lazyflat: combined alert + apply behind authenticated web UI

Three isolated services (alert scraper, apply HTTP worker, web UI+DB) with argon2 auth, signed cookies, CSRF, rate-limited login, kill switch, apply circuit breaker, audit log, and strict CSP. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-21 09:51:35 +02:00 · 2026-04-21 09:51:35 +02:00 · 69f2f1f635
commit 69f2f1f635
46 changed files with 4183 additions and 0 deletions
--- a/web/apply_client.py
+++ b/web/apply_client.py
@ -0,0 +1,34 @@
+import logging
+import requests
+
+from settings import APPLY_URL, APPLY_TIMEOUT, INTERNAL_API_KEY
+
+logger = logging.getLogger("web")
+
+
+class ApplyClient:
+    def __init__(self):
+        self.base = APPLY_URL.rstrip("/")
+        self.timeout = APPLY_TIMEOUT
+        self.headers = {"X-Internal-Api-Key": INTERNAL_API_KEY}
+
+    def health(self) -> bool:
+        try:
+            r = requests.get(f"{self.base}/health", timeout=5)
+            return r.ok
+        except requests.RequestException:
+            return False
+
+    def apply(self, url: str) -> dict:
+        try:
+            r = requests.post(
+                f"{self.base}/apply",
+                json={"url": url},
+                headers=self.headers,
+                timeout=self.timeout,
+            )
+            if r.status_code >= 400:
+                return {"success": False, "message": f"apply HTTP {r.status_code}: {r.text[:300]}"}
+            return r.json()
+        except requests.RequestException as e:
+            return {"success": False, "message": f"apply unreachable: {e}"}