b3nw/unifi-mcp-light
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Address code review findings
All checks were successful
Build and Push Docker Image / build (push) Successful in 8s
Details

Browse Source 
- Fix infinite recursion on re-auth by adding attempt counter
- Add endpoint validation to unifi_api_call (block path traversal, require /api/ prefix)
- Clean up redundant SSL context creation
- Add safe port parsing with fallback and warning log
This commit is contained in:
Ben
2026-01-02 04:27:57 +00:00
parent 487f5355a0
commit 7af26ff0b1
2 changed files with 37 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
unifi_client.py
View File

@@ -95,10 +95,8 @@ class UnifiClient:
return
# Create SSL context
if self.verify_ssl:
ssl_context = ssl.create_default_context()
else:
ssl_context = ssl.create_default_context()
ssl_context = ssl.create_default_context()
if not self.verify_ssl:
ssl_context.check_hostname = False
ssl_context.verify_mode = ssl.CERT_NONE
@@ -216,6 +214,7 @@ class UnifiClient:
method: str,
endpoint: str,
payload: Optional[dict] = None,
_reauth_attempt: bool = False,
) -> Any:
"""
Make an authenticated request to the UniFi API.
@@ -264,9 +263,15 @@ class UnifiClient:
text = await resp.text()
if resp.status == 401:
# Session expired, try to re-authenticate
# Session expired, try to re-authenticate (once only)
if _reauth_attempt:
raise UnifiAuthError(
"Re-authentication failed. Check credentials or account status."
)
await self._authenticate()
return await self.request(method, endpoint, payload)
return await self.request(
method, endpoint, payload, _reauth_attempt=True
)
if resp.status >= 400:
raise UnifiClientError(f"API error {resp.status}: {text}")