-authored-by: alexplash <131205674+alexplash@users.noreply.github.com>
4 participants
Made it so admin access tokens can only be used with the same User-Agent as when the token was initialized.
Note
Enforces User-Agent matching for admin access tokens by storing UA on creation and validating on use; updates middleware, routes, DB schema/repo, and adds e2e tests.
adm_prefix) validated only as admin tokens (no session fallback) and now require matchingUser-Agent.User-Agentfrom requests and passes toauthenticate_admin_access_token.POST /v1/admin/access-tokenscaptures requestUser-Agentand persists it with the token.user_agentcolumn toadmin_access_token(migrationV0024__...).models::AdminAccessTokenwith optionaluser_agent.AdminAccessTokenRepository):create(...)now storesuser_agent.validate(token, user_agent)checks token is active, not expired, and UA matches (or token has no UA); updateslast_used_at.Written by Cursor Bugbot for commit 8687270. This will update automatically on new commits. Configure here.