2026-06-09 01:02:05 +00:00
4 changed files with 12 additions and 4 deletions
@@ -35,7 +35,10 @@ class CacheClient:
    async def get(self, key: str) -> str | None:
        if not self._client:
            return None
-        return await self._client.get(key)
+        result = await self._client.get(key)
+        if result is None:
+            return None
+        return str(result)

    async def set(self, key: str, value: str, ttl_seconds: int = 300) -> None:
        if not self._client:
@@ -86,4 +86,4 @@ class Settings(BaseSettings):
        return self


-settings = Settings()
+settings = Settings()  # type: ignore[call-arg]
@@ -25,6 +25,8 @@ logger = logging.getLogger(__name__)
 class RateLimitBackend(Protocol):
    """Protocol for rate limit backends."""

+    max_requests: int
+
    async def is_allowed(self, key: str) -> tuple[bool, int, int]:
        """Check if request is allowed. Returns (allowed, remaining, retry_after)."""

@@ -104,6 +106,9 @@ class RedisSlidingWindow:

 _redis_client: Redis | None = None
 _use_redis = False
+_public_limiter: RateLimitBackend
+_auth_limiter: RateLimitBackend
+_auth_strict_limiter: RateLimitBackend

 if settings.rate_limit_redis_enabled:
    try:
@@ -272,11 +272,11 @@ async def _create_test_user_and_session(
    Returns (user_dict, session_token).  Better-Auth stores the raw token
    in the DB, so we insert it as-is.
    """
-    user_id = uuid.uuid4().hex
+    user_id = str(uuid.uuid4())
    email = user_overrides.get("email", "test@example.com")
    display_name = user_overrides.get("display_name", "Test User")
    session_token = secrets.token_urlsafe(32)
-    session_id = uuid.uuid4().hex
+    session_id = str(uuid.uuid4())
    now = datetime.now(UTC).isoformat()
    expires = (datetime.now(UTC) + timedelta(days=7)).isoformat()