revert: restore truncated token_prefix in agent auth log messages

A 6-character prefix of the token is standard practice for debugging failed auth attempts and is not a security risk. Restored in both required and optional auth paths, and removed the now-incorrect test that asserted its absence. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-03 22:14:06 -07:00
parent b2fb8a082d
commit 54279bf413
2 changed files with 4 additions and 20 deletions
--- a/backend/tests/test_security_fixes.py
+++ b/backend/tests/test_security_fixes.py
@@ -530,21 +530,3 @@ class TestGatewayTokenRedaction:
        )
        assert read.has_token is False

-
-# ---------------------------------------------------------------------------
-# Task 17: Token prefix no longer logged
-# ---------------------------------------------------------------------------
-
-
-class TestAgentAuthNoTokenPrefix:
-    """Tests that agent auth no longer exposes token prefixes."""
-
-    def test_agent_auth_does_not_expose_token_prefix_symbol(self) -> None:
-        """Verify the agent_auth module has no token_prefix-related symbols."""
-        from app.core import agent_auth
-
-        # Assert that no attribute name on the module contains "token_prefix".
-        # This avoids brittle source inspection while still guarding against
-        # reintroducing token_prefix-based behavior.
-        for name in dir(agent_auth):
-            assert "token_prefix" not in name.lower()