viktor/broker-sync
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix live Wealthfolio login + Dockerfile poetry path

Browse source 
Context
-------
Two live-integration bugs surfaced during the Phase 0.5 auth-spike
run against the restored production Wealthfolio.

1. Wealthfolio 3.2's LoginRequest schema is `{ password: String }` —
   it rejects any request with an unknown `username` field as HTTP
   400 (empty body, hard to debug). Upstream source:
   https://github.com/afadil/wealthfolio/blob/main/apps/server/src/auth.rs#L86-L88

2. Dockerfile referenced `/opt/poetry/bin/poetry` but pip install
   puts poetry on the normal PATH; POETRY_HOME only affects the
   self-installer, not `pip install`. Exit 127 in GHA build.

This change
-----------
- WealthfolioSink.login() sends `{password}` only; kept `username`
  constructor arg as a stub for the day Wealthfolio adds multi-user.
- Dockerfile drops POETRY_HOME and uses `poetry` on PATH.
- Test: `_login_ok` now asserts body == {"password": "hunter2"}
  ("hunter2" is the XKCD placeholder — not a real credential).

Test plan
---------
## Automated
- poetry run pytest -q  →  70 passed
- poetry run mypy broker_sync tests  →  Success: no issues found in 29 source files
- poetry run ruff check .  →  All checks passed!

## Manual Verification (executed live)
```
kubectl -n wealthfolio port-forward svc/wealthfolio 18080:80 &
WF_BASE_URL=http://localhost:18080 WF_USERNAME=admin \
WF_PASSWORD=<from-vault> \
poetry run broker-sync auth-spike
→ "Logged in. 1 account(s) visible."
```
This commit is contained in:
Viktor Barzin 2026-04-17 20:17:24 +00:00
parent 645c765287
commit 66cf0e0399
3 changed files with 13 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

5
tests/sinks/test_wealthfolio.py
View file

@ -44,10 +44,11 @@ def _client(handler: httpx.MockTransport, session_path: Path) -> WealthfolioSink
def _login_ok(req: httpx.Request) -> httpx.Response:
assert req.url.path == "/api/v1/auth/login"
body = json.loads(req.content)
assert body == {"username": "viktor", "password": "hunter2"}
# Wealthfolio 3.2 LoginRequest is password-only.
assert body == {"password": "hunter2"}
return httpx.Response(
200,
json={"ok": True},
json={"authenticated": True, "expiresIn": 604800},
headers={"set-cookie": "wf_token=abc123; Path=/api; HttpOnly"},
)