Refactor backend auth, setup, router, and runtime state handling

2026-04-10 21:00:36 +02:00
parent 3371ff8324
commit f61d497e4e
4 changed files with 33 additions and 24 deletions
--- a/backend/app/services/auth_service.py
+++ b/backend/app/services/auth_service.py
@@ -22,7 +22,7 @@ if TYPE_CHECKING:
    from app.models.auth import Session
    from app.repositories.protocols import SessionRepository

-from app.repositories import session_repo
+from app.repositories import session_repo as default_session_repo
 from app.utils.constants import SESSION_TOKEN_BYTES, SESSION_TOKEN_SIGNATURE_SEPARATOR
 from app.utils.setup_utils import get_password_hash
 from app.utils.time_utils import add_minutes, utc_now
@@ -81,7 +81,7 @@ async def login(
    db: aiosqlite.Connection,
    password: str,
    session_duration_minutes: int,
-    session_repository: SessionRepository = session_repo,
+    session_repo: SessionRepository = default_session_repo,
 ) -> Session:
    """Verify *password* and create a new session on success.

@@ -110,7 +110,7 @@ async def login(
    created_iso = now.isoformat()
    expires_iso = add_minutes(now, session_duration_minutes).isoformat()

-    session = await session_repository.create_session(
+    session = await session_repo.create_session(
        db, token=token, created_at=created_iso, expires_at=expires_iso
    )
    log.info("bangui_login_success", token_prefix=token[:8])
@@ -121,7 +121,7 @@ async def validate_session(
    db: aiosqlite.Connection,
    token: str,
    session_secret: str | None = None,
-    session_repository: SessionRepository = session_repo,
+    session_repo: SessionRepository = default_session_repo,
 ) -> Session:
    """Return the session for *token* if it is valid and not expired.

@@ -142,13 +142,13 @@ async def validate_session(
        except ValueError as exc:
            raise ValueError("Session token is invalid.") from exc

-    session = await session_repository.get_session(db, token)
+    session = await session_repo.get_session(db, token)
    if session is None:
        raise ValueError("Session not found.")

    now_iso = utc_now().isoformat()
    if session.expires_at <= now_iso:
-        await session_repository.delete_session(db, token)
+        await session_repo.delete_session(db, token)
        raise ValueError("Session has expired.")

    return session
@@ -158,7 +158,7 @@ async def logout(
    db: aiosqlite.Connection,
    token: str,
    session_secret: str | None = None,
-    session_repository: SessionRepository = session_repo,
+    session_repo: SessionRepository = default_session_repo,
 ) -> str | None:
    """Invalidate the session identified by *token*.

@@ -177,6 +177,6 @@ async def logout(
            log.warning("bangui_logout_invalid_token", token_prefix=token[:8])
            return None

-    await session_repository.delete_session(db, token)
+    await session_repo.delete_session(db, token)
    log.info("bangui_logout", token_prefix=token[:8])
    return token