refactor(agent): use local JWT decoder instead of src.core.auth.jwt
Replace src.core.auth.jwt import with lightweight _jwt_decoder.py that uses jose.jwt directly with JWT_SECRET env var. Avoids pulling AuthConfig → AUTH_DATABASE_URL/SECRET_KEY validators → SQLAlchemy models into agent. Removed: AUTH_SECRET_KEY, AUTH_DATABASE_URL from agent compose env. Removed: src/core/auth/ copies from Dockerfile.agent COPY section. Added: src/agent/_jwt_decoder.py — stateless JWT validation.
This commit is contained in:
@@ -104,8 +104,6 @@ services:
|
||||
LLM_MODEL: ${LLM_MODEL:-gpt-4o}
|
||||
FASTAPI_URL: http://backend:8000
|
||||
JWT_SECRET: ${JWT_SECRET:?JWT_SECRET must be set — crash-early, no default fallback}
|
||||
AUTH_SECRET_KEY: ${JWT_SECRET:?JWT_SECRET must be set — crash-early, no default fallback}
|
||||
AUTH_DATABASE_URL: postgresql+psycopg2://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:?Set POSTGRES_PASSWORD}@${POSTGRES_HOST:?Set POSTGRES_HOST}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-ss_tools}
|
||||
SERVICE_JWT: ${SERVICE_JWT:-agent-service-secret}
|
||||
DATABASE_URL: postgresql+psycopg2://${POSTGRES_USER:-postgres}:${POSTGRES_PASSWORD:?Set POSTGRES_PASSWORD in .env.enterprise-clean}@${POSTGRES_HOST:?Set POSTGRES_HOST in .env.enterprise-clean}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-ss_tools}
|
||||
GRADIO_SERVER_PORT: 7860
|
||||
|
||||
Reference in New Issue
Block a user