docs+site_domain: Add guidance for restoring access_key validation in site_domain lookup; stage recent user/auth changes and frontend guide updates

2026-03-25 19:33:53 -04:00
parent 6bde236633
commit 91434968f7
6 changed files with 529 additions and 6 deletions
--- a/app/methods/site_domain_methods.py
+++ b/app/methods/site_domain_methods.py
@@ -147,6 +147,8 @@ def get_site_domain_rec_list(
 # ### BEGIN ### API Site Domain Methods ### lookup_site_domain_fqdn() ###
 def lookup_site_domain_fqdn(
        fqdn: str,
+        # TODO: Accept access_key as an argument for validation (str|None)
+        # access_key: Optional[str] = None,
        enabled: str = 'enabled', # enabled, disabled, all
        limit: int = 100,
        offset: int = 0,
@@ -156,15 +158,22 @@ def lookup_site_domain_fqdn(

    data = {}
    data['fqdn'] = fqdn
+    # TODO: If access_key is provided, add it to the data dict for SQL parameterization
+    # if access_key is not None:
+    #     data['access_key'] = access_key

    sql_enabled, data['enable'] = sql_enable_part(table_name='site_domain', enabled=enabled) # Reasonably safe return str and bool
    sql_limit = sql_limit_offset_part(limit=limit, offset=offset) # Reasonably safe return str

+    # TODO: Add access_key to WHERE clause if provided, e.g.:
+    #   WHERE site_domain.fqdn = :fqdn AND (:access_key IS NULL OR site_domain.access_key = :access_key)
    sql = f"""
        SELECT `site_domain`.id AS 'site_domain_id', `site_domain`.id_random AS 'site_domain_id_random'
        FROM `v_site_domain` AS site_domain
        WHERE
            site_domain.fqdn = :fqdn
+            -- TODO: Add access_key check here for stricter validation
+            -- AND (:access_key IS NULL OR site_domain.access_key = :access_key)
            {sql_enabled}
        ORDER BY `site_domain`.fqdn ASC, `site_domain`.access_key ASC, `site_domain`.required_referrer ASC, `site_domain`.created_on DESC, `site_domain`.updated_on DESC
        {sql_limit};
@@ -176,4 +185,11 @@ def lookup_site_domain_fqdn(
        site_domain_rec_li = []

    return site_domain_rec_li
+
+# ---
+# To restore access_key validation:
+# 1. Accept access_key as a parameter to this function (and any API endpoint calling it).
+# 2. Add access_key to the SQL WHERE clause (see above) so only matching records are returned.
+# 3. If access_key is required, return empty or error if not matched.
+# 4. Update API docs and tests to reflect the new/required parameter.
 # ### END ### API Site Domain Methods ### get_site_domain_rec_list() ###
--- a/app/methods/user_methods.py
+++ b/app/methods/user_methods.py
@@ -654,7 +654,7 @@ def email_user_auth_key_url(
    else: return False
    log.debug(account_cfg)

-    user_id_random = user_obj.id_random # NOTE: Not user_id_random because of alias
+    user_id_random = user_obj.id or user_obj.user_id # Vision ID: User_Out_Base uses 'id'/'user_id', not 'id_random'

    from_email = account_cfg.default_no_reply_email
    from_name = account_cfg.default_no_reply_name