BanGUI

lukas.pupkalipinski/BanGUI

Fork 0

Commit Graph

Author	SHA1	Message	Date
Lukas	d931e8c6a3	Reduce per-request DB overhead (Task 4) - Cache setup_completed flag in app.state._setup_complete_cached after first successful is_setup_complete() call; all subsequent API requests skip the DB query entirely (one-way transition, cleared on restart). - Add in-memory session token TTL cache (10 s) in require_auth; the second request with the same token within the window skips session_repo.get_session. - Call invalidate_session_cache() on logout so revoked tokens are evicted immediately rather than waiting for TTL expiry. - Add clear_session_cache() for test isolation. - 5 new tests covering the cached fast-path for both optimisations. - 460 tests pass, 83% coverage, zero ruff/mypy warnings.	2026-03-10 19:16:00 +01:00
Lukas	1cdc97a729	Stage 11: polish, cross-cutting concerns & hardening - 11.1 MainLayout health indicator: warning MessageBar when fail2ban offline - 11.2 formatDate utility + TimezoneProvider + GET /api/setup/timezone - 11.3 Responsive sidebar: auto-collapse <640px, media query listener - 11.4 PageFeedback (PageLoading/PageError/PageEmpty), BanTable updated - 11.5 prefers-reduced-motion: disable sidebar transition - 11.6 WorldMap ARIA: role/tabIndex/aria-label/onKeyDown for countries - 11.7 Health transition logging (fail2ban_came_online/went_offline) - 11.8 Global handlers: Fail2BanConnectionError/ProtocolError -> 502 - 11.9 379 tests pass, 82% coverage, ruff+mypy+tsc+eslint clean - Timezone endpoint: setup_service.get_timezone, 5 new tests	2026-03-01 15:59:06 +01:00
Lukas	750785680b	feat: Stage 2 — authentication and setup flow Backend (tasks 2.1–2.6, 2.10): - settings_repo: get/set/delete/get_all CRUD for the key-value settings table - session_repo: create/get/delete/delete_expired for session rows - setup_service: bcrypt password hashing, one-time-only enforcement, run_setup() / is_setup_complete() / get_password_hash() - auth_service: login() with bcrypt verify + token creation, validate_session() with expiry check, logout() - setup router: GET /api/setup (status), POST /api/setup (201 / 409) - auth router: POST /api/auth/login (token + HttpOnly cookie), POST /api/auth/logout (clears cookie, idempotent) - SetupRedirectMiddleware: 307 → /api/setup for all API paths until setup done - require_auth dependency: cookie or Bearer token → Session or 401 - conftest.py: manually bootstraps app.state.db for router tests (ASGITransport does not trigger ASGI lifespan) - 85 tests pass; ruff 0 errors; mypy --strict 0 errors Frontend (tasks 2.7–2.9): - types/auth.ts, types/setup.ts, api/auth.ts, api/setup.ts - AuthProvider: sessionStorage-backed context (isAuthenticated, login, logout) - RequireAuth: guard component → /login?next=<path> when unauthenticated - SetupPage: Fluent UI form, client-side validation, inline errors - LoginPage: single password input, ?next= redirect after success - DashboardPage: placeholder (full impl Stage 5) - App.tsx: full route tree (/setup, /login, /, *)	2026-02-28 21:33:30 +01:00

Author

SHA1

Message

Date

Lukas

d931e8c6a3

Reduce per-request DB overhead (Task 4)

- Cache setup_completed flag in app.state._setup_complete_cached after
  first successful is_setup_complete() call; all subsequent API requests
  skip the DB query entirely (one-way transition, cleared on restart).
- Add in-memory session token TTL cache (10 s) in require_auth; the second
  request with the same token within the window skips session_repo.get_session.
- Call invalidate_session_cache() on logout so revoked tokens are evicted
  immediately rather than waiting for TTL expiry.
- Add clear_session_cache() for test isolation.
- 5 new tests covering the cached fast-path for both optimisations.
- 460 tests pass, 83% coverage, zero ruff/mypy warnings.

2026-03-10 19:16:00 +01:00

Lukas

1cdc97a729

Stage 11: polish, cross-cutting concerns & hardening

- 11.1 MainLayout health indicator: warning MessageBar when fail2ban offline
- 11.2 formatDate utility + TimezoneProvider + GET /api/setup/timezone
- 11.3 Responsive sidebar: auto-collapse <640px, media query listener
- 11.4 PageFeedback (PageLoading/PageError/PageEmpty), BanTable updated
- 11.5 prefers-reduced-motion: disable sidebar transition
- 11.6 WorldMap ARIA: role/tabIndex/aria-label/onKeyDown for countries
- 11.7 Health transition logging (fail2ban_came_online/went_offline)
- 11.8 Global handlers: Fail2BanConnectionError/ProtocolError -> 502
- 11.9 379 tests pass, 82% coverage, ruff+mypy+tsc+eslint clean
- Timezone endpoint: setup_service.get_timezone, 5 new tests

2026-03-01 15:59:06 +01:00

Lukas

750785680b

feat: Stage 2 — authentication and setup flow

Backend (tasks 2.1–2.6, 2.10):
- settings_repo: get/set/delete/get_all CRUD for the key-value settings table
- session_repo: create/get/delete/delete_expired for session rows
- setup_service: bcrypt password hashing, one-time-only enforcement,
  run_setup() / is_setup_complete() / get_password_hash()
- auth_service: login() with bcrypt verify + token creation,
  validate_session() with expiry check, logout()
- setup router: GET /api/setup (status), POST /api/setup (201 / 409)
- auth router: POST /api/auth/login (token + HttpOnly cookie),
               POST /api/auth/logout (clears cookie, idempotent)
- SetupRedirectMiddleware: 307 → /api/setup for all API paths until setup done
- require_auth dependency: cookie or Bearer token → Session or 401
- conftest.py: manually bootstraps app.state.db for router tests
  (ASGITransport does not trigger ASGI lifespan)
- 85 tests pass; ruff 0 errors; mypy --strict 0 errors

Frontend (tasks 2.7–2.9):
- types/auth.ts, types/setup.ts, api/auth.ts, api/setup.ts
- AuthProvider: sessionStorage-backed context (isAuthenticated, login, logout)
- RequireAuth: guard component → /login?next=<path> when unauthenticated
- SetupPage: Fluent UI form, client-side validation, inline errors
- LoginPage: single password input, ?next= redirect after success
- DashboardPage: placeholder (full impl Stage 5)
- App.tsx: full route tree (/setup, /login, /, *)

2026-02-28 21:33:30 +01:00

3 Commits