AegisSight/AegisSight-Monitor
3
0
Fork 0
Code Issues Pull-Requests Actions Pakete Projekte Releases Wiki Aktivität

Fix: Alle Timestamps einheitlich auf Europe/Berlin Zeitzone

Quellcode durchsuchen 
Inkonsistenz behoben: Manche Timestamps wurden in UTC, andere in
Berlin-Zeit gespeichert. Das fuehrte zu Fehlern beim Auto-Refresh
und Faktencheck, da Zeitvergleiche falsche Ergebnisse lieferten.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Dieser Commit ist enthalten in:
claude-dev
2026-03-07 02:37:30 +01:00
Ursprung 584cfa819b
Commit 706d0b49d6
7 geänderte Dateien mit 231 neuen und 37 gelöschten Zeilen
Patch-Datei herunterladen Vergleichs-Datei herunterladen Alle Dateien ausklappen Alle Dateien einklappen

156
src/routers/public_api.py Normale Datei
Datei anzeigen

@@ -0,0 +1,156 @@
"""Öffentliche API für die Lagebild-Seite auf aegissight.de.
Authentifizierung via X-API-Key Header (getrennt von der JWT-Auth).
Exponiert den Irankonflikt (alle zugehörigen Incidents) als read-only.
"""
import json
import logging
import os
import time
from collections import defaultdict
from datetime import datetime
from config import TIMEZONE
from fastapi import APIRouter, Depends, Header, HTTPException, Request
from database import db_dependency
logger = logging.getLogger("osint.public_api")
router = APIRouter(prefix="/api/public", tags=["public"])
VALID_API_KEY = os.environ.get("AEGIS_PUBLIC_API_KEY")
# Alle Iran-Incident-IDs (Haupt-Incident #6 + Ableger)
IRAN_INCIDENT_IDS = [6, 18, 19, 20]
PRIMARY_INCIDENT_ID = 6
# Simple in-memory rate limiter: max 120 requests per hour per IP
_rate_limit: dict[str, list[float]] = defaultdict(list)
RATE_LIMIT_MAX = 120
RATE_LIMIT_WINDOW = 3600 # 1 hour
def _check_rate_limit(ip: str):
now = time.time()
_rate_limit[ip] = [t for t in _rate_limit[ip] if now - t < RATE_LIMIT_WINDOW]
if len(_rate_limit[ip]) >= RATE_LIMIT_MAX:
raise HTTPException(status_code=429, detail="Rate limit exceeded")
_rate_limit[ip].append(now)
async def verify_api_key(request: Request, x_api_key: str = Header(...)):
"""Prüft API-Key und Rate-Limit."""
if not VALID_API_KEY or x_api_key != VALID_API_KEY:
logger.warning(f"Ungültiger API-Key von {request.client.host}")
raise HTTPException(status_code=403, detail="Invalid API key")
_check_rate_limit(request.client.host)
def _in_clause(ids):
"""Erzeugt sichere IN-Klausel für mehrere IDs."""
return ",".join(str(int(i)) for i in ids)
@router.get("/lagebild", dependencies=[Depends(verify_api_key)])
async def get_lagebild(db=Depends(db_dependency)):
"""Liefert das aktuelle Lagebild (Irankonflikt) mit allen Daten."""
ids = _in_clause(IRAN_INCIDENT_IDS)
# Haupt-Incident laden (für Summary, Sources)
cursor = await db.execute(
"SELECT * FROM incidents WHERE id = ?", (PRIMARY_INCIDENT_ID,)
)
incident = await cursor.fetchone()
if not incident:
raise HTTPException(status_code=404, detail="Incident not found")
incident = dict(incident)
# Alle Artikel aus allen Iran-Incidents laden
cursor = await db.execute(
f"""SELECT id, headline, headline_de, source, source_url, language,
published_at, collected_at, verification_status, incident_id
FROM articles WHERE incident_id IN ({ids})
ORDER BY published_at DESC, collected_at DESC"""
)
articles = [dict(r) for r in await cursor.fetchall()]
# Alle Faktenchecks aus allen Iran-Incidents laden
cursor = await db.execute(
f"""SELECT id, claim, status, sources_count, evidence, status_history, checked_at, incident_id
FROM fact_checks WHERE incident_id IN ({ids})
ORDER BY checked_at DESC"""
)
fact_checks = []
for r in await cursor.fetchall():
fc = dict(r)
try:
fc["status_history"] = json.loads(fc.get("status_history") or "[]")
except (json.JSONDecodeError, TypeError):
fc["status_history"] = []
fact_checks.append(fc)
# Quellenanzahl über alle Incidents
cursor = await db.execute(
f"SELECT COUNT(DISTINCT source) as cnt FROM articles WHERE incident_id IN ({ids})"
)
source_count = (await cursor.fetchone())["cnt"]
# Snapshots aus allen Iran-Incidents
cursor = await db.execute(
f"""SELECT id, incident_id, article_count, fact_check_count, created_at
FROM incident_snapshots WHERE incident_id IN ({ids})
ORDER BY created_at DESC"""
)
available_snapshots = [dict(r) for r in await cursor.fetchall()]
# Sources JSON aus Haupt-Incident
try:
sources_json = json.loads(incident.get("sources_json") or "[]")
except (json.JSONDecodeError, TypeError):
sources_json = []
return {
"generated_at": datetime.now(TIMEZONE).isoformat(),
"incident": {
"id": incident["id"],
"title": incident["title"],
"description": incident.get("description", ""),
"status": incident["status"],
"type": incident.get("type", "adhoc"),
"created_at": incident["created_at"],
"updated_at": incident["updated_at"],
"article_count": len(articles),
"source_count": source_count,
"factcheck_count": len(fact_checks),
},
"current_lagebild": {
"summary_markdown": incident.get("summary", ""),
"sources_json": sources_json,
"updated_at": incident["updated_at"],
},
"articles": articles,
"fact_checks": fact_checks,
"available_snapshots": available_snapshots,
}
@router.get("/lagebild/snapshot/{snapshot_id}", dependencies=[Depends(verify_api_key)])
async def get_snapshot(snapshot_id: int, db=Depends(db_dependency)):
"""Liefert einen historischen Snapshot."""
ids = _in_clause(IRAN_INCIDENT_IDS)
cursor = await db.execute(
f"""SELECT id, summary, sources_json, article_count, fact_check_count, created_at
FROM incident_snapshots
WHERE id = ? AND incident_id IN ({ids})""",
(snapshot_id,),
)
snap = await cursor.fetchone()
if not snap:
raise HTTPException(status_code=404, detail="Snapshot not found")
snap = dict(snap)
try:
snap["sources_json"] = json.loads(snap.get("sources_json") or "[]")
except (json.JSONDecodeError, TypeError):
snap["sources_json"] = []
return snap