From ce18fe4f0cee8d30df8eccc7dd492d162faf8721 Mon Sep 17 00:00:00 2001
From: Hugh Brown <hughdbrown@yahoo.com>
Date: Wed, 4 Mar 2026 01:09:16 -0700
Subject: [PATCH] fix: apply rate limiting to optional agent auth path

get_agent_auth_context_optional was not rate-limited, allowing
brute-force token guessing via routes that use require_user_or_agent.
Now applies agent_auth_limiter when a token is actually presented.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 backend/app/core/agent_auth.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/backend/app/core/agent_auth.py b/backend/app/core/agent_auth.py
index 5a3be5fd..84d0bf66 100644
--- a/backend/app/core/agent_auth.py
+++ b/backend/app/core/agent_auth.py
@@ -170,6 +170,11 @@ async def get_agent_auth_context_optional(
                 bool(authorization),
             )
         return None
+    # Rate-limit when a token is presented to prevent brute-force guessing
+    # via the optional auth path.
+    client_ip = request.client.host if request.client else "unknown"
+    if not agent_auth_limiter.is_allowed(client_ip):
+        raise HTTPException(status_code=status.HTTP_429_TOO_MANY_REQUESTS)
     agent = await _find_agent_for_token(session, resolved)
     if agent is None:
         if agent_token: