Code review fixes

Signed-off-by: Scott R. Shinn <scott@atomicorp.com>

Author: atomicturtle

server/auth.py

@@ -9,6 +9,7 @@
 import secrets
 import pwd
 import grp
+import threading
 from pathlib import Path
 from typing import Dict, Optional
 from datetime import datetime, UTC
@@ -24,6 +25,7 @@ def __init__(self, config_file: str = '/etc/chelon/chelon.conf'):
         self.config_file = Path(config_file)
         self.tokens_file = Path('/var/lib/chelon/tokens.json')
         self.rate_limits = {}  # token_id -> {'count': int, 'window_start': float}
+        self._lock = threading.Lock()
 
         # Load tokens
         self.tokens = self._load_tokens()
@@ -126,25 +128,26 @@ def validate_token(self, token: str) -> Dict:
         now = datetime.now(UTC)
         window_size = 3600  # 1 hour in seconds
 
-        limit_data = self.rate_limits.get(token_id, {
-            'count': 0,
-            'window_start': now.timestamp()
-        })
-        
-        # Check if window has expired
-        if now.timestamp() - limit_data['window_start'] > window_size:
-            # Reset window
-            limit_data = {
+        with self._lock:
+            limit_data = self.rate_limits.get(token_id, {
                 'count': 0,
                 'window_start': now.timestamp()
-            }
-        
-        if limit_data['count'] >= token_info['rate_limit']:
-            raise ValueError("Rate limit exceeded")
-        
-        # Increment request count
-        limit_data['count'] += 1
-        self.rate_limits[token_id] = limit_data
+            })
+            
+            # Check if window has expired
+            if now.timestamp() - limit_data['window_start'] > window_size:
+                # Reset window
+                limit_data = {
+                    'count': 0,
+                    'window_start': now.timestamp()
+                }
+            
+            if limit_data['count'] >= token_info['rate_limit']:
+                raise ValueError("Rate limit exceeded")
+            
+            # Increment request count
+            limit_data['count'] += 1
+            self.rate_limits[token_id] = limit_data
 
         # Update last used timestamp
         token_info['last_used'] = datetime.now(UTC).isoformat()

tests/test_rate_limit.py

@@ -4,11 +4,11 @@
 import shutil
 import tempfile
 import unittest
-from unittest.mock import patch, MagicMock
+from unittest.mock import patch
 from datetime import datetime, timedelta, timezone
 
 # Add server to path
-sys.path.insert(0, '/home/sshinn/src/chelon/server')
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), '../server'))
 
 from auth import TokenAuth
 

tests/test_signing_fix.py

@@ -7,7 +7,7 @@
 from unittest.mock import patch, MagicMock
 
 # Add server to path
-sys.path.insert(0, '/usr/share/chelon/server')
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), '../server'))
 
 from signing_engine import SigningEngine
 import gnupg

tools/chelon-admin

@@ -10,7 +10,12 @@ import json
 from pathlib import Path
 
 # Add server directory to path
-sys.path.insert(0, '/usr/share/chelon/server')
+# Try local path first (dev environment), then fallback to installed path
+local_path = os.path.join(os.path.dirname(__file__), '../server')
+if os.path.isdir(local_path):
+    sys.path.insert(0, local_path)
+else:
+    sys.path.insert(0, '/usr/share/chelon/server')
 
 from auth import TokenAuth
 from audit import AuditLogger