Update DB API base URL and enhance token handling

[shiffiH]

No description provided.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR updates the Dashboard API client to use the containerized db_api_service instead of host.docker.internal, aligning with the docker-compose network architecture. It also adds token management capabilities (get_token_info, refresh_token) and removes debug logging for cleaner output.

Key Changes:

• Changed DB_API_BASE from http://host.docker.internal:8001 to http://db_api_service:8001 for proper Docker network communication
• Updated list_devices() endpoint from /api/devices to /api/tables/devices
• Added get_token_info() method to inspect JWT tokens and expiration
• Added refresh_token() method for token rotation
• Removed debug print statements throughout token bootstrap flow
• Added self.token and self.token_type instance variables for token tracking

Issues Found:

• Duplicate imports on lines 11-14 (already imported on lines 2-9)
• Critical bug in refresh_token() that only updates X-Service-Token header, breaking token refresh for bearer auth mode

Confidence Score: 3/5

• This PR has moderate risk due to a critical authentication bug and duplicate imports that need resolution
• Score reflects two significant issues: (1) duplicate imports causing unnecessary bloat, and (2) a critical logic bug in refresh_token() that will fail to update authentication headers correctly in bearer mode, potentially causing auth failures after token refresh. The URL change itself is correct and aligns with the docker-compose setup, but the token refresh implementation is incomplete.
• GUI/src/vast/dashboard_api.py requires attention - fix the duplicate imports and the refresh_token() authentication header logic

Important Files Changed

File Analysis

Filename	Score	Overview
GUI/src/vast/dashboard_api.py	3/5	Updated DB API URL from host.docker.internal to db_api_service, removed debug logging, added token management methods (get_token_info, refresh_token), changed list_devices endpoint path, and fixed duplicate imports. Contains critical logic bug in refresh_token and duplicate imports.

Sequence Diagram

sequenceDiagram
    participant GUI as GUI Desktop App
    participant DashboardApi as DashboardApi Client
    participant TokenFile as Token File System
    participant DBAPI as db_api_service:8001
    participant Postgres as PostgreSQL DB

    Note over GUI,Postgres: Initialization Flow
    GUI->>DashboardApi: __init__()
    DashboardApi->>DashboardApi: get_or_bootstrap_token()
    alt Static token configured
        DashboardApi->>DashboardApi: return DB_API_TOKEN
    else Token file exists
        DashboardApi->>TokenFile: read /app/secrets/db_api_token
        TokenFile-->>DashboardApi: return cached token
    else Bootstrap new token
        DashboardApi->>DBAPI: POST /auth/_dev_bootstrap
        Note right of DBAPI: {service_name: "GUI_H", rotate_if_exists: true}
        DBAPI->>Postgres: Create/rotate service account
        Postgres-->>DBAPI: Service account record
        DBAPI-->>DashboardApi: {service_account: {raw_token: "..."}}
        DashboardApi->>TokenFile: write token to file
    end
    DashboardApi->>DashboardApi: Set X-Service-Token header
    DashboardApi-->>GUI: Ready with authenticated session

    Note over GUI,Postgres: API Operations
    GUI->>DashboardApi: list_devices(model="sensor")
    DashboardApi->>DBAPI: GET /api/tables/devices?model=sensor
    Note right of DBAPI: Headers: X-Service-Token
    DBAPI->>Postgres: Query devices table
    Postgres-->>DBAPI: Device records
    DBAPI-->>DashboardApi: JSON device list
    DashboardApi-->>GUI: list[dict] devices

    Note over GUI,Postgres: Token Management
    GUI->>DashboardApi: get_token_info()
    DashboardApi->>DashboardApi: Decode JWT payload (if JWT)
    DashboardApi-->>GUI: {type, exp, secs_left, payload}

    GUI->>DashboardApi: refresh_token()
    DashboardApi->>DBAPI: POST /auth/_dev_bootstrap
    DBAPI-->>DashboardApi: New token
    DashboardApi->>TokenFile: Write new token
    DashboardApi->>DashboardApi: Update X-Service-Token header
    DashboardApi-->>GUI: Success

Loading

_{1 file reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

syntax: duplicate imports already present on lines 2-9

Suggested change

	import json, time, pathlib, base64, requests
	from urllib.parse import quote
	from requests.adapters import HTTPAdapter
	from urllib3.util.retry import Retry

[greptile-apps]

logic: only updates X-Service-Token header but doesn't handle bearer mode - tokens won't refresh properly when DB_API_AUTH_MODE is not "service"

Suggested change

	self.http.headers.update({"X-Service-Token": new_token})
	if DB_API_AUTH_MODE == "service":
	self.http.headers.update({"X-Service-Token": new_token})
	else:
	self.http.headers.update({"Authorization": f"Bearer {new_token}"})