refactor: comprehensive code quality, security, and release readiness improvements
Some checks failed
Lint & Test / test (push) Failing after 48s
Some checks failed
Lint & Test / test (push) Failing after 48s
Security: tighten CORS defaults, add webhook rate limiting, fix XSS in automations, guard WebSocket JSON.parse, validate ADB address input, seal debug exception leak, URL-encode WS tokens, CSS.escape in selectors. Code quality: add Pydantic models for brightness/power endpoints, fix thread safety and name uniqueness in DeviceStore, immutable update pattern, split 6 oversized files into 16 focused modules, enable TypeScript strictNullChecks (741→102 errors), type state variables, add dom-utils helper, migrate 3 modules from inline onclick to event delegation, ProcessorDependencies dataclass. Performance: async store saves, health endpoint log level, command palette debounce, optimized entity-events comparison, fix service worker precache list. Testing: expand from 45 to 293 passing tests — add store tests (141), route tests (25), core logic tests (42), E2E flow tests (33), organize into tests/api/, tests/storage/, tests/core/, tests/e2e/. DevOps: CI test pipeline, pre-commit config, Dockerfile multi-stage build with non-root user and health check, docker-compose improvements, version bump to 0.2.0. Docs: rewrite CLAUDE.md (202→56 lines), server/CLAUDE.md (212→76), create contexts/server-operations.md, fix .js→.ts references, fix env var prefix in README, rewrite INSTALLATION.md, add CONTRIBUTING.md and .env.example.
This commit is contained in:
@@ -1,20 +1,25 @@
|
||||
"""Tests for API endpoints."""
|
||||
"""Tests for API endpoints (public + authenticated)."""
|
||||
|
||||
import pytest
|
||||
from fastapi.testclient import TestClient
|
||||
|
||||
from wled_controller.main import app
|
||||
from wled_controller import __version__
|
||||
from wled_controller.config import get_config
|
||||
|
||||
client = TestClient(app)
|
||||
|
||||
# Build auth header from the first configured API key
|
||||
_config = get_config()
|
||||
_api_key = next(iter(_config.auth.api_keys.values()), "")
|
||||
AUTH_HEADERS = {"Authorization": f"Bearer {_api_key}"} if _api_key else {}
|
||||
|
||||
|
||||
def test_root_endpoint():
|
||||
"""Test root endpoint returns the HTML dashboard."""
|
||||
response = client.get("/")
|
||||
assert response.status_code == 200
|
||||
assert "text/html" in response.headers["content-type"]
|
||||
assert "LED Grab" in response.text
|
||||
|
||||
|
||||
def test_health_check():
|
||||
@@ -38,8 +43,8 @@ def test_version_endpoint():
|
||||
|
||||
|
||||
def test_get_displays():
|
||||
"""Test get displays endpoint."""
|
||||
response = client.get("/api/v1/config/displays")
|
||||
"""Test get displays endpoint (requires auth)."""
|
||||
response = client.get("/api/v1/config/displays", headers=AUTH_HEADERS)
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
assert "displays" in data
|
||||
@@ -62,7 +67,6 @@ def test_openapi_docs():
|
||||
response = client.get("/openapi.json")
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
assert data["info"]["title"] == "WLED Screen Controller"
|
||||
assert data["info"]["version"] == __version__
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user