-
Stefy Lanza (nextime / spora ) authoredThe model-upload endpoint joined a client-supplied filename straight onto the cache dir, so an admin-authenticated request with a traversal filename (or upload_id) could write outside it. Reduce both to a safe basename, reject separators/.., and add a commonpath containment check before committing the upload. SessionManager only locked the write half of each load->mutate->save, so concurrent writers could clobber each other's changes (lost sessions or tokens). Add update_auth_data(mutator), which holds the lock across the whole read-modify-write and persists only when the mutator asks to; route every mutating method (and the token create/delete endpoints) through it. Read-only callers keep the lock-free load since writes are atomic via os.replace. While migrating the token endpoints, switch IDs to max+1 (no reuse after deletion) and to timezone-aware timestamps. Co-Authored-By:Claude Opus 4.8 <noreply@anthropic.com>
f97459fc
