#204 — BUG: logs “Invalid or wrongly signed JWT token from clienthost=” contian inner IP, not caller IP

Repo: Twill-AI/facade State: closed | Status: done Assignee: Unassigned

Created: 2024-11-21 · Updated: 2025-09-15

Description

Caused by https://twill-network.slack.com/archives/C07TPN6FCBX/p1732127423637699

Steps to reproduce:

Try to sent API request with wrong JWT token to staging.

Expected behavior: Log contains your real IP address. Also it good to have email address parsed from JWT in logs.

Actual behavior: it contains clienthost=10.0.2.46 which is IP of load balancer/ingress.

One more issue: log has token printed on different line (note “\n”):

                "Invalid or wrongly signed JWT token from %s. Error: %s\n"
                + "Token: %s",

which complicates getting information in alert-generated query.

Investigation details: code uses get_requester_info which uses f"clienthost={request.client.host if request.client else ''}," while fast_api.py contains more precise get_client_ip_address.

Notes

Add implementation notes, blockers, and context here

Add wikilinks to related people, meetings, or other tickets

Twill Brain

Explorer

#204 BUG: logs "Invalid or wrongly signed JWT token from clienthost=" contian inner IP, not caller IP

#204 — BUG: logs “Invalid or wrongly signed JWT token from clienthost=” contian inner IP, not caller IP

Description

Notes

Graph View

Table of Contents

Twill Brain

Explorer

#204 BUG: logs "Invalid or wrongly signed JWT token from clienthost=" contian inner IP, not caller IP

#204 — BUG: logs “Invalid or wrongly signed JWT token from clienthost=” contian inner IP, not caller IP

Description

Notes

Related

Graph View

Table of Contents