From 6a75800e1bb7c568cb33326e69262e542c02922b Mon Sep 17 00:00:00 2001
From: Robert Brennan <accounts@rbren.io>
Date: Fri, 27 Dec 2024 14:15:55 -0500
Subject: [PATCH] fix github auth for settings (#5871)

---
 openhands/server/routes/settings.py | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/openhands/server/routes/settings.py b/openhands/server/routes/settings.py
index 86b59cc10bbd..e5eaa7035ec7 100644
--- a/openhands/server/routes/settings.py
+++ b/openhands/server/routes/settings.py
@@ -1,6 +1,4 @@
-from typing import Annotated
-
-from fastapi import APIRouter, Header, status
+from fastapi import APIRouter, Request, status
 from fastapi.responses import JSONResponse
 
 from openhands.core.logger import openhands_logger as logger
@@ -16,10 +14,13 @@
 
 @app.get('/settings')
 async def load_settings(
-    github_auth: Annotated[str | None, Header()] = None,
+    request: Request,
 ) -> Settings | None:
+    github_token = ''
+    if hasattr(request.state, 'github_token'):
+        github_token = request.state.github_token
     try:
-        settings_store = await SettingsStoreImpl.get_instance(config, github_auth)
+        settings_store = await SettingsStoreImpl.get_instance(config, github_token)
         settings = await settings_store.load()
         if settings:
             # For security reasons we don't ever send the api key to the client
@@ -35,18 +36,24 @@ async def load_settings(
 
 @app.post('/settings')
 async def store_settings(
+    request: Request,
     settings: Settings,
-    github_auth: Annotated[str | None, Header()] = None,
-) -> bool:
+) -> JSONResponse:
+    github_token = ''
+    if hasattr(request.state, 'github_token'):
+        github_token = request.state.github_token
     try:
-        settings_store = await SettingsStoreImpl.get_instance(config, github_auth)
+        settings_store = await SettingsStoreImpl.get_instance(config, github_token)
         existing_settings = await settings_store.load()
         if existing_settings:
             settings = Settings(**{**existing_settings.__dict__, **settings.__dict__})
             if settings.llm_api_key is None:
                 settings.llm_api_key = existing_settings.llm_api_key
         await settings_store.store(settings)
-        return True
+        return JSONResponse(
+            status_code=status.HTTP_200_OK,
+            content={'message': 'Settings stored'},
+        )
     except Exception as e:
         logger.warning(f'Invalid token: {e}')
         return JSONResponse(