admin-ui: align with API, add auth, fix integrations
Some checks failed
DSS Project Analysis / dss-context-update (push) Has been cancelled
Some checks failed
DSS Project Analysis / dss-context-update (push) Has been cancelled
This commit is contained in:
DSS
@@ -783,22 +783,22 @@ async def list_workflows():
|
||||
return {"workflows": workflows, "count": len(workflows), "directory": str(workflows_dir)}
|
||||
|
||||
|
||||
@app.get("/api/config")
|
||||
async def get_config():
|
||||
@app.get("/api/public-config")
|
||||
async def get_public_config():
|
||||
"""
|
||||
Public configuration endpoint.
|
||||
|
||||
Returns ONLY safe, non-sensitive configuration values that are safe
|
||||
to expose to the client browser.
|
||||
|
||||
SECURITY: This endpoint is the ONLY place where configuration is exposed.
|
||||
All other config values (secrets, API keys, etc.) must be server-only.
|
||||
NOTE: The Admin UI uses `/api/config` for runtime settings (with secrets masked).
|
||||
This endpoint is kept for backwards compatibility with older clients.
|
||||
"""
|
||||
# Import here to avoid circular imports
|
||||
try:
|
||||
from config import get_public_config
|
||||
from config import get_public_config as _get_public_config
|
||||
|
||||
return get_public_config()
|
||||
return _get_public_config()
|
||||
except ImportError:
|
||||
# Fallback for legacy deployments
|
||||
return {
|
||||
@@ -848,6 +848,7 @@ async def create_project(project: ProjectCreate):
|
||||
name=project.name,
|
||||
description=project.description,
|
||||
figma_file_key=project.figma_file_key,
|
||||
root_path=project.root_path,
|
||||
)
|
||||
ActivityLog.log(
|
||||
action="project_created",
|
||||
|
||||
Reference in New Issue
Block a user