decouple: remove /api/auth/whoami handler (migrated to navi-admin)

PR-B of the 2-PR whoami migration. The route is now served by navi-admin :8427 via nginx (`^~ /api/auth/whoami` cutover verified live — edge responses carry navi-admin's X-Cache-Status: BYPASS), so recon's handler is edge-unreachable and safe to remove. - lib/api.py: delete the @app.route('/api/auth/whoami') api_auth_whoami handler + its dedicated section comment. It was the file tail (post-cleanup-#6), so api.py now ends on the metrics-history handler. Sequenced after PR-A (navi-backend, merged + deployed) and the nginx edge cutover, so the route never 404s. recon serves zero navi-facing auth-state endpoints now. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-10 08:54:34 +02:00 · 2026-05-23 13:34:06 -06:00 · 2026-05-23 13:34:06 -06:00 · 879df84b7a
commit 879df84b7a
parent aa6e972260
1 changed files with 0 additions and 18 deletions
--- a/lib/api.py
+++ b/lib/api.py
@ -2535,21 +2535,3 @@ def api_metrics_history():
        return jsonify({'type': metric_type, 'hours': hours, 'points': points})
    except Exception as e:
        return jsonify({'type': metric_type, 'hours': hours, 'points': [], 'error': str(e)})
-
-
-# ── Auth state endpoint ─────────────────────────────────────────────────────
-# Returns current auth state for frontend consumption.
-# This endpoint must be behind Caddy forward_auth to receive X-Authentik-* headers.
-@app.route('/api/auth/whoami')
-def api_auth_whoami():
-    """Return auth state for frontend. Behind forward_auth, so headers are present when authenticated."""
-    username = request.headers.get('X-Authentik-Username')
-    if username:
-        return jsonify({
-            'authenticated': True,
-            'username': username,
-        })
-    return jsonify({
-        'authenticated': False,
-        'username': None,
-    })