fix: redact websocket auth token in logs

2026-06-09 07:05:51 +08:00 · 2026-06-04 16:49:17 +03:00
2 changed files with 10 additions and 23 deletions
--- a/server/modules/websocket/services/websocket-auth.service.ts
+++ b/server/modules/websocket/services/websocket-auth.service.ts
@@ -20,7 +20,13 @@ export function verifyWebSocketClient(
  dependencies: WebSocketAuthDependencies
 ): boolean {
  const request = info.req as AuthenticatedWebSocketRequest;
-  console.log('WebSocket connection attempt to:', request.url);
+  const upgradeUrl = new URL(request.url ?? '/', 'http://localhost');
+  const loggedUrl = new URL(upgradeUrl);
+  if (loggedUrl.searchParams.has('token')) {
+    loggedUrl.searchParams.set('token', 'REDACTED');
+  }
+
+  console.log('WebSocket connection attempt to:', `${loggedUrl.pathname}${loggedUrl.search}`);

  // Platform mode: use the first DB user and skip token checks.
  if (dependencies.isPlatform) {
@@ -36,7 +42,6 @@ export function verifyWebSocketClient(
  }

  // OSS mode: read JWT from query string first, then Authorization header.
-  const upgradeUrl = new URL(request.url ?? '/', 'http://localhost');
  const token =
    upgradeUrl.searchParams.get('token') ??
    request.headers.authorization?.split(' ')[1] ??
--- a/src/components/chat/hooks/useChatComposerState.ts
+++ b/src/components/chat/hooks/useChatComposerState.ts
@@ -143,21 +143,6 @@ const createFakeSubmitEvent = () => {
  return { preventDefault: () => undefined } as unknown as FormEvent<HTMLFormElement>;
 };

-const THINKING_MODE_STORAGE_KEY = 'chat-thinking-mode';
-
-const getInitialThinkingMode = () => {
-  if (typeof window === 'undefined') {
-    return 'none';
-  }
-
-  const savedMode = safeLocalStorage.getItem(THINKING_MODE_STORAGE_KEY);
-  if (!savedMode) {
-    return 'none';
-  }
-
-  return thinkingModes.some((mode) => mode.id === savedMode) ? savedMode : 'none';
-};
-
 const getNotificationSessionSummary = (
  selectedSession: ProjectSession | null,
  fallbackInput: string,
@@ -219,7 +204,7 @@ export function useChatComposerState({
  const [uploadingImages, setUploadingImages] = useState<Map<string, number>>(new Map());
  const [imageErrors, setImageErrors] = useState<Map<string, string>>(new Map());
  const [isTextareaExpanded, setIsTextareaExpanded] = useState(false);
-  const [thinkingMode, setThinkingMode] = useState(getInitialThinkingMode);
+  const [thinkingMode, setThinkingMode] = useState('none');
  const [commandModalPayload, setCommandModalPayload] = useState<CommandModalPayload | null>(null);

  const textareaRef = useRef<HTMLTextAreaElement>(null);
@@ -579,7 +564,7 @@ export function useChatComposerState({

      let messageContent = currentInput;
      const selectedThinkingMode = thinkingModes.find((mode: { id: string; prefix?: string }) => mode.id === thinkingMode);
-      if (provider === 'claude' && selectedThinkingMode && selectedThinkingMode.prefix) {
+      if (selectedThinkingMode && selectedThinkingMode.prefix) {
        messageContent = `${selectedThinkingMode.prefix}: ${currentInput}`;
      }

@@ -764,6 +749,7 @@ export function useChatComposerState({
      setUploadingImages(new Map());
      setImageErrors(new Map());
      setIsTextareaExpanded(false);
+      setThinkingMode('none');

      if (textareaRef.current) {
        textareaRef.current.style.height = 'auto';
@@ -809,10 +795,6 @@ export function useChatComposerState({
    inputValueRef.current = input;
  }, [input]);

-  useEffect(() => {
-    safeLocalStorage.setItem(THINKING_MODE_STORAGE_KEY, thinkingMode);
-  }, [thinkingMode]);
-
  useEffect(() => {
    if (!selectedProjectId) {
      return;