security: isDevelopmentMode defaulting to "enabled" bypasses Firebase auth on misconfigured deploys#689
Conversation
WalkthroughThe development-mode detection logic in the API key service changes from defaulting to enabled to defaulting to disabled. Development mode now requires explicit opt-in via the Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
📝 Coding Plan
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
af463ea to
cd8e217
Compare
`os.getenv("isDevelopmentMode", "enabled")` caused any deployment that
omitted this env var to silently run in development mode — bypassing
GCP Secret Manager and falling back to local Fernet-only key storage.
All other call sites in the codebase already use the safe pattern
`os.getenv("isDevelopmentMode") == "enabled"` (falsy when unset).
This aligns api_key_service.py with that convention by changing the
default to "disabled".
Co-authored-by: zerotrail-ai <zerotrail-ai@users.noreply.github.com>
cd8e217 to
b2ad2de
Compare
|



Summary
os.getenv("isDevelopmentMode", "enabled")inapi_key_service.pymeans any deployment that omits this env var silently runs in development mode — bypassing Firebase authentication and GCP Secret Manager entirely, falling back to local Fernet-only key storage with no auth enforcement.All other call sites in the codebase already use the safe pattern:
This PR aligns
api_key_service.pywith that convention.Change
One character change. No logic change for deployments that explicitly set the env var either way.
Impact
isDevelopmentModenot setisDevelopmentMode=enabledisDevelopmentMode=disabledTest plan
isDevelopmentModeset — GCP Secret Manager should be used, auth should be enforcedisDevelopmentMode=enabledexplicitly — behaviour unchanged (dev mode active)isDevelopmentMode=disabledexplicitly — behaviour unchanged (dev mode inactive)Summary by CodeRabbit