kunthawat/ALwrity
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4e633f32d926a4dfe22b820a0c2fd00a49f0886d
ALwrity/docs/STYLE_DETECTION_FIX_SUMMARY.md

7.7 KiB
Raw Blame History

Style Detection 404 Fix Summary

Date: October 1, 2025
Issue: URL mismatch causing 404 errors
Fix: 1-line change to add missing /onboarding prefix
Status: Fixed

Problem

What Was Happening:

Frontend calling: /api/style-detection/session-analyses
Backend serving: /api/onboarding/style-detection/session-analyses
                      ^^^^^^^^^^^^ Missing prefix
Result: 404 Not Found

Logs Showed:

INFO: 127.0.0.1:0 - "GET /api/style-detection/session-analyses HTTP/1.1" 404 Not Found
(Repeated on every Step 2 visit)

Root Cause

Backend Router Configuration:

# backend/api/component_logic.py (Line 43)
router = APIRouter(prefix="/api/onboarding", tags=["component_logic"])

# All routes under this router get /api/onboarding prefix

Frontend Calling:

// frontend/src/components/OnboardingWizard/WebsiteStep/utils/websiteUtils.ts (Line 252)
const res = await fetch('/api/style-detection/session-analyses');
// ❌ Missing /onboarding prefix

Purpose of This Endpoint

What It Does:

Pre-fills the website URL field with the last analyzed website from the user's session.

User Experience:

Scenario 1: First time user
- No previous analysis
- Endpoint returns empty
- User types URL manually ✅

Scenario 2: Returning user
- Previous analysis exists  
- Endpoint returns last URL
- Field auto-filled ✅
- User saves time!

Value:

  • Convenience: User doesn't re-type same URL
  • Speed: Skip manual entry
  • UX: Remember user's context

Solution

Fix Applied:

File: frontend/src/components/OnboardingWizard/WebsiteStep/utils/websiteUtils.ts
Line: 252
Change: 1 line

// Before:
const res = await fetch('/api/style-detection/session-analyses');

// After:
const res = await fetch('/api/onboarding/style-detection/session-analyses');
//                        ^^^^^^^^^^^^ Added missing prefix

Impact

Before Fix:

  • 404 errors on every Step 2 visit
  • Pre-fill feature not working
  • Log pollution
  • No user-facing errors (graceful degradation)

After Fix:

  • Endpoint returns data correctly
  • Pre-fill feature works
  • Clean logs
  • Better UX

Why It Wasn't Critical

Graceful Error Handling:

// Line 269-275 in websiteUtils.ts
} catch (err) {
  console.error('WebsiteStep: Error pre-filling from last analysis', err);
  return {
    success: false,  // ← Fails gracefully
    error: err instanceof Error ? err.message : 'Unknown error'
  };
}

Result:

  • Error caught
  • Component continues working
  • User can manually enter URL
  • No crash or blank screen

This is good error handling!

Backend Endpoint Details

Route: GET /api/onboarding/style-detection/session-analyses

Purpose: Return all style detection analyses for current session

Implementation:

# backend/api/component_logic.py (Lines 645-669)
@router.get("/style-detection/session-analyses")
async def get_session_analyses():
    """Get all analyses for the current session."""
    db_session = get_db_session()
    analysis_service = WebsiteAnalysisService(db_session)
    
    # TODO: Get from user session (currently uses default session_id=1)
    session_id = 1
    
    analyses = analysis_service.get_session_analyses(session_id)
    return {"success": True, "analyses": analyses}

Current Limitation:

  • Uses hardcoded session_id = 1
  • Should use Clerk user ID from auth token

Related Issues Found

Issue 1: Hardcoded Session ID

Current Code:

# Line 660
session_id = 1  # TODO: Get from user session

Problem:

  • All users share session_id=1
  • No user isolation
  • Data leakage between users

Solution:

@router.get("/style-detection/session-analyses")
async def get_session_analyses(current_user: Dict = Depends(get_current_user)):
    """Get all analyses for the current user."""
    user_id = current_user.get('id')
    
    # Use Clerk user ID instead of session ID
    analyses = analysis_service.get_user_analyses(user_id)
    return {"success": True, "analyses": analyses}

Issue 2: Similar Hardcoded Session IDs

Found in same file:

# Line 94
session_id = 1  # TODO: Get actual session ID from request context

# Line 181
session_id = 1  # TODO: Get from authenticated user session

# Line 660
session_id = 1  # TODO: Get from user session

Impact:

  • 🔴 SECURITY: All users see each other's data!
  • 🔴 DATA INTEGRITY: No user isolation
  • 🔴 PRIVACY: Violates user data separation

Severity: 🔴 HIGH - Should be fixed ASAP

Recommended Fixes

Priority 1: Fix URL (Immediate - 30 seconds)

DONE - Already applied above

const res = await fetch('/api/onboarding/style-detection/session-analyses');

Priority 2: Fix User Isolation (Critical - 30 minutes)

Update all endpoints in component_logic.py to use Clerk user ID:

# Import auth middleware
from middleware.auth_middleware import get_current_user

# Update all endpoints:
@router.post("/ai-research/configure-preferences")
async def configure_research_preferences(
    request: ResearchPreferencesRequest, 
    db: Session = Depends(get_db),
    current_user: Dict = Depends(get_current_user)  # ← Add this
):
    user_id = current_user.get('id')  # ← Use this instead of session_id=1
    
    preferences_id = preferences_service.save_preferences_with_style_data(
        user_id,  # ← Not session_id=1
        preferences
    )

Files to Update:

  • backend/api/component_logic.py - All endpoints with session_id = 1
  • backend/services/research_preferences_service.py - Change to use user_id
  • backend/services/website_analysis_service.py - Change to use user_id

Testing

Test the Fix:

  1. Restart frontend (changes will hot-reload)

  2. Sign in and go to Step 2 (Website)

  3. Check browser console:

Expected (if previous analysis exists):
✅ "WebsiteStep: Checking existing analysis for URL: ..."
✅ Website field pre-filled

Expected (no previous analysis):
✅ No errors
✅ Empty website field (normal)
  1. Check backend logs:
Expected:
✅ GET /api/onboarding/style-detection/session-analyses → 200 OK
❌ NOT: 404 Not Found

Summary

What Was Wrong:

  • URL mismatch (missing /onboarding prefix)
  • Hardcoded session IDs (user isolation issue)

What Was Fixed:

  • URL corrected in frontend

What Still Needs Fixing:

  • 🔴 Hardcoded session_id = 1 (HIGH PRIORITY)
  • Replace with Clerk user ID for proper user isolation

Files Modified

  1. frontend/src/components/OnboardingWizard/WebsiteStep/utils/websiteUtils.ts
    • Line 252: Added /onboarding prefix

Next Steps

  1. Immediate: URL fix applied
  2. 🔴 Critical: Fix hardcoded session IDs (user isolation)
  3. 🟡 Nice to have: Add user-specific caching

Related Endpoints

All these have the same URL pattern and need /onboarding prefix:

  • /api/onboarding/style-detection/check-existing/{url} Correct in frontend
  • /api/onboarding/style-detection/complete Correct in frontend
  • /api/onboarding/style-detection/analysis/{id} Correct in frontend
  • /api/onboarding/style-detection/session-analyses NOW FIXED
  • /api/onboarding/style-detection/configuration-options (not called yet)

Conclusion

Fixed: URL mismatch causing 404
Restored: Pre-fill functionality
Discovered: 🔴 Critical user isolation issue (hardcoded session IDs)

Recommendation: Fix the hardcoded session IDs next session for proper user isolation and data privacy.

Reference in New Issue View Git Blame Copy Permalink