fix(api): enforce query formatting
This commit is contained in:
@@ -11,6 +11,7 @@ import logging
|
|||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import time
|
import time
|
||||||
|
import urllib.parse
|
||||||
from contextlib import asynccontextmanager
|
from contextlib import asynccontextmanager
|
||||||
from typing import TYPE_CHECKING, Any
|
from typing import TYPE_CHECKING, Any
|
||||||
|
|
||||||
@@ -30,7 +31,7 @@ redis_client = None
|
|||||||
@asynccontextmanager
|
@asynccontextmanager
|
||||||
async def _lifespan(_app: FastAPI) -> AsyncIterator[None]:
|
async def _lifespan(_app: FastAPI) -> AsyncIterator[None]:
|
||||||
"""Lifespan handler: connect to Redis on startup and close on shutdown."""
|
"""Lifespan handler: connect to Redis on startup and close on shutdown."""
|
||||||
global redis_client
|
global redis_client # type: ignore[PLW0603]
|
||||||
if REDIS_URL:
|
if REDIS_URL:
|
||||||
try:
|
try:
|
||||||
import redis.asyncio as aioredis
|
import redis.asyncio as aioredis
|
||||||
@@ -160,6 +161,10 @@ async def _cache_set(key: str, value: CacheValue, ttl: int = CACHE_TTL_SECONDS)
|
|||||||
async def validate_signature(signature: str = Query(...)) -> JSONResponse:
|
async def validate_signature(signature: str = Query(...)) -> JSONResponse:
|
||||||
"""Validate a book signature and return total pages."""
|
"""Validate a book signature and return total pages."""
|
||||||
# check cache first
|
# check cache first
|
||||||
|
# ensure signature is stripped of leading/trailing whitespace
|
||||||
|
signature = signature.strip()
|
||||||
|
# enforce url quotes
|
||||||
|
signature = urllib.parse.quote(signature)
|
||||||
cache_key = f"signature:{signature}"
|
cache_key = f"signature:{signature}"
|
||||||
cached = await _cache_get(cache_key)
|
cached = await _cache_get(cache_key)
|
||||||
if cached is not None:
|
if cached is not None:
|
||||||
|
|||||||
Reference in New Issue
Block a user