mdb-engine 0.4.10__py3-none-any.whl → 0.4.11__py3-none-any.whl

mdb_engine/__init__.py

@@ -82,11 +82,13 @@ from .repositories import Entity, MongoRepository, Repository, UnitOfWork
 from .utils import clean_mongo_doc, clean_mongo_docs
 
 __version__ = (
-    "0.4.10"  # Fix: allow_credentials preserved in CORS config merge
-    # - Fixed bug where allow_credentials was set to False even when child apps require True
-    # - Dynamic CORS middleware reads from app.state.cors_config at request time
-    # - Merge logic now ensures if ANY child app has allow_credentials: True, parent gets True
-    # - Essential for SSO cookie-based authentication in WebSocket connections
+    "0.4.11"  # Automatic WebSocket support improvements
+    # - Improved CORS config merging with proper wildcard handling
+    # - WebSocket route verification after registration
+    # - Startup verification logging for CORS config and WebSocket routes
+    # - Enhanced CSRF middleware error messages with path and CORS status
+    # - Better logging throughout WebSocket registration process
+    # - All WebSocket multi-app SSO features now work automatically
 )
 
 __all__ = [

mdb_engine/auth/csrf.py

@@ -210,14 +210,15 @@ class CSRFMiddleware(BaseHTTPMiddleware):
         are registered on parent app), then falls back to request host.
         """
         try:
-            # Check current app's CORS config (parent app for WebSocket routes in multi-app)
+            # For WebSocket routes on parent app, request.app is parent app
+            # Parent app has merged CORS config from all child apps
             cors_config = getattr(request.app.state, "cors_config", None)
             if cors_config and cors_config.get("allow_origins"):
                 origins = cors_config["allow_origins"]
                 if origins:
                     return origins if isinstance(origins, list) else [origins]
-        except (AttributeError, TypeError, KeyError):
-            pass
+        except (AttributeError, TypeError, KeyError) as e:
+            logger.debug(f"Could not read CORS config from app.state: {e}")
 
         # Fallback: Check if this is a multi-app setup and try to find mounted app's CORS config
         try:
@@ -249,6 +250,7 @@ class CSRFMiddleware(BaseHTTPMiddleware):
                 origin = f"{scheme}://{host}"
             return [origin]
         except (AttributeError, TypeError):
+            # Return empty list if we can't determine origin (will reject)
             return []
 
     def _validate_websocket_origin(self, request: Request) -> bool:
@@ -275,9 +277,12 @@ class CSRFMiddleware(BaseHTTPMiddleware):
             if origin == allowed or origin.rstrip("/") == allowed.rstrip("/"):
                 return True
 
+        cors_config = getattr(request.app.state, "cors_config", None)
+        cors_enabled = cors_config.get("enabled", False) if cors_config else False
         logger.warning(
             f"WebSocket upgrade rejected - invalid Origin: {origin} "
             f"(allowed: {allowed_origins}, app: {getattr(request.app, 'title', 'unknown')}, "
+            f"path: {request.url.path}, CORS enabled: {cors_enabled}, "
             f"has_cors_config: {hasattr(request.app.state, 'cors_config')})"
         )
         return False

mdb_engine/core/engine.py

@@ -2212,7 +2212,18 @@ class MongoDBEngine:
                     # Merge allow_origins lists
                     child_origins = child_cors.get("allow_origins", [])
                     parent_origins = parent_cors.get("allow_origins", [])
-                    merged_origins = list(set(parent_origins + child_origins))
+
+                    # CRITICAL: Handle wildcard origins correctly
+                    # If any child or parent has wildcard, merged config gets wildcard
+                    if "*" in child_origins:
+                        merged_origins = ["*"]  # Wildcard takes precedence
+                    elif "*" in parent_origins:
+                        merged_origins = ["*"]  # Keep wildcard if already set
+                    else:
+                        # Merge unique origins
+                        merged_origins = list(set(parent_origins + child_origins))
+                        if not merged_origins:
+                            merged_origins = ["*"]  # Default to wildcard if empty
 
                     # CRITICAL: If ANY child app requires credentials, parent must allow them
                     # This is essential for SSO cookie-based authentication
@@ -2225,16 +2236,17 @@ class MongoDBEngine:
                     parent_app.state.cors_config = {
                         **parent_cors,
                         **child_cors,
-                        "allow_origins": merged_origins if merged_origins else ["*"],
+                        "allow_origins": merged_origins,
                         # If ANY child requires credentials, parent gets True (for SSO)
                         "allow_credentials": merged_allow_credentials,
                     }
                 else:
                     # Parent has no CORS config, use child's
                     parent_app.state.cors_config = child_cors
-                logger.debug(
-                    f"✅ Merged CORS config from child app '{slug}' to parent app "
-                    f"(allow_credentials={parent_app.state.cors_config.get('allow_credentials')})"
+                logger.info(
+                    f"✅ Merged CORS config from '{slug}': "
+                    f"origins={parent_app.state.cors_config.get('allow_origins')}, "
+                    f"credentials={parent_app.state.cors_config.get('allow_credentials')}"
                 )
 
         async def _register_websocket_routes(
@@ -2246,6 +2258,7 @@ class MongoDBEngine:
             """Register WebSocket routes on parent app for a child app."""
             websockets_config = child_manifest.get("websockets")
             if not websockets_config:
+                logger.debug(f"No WebSocket configuration found for app '{slug}'")
                 return
 
             try:
@@ -2253,6 +2266,9 @@ class MongoDBEngine:
 
                 from ..routing.websockets import create_websocket_endpoint
 
+                registered_count = 0
+                failed_count = 0
+
                 for endpoint_name, endpoint_config in websockets_config.items():
                     ws_path = endpoint_config.get("path", f"/{endpoint_name}")
                     # Combine mount prefix with WebSocket path
@@ -2273,24 +2289,65 @@ class MongoDBEngine:
 
                     ping_interval = endpoint_config.get("ping_interval", 30)
 
-                    # Create WebSocket handler
-                    handler = create_websocket_endpoint(
-                        app_slug=slug,
-                        path=ws_path,
-                        endpoint_name=endpoint_name,
-                        handler=None,
-                        require_auth=require_auth,
-                        ping_interval=ping_interval,
-                    )
+                    try:
+                        # Create WebSocket handler
+                        handler = create_websocket_endpoint(
+                            app_slug=slug,
+                            path=ws_path,
+                            endpoint_name=endpoint_name,
+                            handler=None,
+                            require_auth=require_auth,
+                            ping_interval=ping_interval,
+                        )
 
-                    # Register on parent app with full path
-                    ws_router = APIRouter()
-                    ws_router.websocket(full_ws_path)(handler)
-                    parent_app.include_router(ws_router)
+                        # Register on parent app with full path
+                        ws_router = APIRouter()
+                        ws_router.websocket(full_ws_path)(handler)
+                        parent_app.include_router(ws_router)
+
+                        logger.info(
+                            f"✅ Registered WebSocket route '{full_ws_path}' "
+                            f"for mounted app '{slug}' (mounted at '{path_prefix}', "
+                            f"auth: {require_auth}, ping: {ping_interval}s)"
+                        )
+
+                        # Verify route was actually registered
+                        registered_routes = [
+                            r
+                            for r in parent_app.routes
+                            if hasattr(r, "path") and full_ws_path in str(getattr(r, "path", ""))
+                        ]
+                        if registered_routes:
+                            registered_count += 1
+                            logger.debug(
+                                f"✅ Verified WebSocket route '{full_ws_path}' "
+                                f"registered for '{slug}'"
+                            )
+                        else:
+                            failed_count += 1
+                            logger.warning(
+                                f"⚠️  WebSocket route '{full_ws_path}' not found after registration "
+                                f"for '{slug}' - route may not be accessible"
+                            )
+                    except (ValueError, TypeError, AttributeError, RuntimeError) as e:
+                        failed_count += 1
+                        logger.error(
+                            f"Failed to register WebSocket route '{full_ws_path}' "
+                            f"for mounted app '{slug}': {e}",
+                            exc_info=True,
+                        )
 
+                # Summary logging
+                total_routes = len(websockets_config)
+                if registered_count > 0:
                     logger.info(
-                        f"✅ Registered WebSocket route '{full_ws_path}' "
-                        f"for mounted app '{slug}' (mounted at '{path_prefix}')"
+                        f"✅ WebSocket registration summary for '{slug}': "
+                        f"{registered_count}/{total_routes} routes registered successfully"
+                    )
+                if failed_count > 0:
+                    logger.warning(
+                        f"⚠️  WebSocket registration issues for '{slug}': "
+                        f"{failed_count}/{total_routes} routes failed to register"
                     )
             except ImportError:
                 logger.warning(
@@ -2668,6 +2725,38 @@ class MongoDBEngine:
             # This ensures the state reflects the final mounted_apps list
             app.state.mounted_apps = mounted_apps
 
+            # VERIFICATION: Log final configuration state
+            logger.info("=" * 60)
+            logger.info("MDB-Engine Multi-App Configuration Verification")
+            logger.info("=" * 60)
+
+            # Verify CORS config
+            cors_config = getattr(app.state, "cors_config", None)
+            if cors_config:
+                logger.info(
+                    f"✅ CORS Config: enabled={cors_config.get('enabled')}, "
+                    f"origins={cors_config.get('allow_origins')}, "
+                    f"credentials={cors_config.get('allow_credentials')}"
+                )
+            else:
+                logger.warning("⚠️  No CORS config found on parent app")
+
+            # Verify WebSocket routes
+            ws_routes = [
+                r for r in app.routes if hasattr(r, "path") and "/ws" in str(getattr(r, "path", ""))
+            ]
+            if ws_routes:
+                logger.info(f"✅ Found {len(ws_routes)} WebSocket route(s):")
+                for route in ws_routes:
+                    route_path = getattr(route, "path", "unknown")
+                    logger.info(f"   🔌 {route_path}")
+            else:
+                logger.warning(
+                    "⚠️  No WebSocket routes found - check manifest.json websockets config"
+                )
+
+            logger.info("=" * 60)
+
             yield
 
             # Shutdown is handled by parent app

{mdb_engine-0.4.10.dist-info → mdb_engine-0.4.11.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mdb-engine
-Version: 0.4.10
+Version: 0.4.11
 Summary: MongoDB Engine
 Home-page: https://github.com/ranfysvalle02/mdb-engine
 Author: Fabian Valle

{mdb_engine-0.4.10.dist-info → mdb_engine-0.4.11.dist-info}/RECORD

@@ -1,5 +1,5 @@
 mdb_engine/README.md,sha256=T3EFGcPopY9LslYW3lxgG3hohWkAOmBNbYG0FDMUJiY,3502
-mdb_engine/__init__.py,sha256=vPLJdYxMSH7eCFDAJI9DetSeNx7giu0fNOrYfU87rRI,3511
+mdb_engine/__init__.py,sha256=Fs_kQ4wpgcfaZcqFh7IJNmbB-nvo9Z1DwUYML3palCM,3554
 mdb_engine/config.py,sha256=DTAyxfKB8ogyI0v5QR9Y-SJOgXQr_eDBCKxNBSqEyLc,7269
 mdb_engine/constants.py,sha256=eaotvW57TVOg7rRbLziGrVNoP7adgw_G9iVByHezc_A,7837
 mdb_engine/dependencies.py,sha256=MJuYQhZ9ZGzXlip1ha5zba9Rvn04HDPWahJFJH81Q2s,14107
@@ -14,7 +14,7 @@ mdb_engine/auth/casbin_models.py,sha256=7XtFmRBhhjw1nKprnluvjyJoTj5fzdPeQwVvo6fI
 mdb_engine/auth/config_defaults.py,sha256=1YI_hIHuTiEXpkEYMcufNHdLr1oxPiJylg3CKrJCSGY,2012
 mdb_engine/auth/config_helpers.py,sha256=Qharb2YagLOKDGtE7XhYRDbBoQ_KGykrcIKrsOwWIJ4,6303
 mdb_engine/auth/cookie_utils.py,sha256=j04qXq5GiJrnnJUAP5Z_N1CAFbx9CZiyF5u9xIiQ3vo,4876
-mdb_engine/auth/csrf.py,sha256=__vbWkqt6LcEoib53q14Or7hGkG7yKC2UZdbf8Si3h4,17211
+mdb_engine/auth/csrf.py,sha256=7zLiX9IEvgBXp3DjVBmcaYATS6cTelQReUYYkiVas6M,17626
 mdb_engine/auth/decorators.py,sha256=LkVVEuRrT0Iz8EwctN14BEi3fSV-xtN6DaGXgtbiYYo,12287
 mdb_engine/auth/dependencies.py,sha256=JB1iYvZJgTR6gcaiGe_GJFCS6NdUKMxWBZRv6vVxnzw,27112
 mdb_engine/auth/helpers.py,sha256=BCrid985cYh-3h5ZMUV9TES0q40uJXio4oYKQZta7KA,1970
@@ -46,7 +46,7 @@ mdb_engine/core/app_registration.py,sha256=7szt2a7aBkpSppjmhdkkPPYMKGKo0MkLKZeEe
 mdb_engine/core/app_secrets.py,sha256=bo-syg9UUATibNyXEZs-0TTYWG-JaY-2S0yNSGA12n0,10524
 mdb_engine/core/connection.py,sha256=XnwuPG34pJ7kJGJ84T0mhj1UZ6_CLz_9qZf6NRYGIS8,8346
 mdb_engine/core/encryption.py,sha256=RZ5LPF5g28E3ZBn6v1IMw_oas7u9YGFtBcEj8lTi9LM,7515
-mdb_engine/core/engine.py,sha256=_diuHakVexwqDj6QrFt5-t-pgKd1XlZrPn_Jz4G4OCs,145912
+mdb_engine/core/engine.py,sha256=vLD4Wt1dqAGx15uQqapw2NnSHQLwJl5TetBJpzWNSTs,150167
 mdb_engine/core/index_management.py,sha256=9-r7MIy3JnjQ35sGqsbj8K_I07vAUWtAVgSWC99lJcE,5555
 mdb_engine/core/manifest.py,sha256=jguhjVPAHMZGxOJcdSGouv9_XiKmxUjDmyjn2yXHCj4,139205
 mdb_engine/core/ray_integration.py,sha256=vexYOzztscvRYje1xTNmXJbi99oJxCaVJAwKfTNTF_E,13610
@@ -89,9 +89,9 @@ mdb_engine/routing/__init__.py,sha256=reupjHi_RTc2ZBA4AH5XzobAmqy4EQIsfSUcTkFknU
 mdb_engine/routing/websockets.py,sha256=3X4OjQv_Nln4UmeifJky0gFhMG8A6alR77I8g1iIOLY,29311
 mdb_engine/utils/__init__.py,sha256=lDxQSGqkV4fVw5TWIk6FA6_eey_ZnEtMY0fir3cpAe8,236
 mdb_engine/utils/mongo.py,sha256=Oqtv4tQdpiiZzrilGLEYQPo8Vmh8WsTQypxQs8Of53s,3369
-mdb_engine-0.4.10.dist-info/licenses/LICENSE,sha256=hIahDEOTzuHCU5J2nd07LWwkLW7Hko4UFO__ffsvB-8,34523
-mdb_engine-0.4.10.dist-info/METADATA,sha256=pnv9IgyvHCe-SlF8UQrdtYdFWNsP2uJH0Won3hP61LU,15811
-mdb_engine-0.4.10.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
-mdb_engine-0.4.10.dist-info/entry_points.txt,sha256=INCbYdFbBzJalwPwxliEzLmPfR57IvQ7RAXG_pn8cL8,48
-mdb_engine-0.4.10.dist-info/top_level.txt,sha256=PH0UEBwTtgkm2vWvC9He_EOMn7hVn_Wg_Jyc0SmeO8k,11
-mdb_engine-0.4.10.dist-info/RECORD,,
+mdb_engine-0.4.11.dist-info/licenses/LICENSE,sha256=hIahDEOTzuHCU5J2nd07LWwkLW7Hko4UFO__ffsvB-8,34523
+mdb_engine-0.4.11.dist-info/METADATA,sha256=P7zS3dkTt-ZqKU4c2yp8pjn57v-1u6gV9S9rtp91PN0,15811
+mdb_engine-0.4.11.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+mdb_engine-0.4.11.dist-info/entry_points.txt,sha256=INCbYdFbBzJalwPwxliEzLmPfR57IvQ7RAXG_pn8cL8,48
+mdb_engine-0.4.11.dist-info/top_level.txt,sha256=PH0UEBwTtgkm2vWvC9He_EOMn7hVn_Wg_Jyc0SmeO8k,11
+mdb_engine-0.4.11.dist-info/RECORD,,