lukas.pupkalipinski/BanGUI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Stage 2 — authentication and setup flow

Browse Source 
Backend (tasks 2.1–2.6, 2.10):
- settings_repo: get/set/delete/get_all CRUD for the key-value settings table
- session_repo: create/get/delete/delete_expired for session rows
- setup_service: bcrypt password hashing, one-time-only enforcement,
  run_setup() / is_setup_complete() / get_password_hash()
- auth_service: login() with bcrypt verify + token creation,
  validate_session() with expiry check, logout()
- setup router: GET /api/setup (status), POST /api/setup (201 / 409)
- auth router: POST /api/auth/login (token + HttpOnly cookie),
               POST /api/auth/logout (clears cookie, idempotent)
- SetupRedirectMiddleware: 307 → /api/setup for all API paths until setup done
- require_auth dependency: cookie or Bearer token → Session or 401
- conftest.py: manually bootstraps app.state.db for router tests
  (ASGITransport does not trigger ASGI lifespan)
- 85 tests pass; ruff 0 errors; mypy --strict 0 errors

Frontend (tasks 2.7–2.9):
- types/auth.ts, types/setup.ts, api/auth.ts, api/setup.ts
- AuthProvider: sessionStorage-backed context (isAuthenticated, login, logout)
- RequireAuth: guard component → /login?next=<path> when unauthenticated
- SetupPage: Fluent UI form, client-side validation, inline errors
- LoginPage: single password input, ?next= redirect after success
- DashboardPage: placeholder (full impl Stage 5)
- App.tsx: full route tree (/setup, /login, /, *)
This commit is contained in:
Lukas
2026-02-28 21:33:30 +01:00
parent 7392c930d6
commit 750785680b
26 changed files with 2075 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
frontend/src/types/auth.ts Normal file
View File

@@ -0,0 +1,19 @@
/**
* Types for the authentication domain.
*/
/** Request payload for POST /api/auth/login. */
export interface LoginRequest {
password: string;
}
/** Successful login response from the API. */
export interface LoginResponse {
token: string;
expires_at: string;
}
/** Response body for POST /api/auth/logout. */
export interface LogoutResponse {
message: string;
}

22
frontend/src/types/setup.ts Normal file
View File

@@ -0,0 +1,22 @@
/**
* Types for the setup wizard domain.
*/
/** Request payload for POST /api/setup. */
export interface SetupRequest {
master_password: string;
database_path?: string;
fail2ban_socket?: string;
timezone?: string;
session_duration_minutes?: number;
}
/** Response from a successful POST /api/setup. */
export interface SetupResponse {
message: string;
}
/** Response from GET /api/setup — indicates setup completion status. */
export interface SetupStatusResponse {
completed: boolean;
}