BanGUI

lukas.pupkalipinski/BanGUI

Fork 0

Commit Graph

Author	SHA1	Message	Date
Lukas	250bb1a2e5	refactor: improve backend type safety and import organization - Add TYPE_CHECKING guards for runtime-expensive imports (aiohttp, aiosqlite) - Reorganize imports to follow PEP 8 conventions - Convert TypeAlias to modern PEP 695 type syntax (where appropriate) - Use Sequence/Mapping from collections.abc for type hints (covariant) - Replace string literals with cast() for improved type inference - Fix casting of Fail2BanResponse and TypedDict patterns - Add IpLookupResult TypedDict for precise return type annotation - Reformat overlong lines for readability (120 char limit) - Add asyncio_mode and filterwarnings to pytest config - Update test fixtures with improved type hints This improves mypy type checking and makes type relationships explicit.	2026-03-20 13:44:14 +01:00
Lukas	c097e55222	fix: setup routing, async bcrypt, password hashing, clean command - Add SetupGuard component: redirects to /setup if setup not complete, shown as spinner while loading. All routes except /setup now wrapped. - SetupPage redirects to /login on mount when setup already done. - Fix async blocking: offload bcrypt.hashpw and bcrypt.checkpw to run_in_executor so they never stall the asyncio event loop. - Hash password with SHA-256 (SubtleCrypto) before transmission; added src/utils/crypto.ts with sha256Hex(). Backend stores bcrypt(sha256). - Add Makefile with make up/down/restart/logs/clean targets. - Add tests: _check_password async, concurrent bcrypt, expired session, login-without-setup, run_setup event-loop interleaving. - Update Architekture.md and Features.md to reflect all changes.	2026-03-01 19:16:49 +01:00
Lukas	750785680b	feat: Stage 2 — authentication and setup flow Backend (tasks 2.1–2.6, 2.10): - settings_repo: get/set/delete/get_all CRUD for the key-value settings table - session_repo: create/get/delete/delete_expired for session rows - setup_service: bcrypt password hashing, one-time-only enforcement, run_setup() / is_setup_complete() / get_password_hash() - auth_service: login() with bcrypt verify + token creation, validate_session() with expiry check, logout() - setup router: GET /api/setup (status), POST /api/setup (201 / 409) - auth router: POST /api/auth/login (token + HttpOnly cookie), POST /api/auth/logout (clears cookie, idempotent) - SetupRedirectMiddleware: 307 → /api/setup for all API paths until setup done - require_auth dependency: cookie or Bearer token → Session or 401 - conftest.py: manually bootstraps app.state.db for router tests (ASGITransport does not trigger ASGI lifespan) - 85 tests pass; ruff 0 errors; mypy --strict 0 errors Frontend (tasks 2.7–2.9): - types/auth.ts, types/setup.ts, api/auth.ts, api/setup.ts - AuthProvider: sessionStorage-backed context (isAuthenticated, login, logout) - RequireAuth: guard component → /login?next=<path> when unauthenticated - SetupPage: Fluent UI form, client-side validation, inline errors - LoginPage: single password input, ?next= redirect after success - DashboardPage: placeholder (full impl Stage 5) - App.tsx: full route tree (/setup, /login, /, *)	2026-02-28 21:33:30 +01:00

Author

SHA1

Message

Date

Lukas

250bb1a2e5

refactor: improve backend type safety and import organization

- Add TYPE_CHECKING guards for runtime-expensive imports (aiohttp, aiosqlite)
- Reorganize imports to follow PEP 8 conventions
- Convert TypeAlias to modern PEP 695 type syntax (where appropriate)
- Use Sequence/Mapping from collections.abc for type hints (covariant)
- Replace string literals with cast() for improved type inference
- Fix casting of Fail2BanResponse and TypedDict patterns
- Add IpLookupResult TypedDict for precise return type annotation
- Reformat overlong lines for readability (120 char limit)
- Add asyncio_mode and filterwarnings to pytest config
- Update test fixtures with improved type hints

This improves mypy type checking and makes type relationships explicit.

2026-03-20 13:44:14 +01:00

Lukas

c097e55222

fix: setup routing, async bcrypt, password hashing, clean command

- Add SetupGuard component: redirects to /setup if setup not complete,
  shown as spinner while loading. All routes except /setup now wrapped.
- SetupPage redirects to /login on mount when setup already done.
- Fix async blocking: offload bcrypt.hashpw and bcrypt.checkpw to
  run_in_executor so they never stall the asyncio event loop.
- Hash password with SHA-256 (SubtleCrypto) before transmission; added
  src/utils/crypto.ts with sha256Hex(). Backend stores bcrypt(sha256).
- Add Makefile with make up/down/restart/logs/clean targets.
- Add tests: _check_password async, concurrent bcrypt, expired session,
  login-without-setup, run_setup event-loop interleaving.
- Update Architekture.md and Features.md to reflect all changes.

2026-03-01 19:16:49 +01:00

Lukas

750785680b

feat: Stage 2 — authentication and setup flow

Backend (tasks 2.1–2.6, 2.10):
- settings_repo: get/set/delete/get_all CRUD for the key-value settings table
- session_repo: create/get/delete/delete_expired for session rows
- setup_service: bcrypt password hashing, one-time-only enforcement,
  run_setup() / is_setup_complete() / get_password_hash()
- auth_service: login() with bcrypt verify + token creation,
  validate_session() with expiry check, logout()
- setup router: GET /api/setup (status), POST /api/setup (201 / 409)
- auth router: POST /api/auth/login (token + HttpOnly cookie),
               POST /api/auth/logout (clears cookie, idempotent)
- SetupRedirectMiddleware: 307 → /api/setup for all API paths until setup done
- require_auth dependency: cookie or Bearer token → Session or 401
- conftest.py: manually bootstraps app.state.db for router tests
  (ASGITransport does not trigger ASGI lifespan)
- 85 tests pass; ruff 0 errors; mypy --strict 0 errors

Frontend (tasks 2.7–2.9):
- types/auth.ts, types/setup.ts, api/auth.ts, api/setup.ts
- AuthProvider: sessionStorage-backed context (isAuthenticated, login, logout)
- RequireAuth: guard component → /login?next=<path> when unauthenticated
- SetupPage: Fluent UI form, client-side validation, inline errors
- LoginPage: single password input, ?next= redirect after success
- DashboardPage: placeholder (full impl Stage 5)
- App.tsx: full route tree (/setup, /login, /, *)

2026-02-28 21:33:30 +01:00

3 Commits