Use shared settings dependency in security helpers

[shayancoin]

Summary

• import the shared get_settings dependency from api.config
• remove the redundant local settings factory and rely on the shared dependency for existing validators

Testing

• not run (not requested)

---

https://chatgpt.com/codex/tasks/task_e_68f062527d5483309d1895891c558b6c

Summary by CodeRabbit

• Refactor
  • Updated authentication to consume settings from a centralized configuration source, improving consistency and maintainability.
  • Simplified internal dependency handling for security components without altering behavior.
  • Authentication flows, write-token requirements, and overall access controls remain unchanged.
  • No user-facing changes; this is an internal improvement aimed at reliability and future scalability.

[coderabbitai]

Walkthrough

Replaced the locally defined get_settings in backend/api/security.py with an imported get_settings from api.config. The local function was removed; require_write_token now depends on the imported provider. No behavioral changes to require_write_token.

Changes

Cohort / File(s)	Summary of edits
Settings DI consolidation backend/api/security.py	Removed local get_settings() definition; imported get_settings from api.config and wired existing dependency (require_write_token) to use it. Public signature of require_write_token unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• Cache API settings helper #23 — Introduces exported get_settings() in backend/api/config.py; this PR adopts that centralized provider in security.
• Codex/add lru cache for get settings helper #42 — Adds @lru_cache to get_settings() and updates call sites; current change aligns security with that shared implementation.

Poem

A hop, a swap, a tidy import trail,
I nudge my nose—no logic set to fail.
Settings now shared, the garden feels right,
Carrots compiled, dependencies light.
Thump-thump! One less burrow to maintain tonight. 🥕🐇

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The pull request description does not follow the repository’s required template because it omits the “PR Type” heading, does not use the exact “Short Description” section, and lacks a “Tests Added” section, instead using “Summary” and “Testing” headings that do not match the structural requirements.	Please revise the description to include a “PR Type” field with an appropriate label, rename the “Summary” section to “Short Description,” add a “Tests Added” section detailing any tests or a statement if none were added, and ensure all headings and structure match the provided template.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title succinctly and accurately captures the main change of importing and using the shared settings dependency in the security helpers without extraneous detail, making it clear to readers what the pull request achieves.

✨ Finishing touches

• 📝 Docstrings were successfully generated.

🧪 Generate unit tests (beta)

✅ Unit Test PR creation complete.

• Create PR with unit tests
• Commit unit tests in branch codex/update-security.py-to-import-get_settings
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9e9e2fb and e446822.

📒 Files selected for processing (1)

• backend/api/security.py (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

backend/api/security.py (1)

backend/api/config.py (2)

• Settings (10-46)
• get_settings (50-53)

🪛 GitHub Actions: CI

backend/api/security.py

[error] 25-25: E501: Line too long (96 > 88)

---

[error] 28-28: E501: Line too long (93 > 88)

---

[error] 30-30: E501: Line too long (94 > 88)

🔇 Additional comments (2)

backend/api/security.py (2)

13-13: LGTM: Import consolidation achieved.

The import of get_settings from api.config successfully consolidates the dependency injection and removes code duplication as intended.

---

13-13: No dangling imports of get_settings
All imports of get_settings reference api.config; none import from api.security.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Note

Unit test generation is an Early Access feature. Expect some limitations and changes as we gather feedback and continue to improve it.

---

Generating unit tests... This may take up to 20 minutes.

[coderabbitai]

Note

Docstrings generation - SKIPPED
Skipped regeneration as there are no new commits. Docstrings already generated for this pull request at #55.

[coderabbitai]

✅ UTG Post-Process Complete

No new issues were detected in the generated code and all check runs have completed. The unit test generation process has completed successfully.

[coderabbitai]

Creating a PR to put the unit tests in...

The changes have been created in this pull request: View PR