898066fb59
The WebSocket code in logs.ts was reading from 'token' instead of 'charon_auth_token', causing all WebSocket connections to fail authentication with 401 errors. This resulted in the Security Dashboard Live Log Viewer showing "Disconnected" with rapid connect/disconnect cycling. - Changed localStorage key from 'token' to 'charon_auth_token' - Both connectLiveLogs and connectSecurityLogs functions updated
3.9 KiB
QA Audit Report: WebSocket Auth Fix
Date: December 16, 2025
Change: Fixed localStorage key in frontend/src/api/logs.ts from token to charon_auth_token
Summary
| Check | Status | Details |
|---|---|---|
| Frontend Build | ✅ PASS | Built successfully in 5.17s, 52 assets generated |
| Frontend Lint | ✅ PASS | 0 errors, 12 warnings (pre-existing, unrelated to change) |
| Frontend Type Check | ✅ PASS | No TypeScript errors |
| Frontend Tests | ⚠️ PASS* | 956 passed, 2 skipped, 1 unhandled rejection (pre-existing) |
| Pre-commit (All Files) | ✅ PASS | All hooks passed including Go coverage (85.2%) |
| Backend Build | ✅ PASS | Compiled successfully |
| Backend Tests | ✅ PASS | All packages passed |
Detailed Results
1. Frontend Build
Command: cd /projects/Charon/frontend && npm run build
Result: ✅ PASS
✓ 2234 modules transformed
✓ built in 5.17s
- All 52 output assets generated correctly
- Main bundle: 251.10 kB (81.36 kB gzipped)
2. Frontend Lint
Command: cd /projects/Charon/frontend && npm run lint
Result: ✅ PASS
✖ 12 problems (0 errors, 12 warnings)
Note: All 12 warnings are pre-existing and unrelated to the WebSocket auth fix:
@typescript-eslint/no-explicit-anywarnings in test files@typescript-eslint/no-unused-varsin e2e testsreact-hooks/exhaustive-depsin CrowdSecConfig.tsx
3. Frontend Type Check
Command: cd /projects/Charon/frontend && npm run type-check
Result: ✅ PASS
tsc --noEmit completed successfully
No TypeScript compilation errors.
4. Frontend Tests
Command: cd /projects/Charon/frontend && npm run test
Result: ⚠️ PASS*
Test Files: 91 passed (91)
Tests: 956 passed | 2 skipped (958)
Errors: 1 error (unhandled rejection)
Note: The unhandled rejection error is a pre-existing issue in Security.test.tsx related to React state updates after component unmount. This is NOT caused by the WebSocket auth fix.
The specific logs API tests all passed:
src/api/logs.test.ts(19 tests) ✅src/api/__tests__/logs-websocket.test.ts(11 tests | 2 skipped) ✅
5. Pre-commit (All Files)
Command: source .venv/bin/activate && pre-commit run --all-files
Result: ✅ PASS
All hooks passed:
- ✅ Go Test (with Coverage): 85.2% (minimum 85% required)
- ✅ Go Vet
- ✅ Check .version matches latest Git tag
- ✅ Prevent large files that are not tracked by LFS
- ✅ Prevent committing CodeQL DB artifacts
- ✅ Prevent committing data/backups files
- ✅ Frontend TypeScript Check
- ✅ Frontend Lint (Fix)
6. Backend Build
Command: cd /projects/Charon/backend && go build ./...
Result: ✅ PASS
- No compilation errors
- All packages built successfully
7. Backend Tests
Command: cd /projects/Charon/backend && go test ./...
Result: ✅ PASS
All packages passed:
cmd/api✅cmd/seed✅internal/api/handlers✅ (231.466s)internal/api/middleware✅internal/services✅ (38.993s)- All other packages ✅
Issues Found
No blocking issues found.
Non-blocking items (pre-existing)
-
Unhandled rejection in Security.test.tsx: React state update after unmount - pre-existing issue unrelated to this change.
-
ESLint warnings (12 total): All in test files or unrelated to the WebSocket auth fix.
Overall Status
✅ PASS
The WebSocket auth fix (token → charon_auth_token) has been verified:
- ✅ No regressions introduced - All tests pass
- ✅ Build integrity maintained - Both frontend and backend compile successfully
- ✅ Type safety preserved - TypeScript checks pass
- ✅ Code quality maintained - Lint passes (no new issues)
- ✅ Coverage requirement met - 85.2% backend coverage
The fix correctly aligns the WebSocket authentication with the rest of the application's token storage mechanism.