anti
70d8ffc607
Extends tracing to every remaining module: all 23 API route handlers, correlation engine, sniffer (fingerprint/p0f/syslog), prober (jarm/hassh/tcpfp), profiler behavioral analysis, logging subsystem, engine, and mutator. Bridges the ingester→SSE trace gap by persisting trace_id/span_id columns on the logs table and creating OTEL span links in the SSE endpoint. Adds log-trace correlation via _TraceContextFilter injecting otel_trace_id into Python LogRecords. Includes development/docs/TRACING.md with full span reference (76 spans), pipeline propagation architecture, quick start guide, and troubleshooting.
34 lines
1.3 KiB
Python
34 lines
1.3 KiB
Python
from typing import Any, Optional
|
|
|
|
from fastapi import APIRouter, Depends, HTTPException, status
|
|
|
|
from decnet.telemetry import traced as _traced
|
|
from decnet.web.auth import get_password_hash, verify_password
|
|
from decnet.web.dependencies import get_current_user_unchecked, repo
|
|
from decnet.web.db.models import ChangePasswordRequest
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
@router.post(
|
|
"/auth/change-password",
|
|
tags=["Authentication"],
|
|
responses={
|
|
400: {"description": "Bad Request (e.g. malformed JSON)"},
|
|
401: {"description": "Could not validate credentials"},
|
|
422: {"description": "Validation error"}
|
|
},
|
|
)
|
|
@_traced("api.change_password")
|
|
async def change_password(request: ChangePasswordRequest, current_user: str = Depends(get_current_user_unchecked)) -> dict[str, str]:
|
|
_user: Optional[dict[str, Any]] = await repo.get_user_by_uuid(current_user)
|
|
if not _user or not verify_password(request.old_password, _user["password_hash"]):
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Incorrect old password",
|
|
)
|
|
|
|
_new_hash: str = get_password_hash(request.new_password)
|
|
await repo.update_user_password(current_user, _new_hash, must_change_password=False)
|
|
return {"message": "Password updated successfully"}
|