mirror of
https://github.com/azaion/detections.git
synced 2026-04-22 03:56:32 +00:00
Oleksandr Bezdieniezhnykh
097811a67b
- Pin all deps; h11==0.16.0 (CVE-2025-43859), python-multipart>=1.3.1 (CVE-2026-28356), PyJWT==2.12.1
- Add HMAC JWT verification (require_auth FastAPI dependency, JWT_SECRET-gated)
- Fix TokenManager._refresh() to use ADMIN_API_URL instead of ANNOTATIONS_URL
- Rename POST /detect → POST /detect/image (image-only, rejects video files)
- Replace global SSE stream with per-job SSE: GET /detect/{media_id} with event replay buffer
- Apply require_auth to all 4 protected endpoints
- Fix on_annotation/on_status closure to use mutable current_id for correct post-upload event routing
- Add non-root appuser to Dockerfile and Dockerfile.gpu
- Add JWT_SECRET to e2e/docker-compose.test.yml and run-tests.sh
- Update all e2e tests and unit tests for new endpoints and HMAC token signing
- 64/64 tests pass
Made-with: Cursor
27 lines
670 B
Bash
27 lines
670 B
Bash
# Azaion.Detections — Environment Variables
|
|
# Copy to .env and fill in actual values
|
|
|
|
# External service URLs
|
|
LOADER_URL=http://loader:8080
|
|
ANNOTATIONS_URL=http://annotations:8080
|
|
|
|
# Authentication (HMAC secret shared with Admin API; if empty, auth is not enforced)
|
|
JWT_SECRET=
|
|
|
|
# Remote Admin API for token refresh (if empty, refresh is skipped — offline/field mode)
|
|
ADMIN_API_URL=
|
|
|
|
# File paths
|
|
CLASSES_JSON_PATH=classes.json
|
|
LOG_DIR=Logs
|
|
VIDEOS_DIR=./data/videos
|
|
IMAGES_DIR=./data/images
|
|
|
|
# Container registry (for deployment scripts)
|
|
REGISTRY=your-registry.example.com
|
|
IMAGE_TAG=latest
|
|
|
|
# Remote deployment target (for deploy.sh)
|
|
DEPLOY_HOST=
|
|
DEPLOY_USER=deploy
|