afourmaux-agreg/agreg-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: add security constraints to devEUI on readings endpoint

Browse source
This commit is contained in:
Alexis Fourmaux 2026-05-12 23:58:46 +02:00
parent 35ac428e2d
commit 0dce6cf89a
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
server/backend/adapters/http/readings.py
View file

@ -1,7 +1,8 @@
from datetime import datetime
from typing import Annotated
from fastapi import APIRouter, Depends, Query, HTTPException
from fastapi import APIRouter, Depends, Query, HTTPException, Path
from pydantic import constr
from domain.value_objects import Granularity
from domain.exceptions import ValidationError, DatabaseError
@ -12,10 +13,11 @@ from ._readings_schemas import ConsumptionResponseSchema
readings_router = APIRouter(prefix="/readings", tags=["readings"])
DevEUI = Annotated[constr(max_length=64, pattern=r'^[0-9A-Fa-f]+$'), Path()]
@readings_router.get("/{dev_eui}", response_model=ConsumptionResponseSchema)
def get_consumption(
dev_eui: str,
dev_eui: DevEUI,
start: Annotated[datetime, Query()],
end: Annotated[datetime, Query()],
granularity: Annotated[Granularity, Query()] = "day",