lukas.pupkalipinski/BanGUI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactoring-backend #4

Merged
lukas.pupkalipinski merged 14 commits from refactoring-backend into main 2026-05-24 22:05:35 +02:00
Conversation 0 Commits 14 Files Changed 27 +10413 -45
12 changed files with 10413 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 12fe70d768 - Show all commits

2
Docker/Dockerfile.frontend
View File

@@ -18,7 +18,7 @@ WORKDIR /build
COPY frontend/package.json frontend/package-lock.json* /build/ COPY frontend/package.json frontend/package-lock.json* /build/
RUN npm ci --ignore-scripts RUN npm ci --ignore-scripts
# Copy source and build # Copy source + local OpenAPI spec (avoids needing a running backend during build)
COPY frontend/ /build/ COPY frontend/ /build/
RUN npm run build RUN npm run build

2
Docker/VERSION
View File

@@ -1 +1 @@
v0.9.19 v0.9.19-rc.1

60
Docker/release.sh
View File

@@ -6,7 +6,7 @@
# ./release.sh # ./release.sh
# #
# The current version is stored in VERSION (next to this script). # The current version is stored in VERSION (next to this script).
# You will be asked whether to bump major, minor, or patch. # You will be asked whether to bump major, minor, patch, or release candidate (rc).
set -euo pipefail set -euo pipefail
@@ -24,24 +24,60 @@ CURRENT="$(cat "${VERSION_FILE}")"
# Strip leading 'v' for arithmetic # Strip leading 'v' for arithmetic
VERSION="${CURRENT#v}" VERSION="${CURRENT#v}"
IFS='.' read -r MAJOR MINOR PATCH <<< "${VERSION}" # Parse version: X.Y.Z or X.Y.Z-rc.N
if [[ "${VERSION}" =~ ^([0-9]+)\.([0-9]+)\.([0-9]+)(-rc\.([0-9]+))?$ ]]; then
MAJOR="${BASH_REMATCH[1]}"
MINOR="${BASH_REMATCH[2]}"
PATCH="${BASH_REMATCH[3]}"
RC_SUFFIX="${BASH_REMATCH[4]:-}"
RC_NUM="${BASH_REMATCH[5]:-0}"
else
echo "Error: version '${VERSION}' does not match expected format X.Y.Z or X.Y.Z-rc.N" >&2
exit 1
fi
echo "============================================" echo "============================================"
echo " BanGUI — Release" echo " BanGUI — Release"
echo " Current version: v${MAJOR}.${MINOR}.${PATCH}" if [[ -n "${RC_SUFFIX}" ]]; then
echo " Current version: v${MAJOR}.${MINOR}.${PATCH}-rc.${RC_NUM}"
else
echo " Current version: v${MAJOR}.${MINOR}.${PATCH}"
fi
echo "============================================" echo "============================================"
echo "" echo ""
echo "How would you like to bump the version?" echo "How would you like to bump the version?"
echo " 1) patch (v${MAJOR}.${MINOR}.${PATCH} → v${MAJOR}.${MINOR}.$((PATCH + 1)))" if [[ -n "${RC_SUFFIX}" ]]; then
echo " 2) minor (v${MAJOR}.${MINOR}.${PATCH} → v${MAJOR}.$((MINOR + 1)).0)" echo " 1) patch (v${MAJOR}.${MINOR}.${PATCH}-rc.${RC_NUM} → v${MAJOR}.${MINOR}.${PATCH})"
echo " 3) major (v${MAJOR}.${MINOR}.${PATCH} → v$((MAJOR + 1)).0.0)" echo " 2) minor (v${MAJOR}.${MINOR}.${PATCH}-rc.${RC_NUM} → v${MAJOR}.$((MINOR + 1)).0)"
echo " 3) major (v${MAJOR}.${MINOR}.${PATCH}-rc.${RC_NUM} → v$((MAJOR + 1)).0.0)"
echo " 4) rc (v${MAJOR}.${MINOR}.${PATCH}-rc.${RC_NUM} → v${MAJOR}.${MINOR}.${PATCH}-rc.$((RC_NUM + 1)))"
else
echo " 1) patch (v${MAJOR}.${MINOR}.${PATCH} → v${MAJOR}.${MINOR}.$((PATCH + 1)))"
echo " 2) minor (v${MAJOR}.${MINOR}.${PATCH} → v${MAJOR}.$((MINOR + 1)).0)"
echo " 3) major (v${MAJOR}.${MINOR}.${PATCH} → v$((MAJOR + 1)).0.0)"
echo " 4) rc (v${MAJOR}.${MINOR}.${PATCH} → v${MAJOR}.${MINOR}.${PATCH}-rc.1)"
fi
echo "" echo ""
read -rp "Enter choice [1/2/3]: " CHOICE read -rp "Enter choice [1/2/3/4]: " CHOICE
case "${CHOICE}" in case "${CHOICE}" in
1) NEW_TAG="v${MAJOR}.${MINOR}.$((PATCH + 1))" ;; 1)
if [[ -n "${RC_SUFFIX}" ]]; then
# Release the RC: strip RC suffix
NEW_TAG="v${MAJOR}.${MINOR}.${PATCH}"
else
NEW_TAG="v${MAJOR}.${MINOR}.$((PATCH + 1))"
fi
;;
2) NEW_TAG="v${MAJOR}.$((MINOR + 1)).0" ;; 2) NEW_TAG="v${MAJOR}.$((MINOR + 1)).0" ;;
3) NEW_TAG="v$((MAJOR + 1)).0.0" ;; 3) NEW_TAG="v$((MAJOR + 1)).0.0" ;;
4)
if [[ "${RC_NUM}" -gt 0 ]]; then
NEW_TAG="v${MAJOR}.${MINOR}.${PATCH}-rc.$((RC_NUM + 1))"
else
NEW_TAG="v${MAJOR}.${MINOR}.${PATCH}-rc.1"
fi
;;
*) *)
echo "Invalid choice. Aborting." >&2 echo "Invalid choice. Aborting." >&2
exit 1 exit 1
@@ -81,7 +117,13 @@ fi
# Push containers # Push containers
# --------------------------------------------------------------------------- # ---------------------------------------------------------------------------
bash "${SCRIPT_DIR}/push.sh" "${NEW_TAG}" bash "${SCRIPT_DIR}/push.sh" "${NEW_TAG}"
bash "${SCRIPT_DIR}/push.sh"
# Push to "latest" or "latestRC" depending on whether this is a release candidate
if [[ "${NEW_TAG}" == *-rc* ]]; then
bash "${SCRIPT_DIR}/push.sh" "latestRC"
else
bash "${SCRIPT_DIR}/push.sh" "latest"
fi
# --------------------------------------------------------------------------- # ---------------------------------------------------------------------------

2
backend/pyproject.toml
View File

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
[project] [project]
name = "bangui-backend" name = "bangui-backend"
version = "0.9.19" version = "0.9.19-rc.1"
description = "BanGUI backend — fail2ban web management interface" description = "BanGUI backend — fail2ban web management interface"
requires-python = ">=3.12" requires-python = ">=3.12"
dependencies = [ dependencies = [

10343
frontend/openapi.json Normal file
View File

File diff suppressed because it is too large Load Diff

4
frontend/package.json
View File

@@ -1,12 +1,12 @@
{ {
"name": "bangui-frontend", "name": "bangui-frontend",
"private": true, "private": true,
"version": "0.9.19", "version": "0.9.19-rc.1",
"description": "BanGUI frontend — fail2ban web management interface", "description": "BanGUI frontend — fail2ban web management interface",
"type": "module", "type": "module",
"scripts": { "scripts": {
"dev": "vite", "dev": "vite",
"generate:types": "openapi-typescript http://localhost:8000/api/openapi.json -o src/types/generated.ts", "generate:types": "openapi-typescript ./openapi.json -o src/types/generated.ts",
"validate:types": "bash scripts/validate-types.sh", "validate:types": "bash scripts/validate-types.sh",
"build": "npm run generate:types && tsc --noEmit && vite build", "build": "npm run generate:types && tsc --noEmit && vite build",
"preview": "vite preview", "preview": "vite preview",

18
frontend/scripts/validate-types.sh
View File

@@ -17,17 +17,23 @@ GENERATED_FILE="${TYPES_DIR}/generated.ts"
TEMP_FILE=$(mktemp) TEMP_FILE=$(mktemp)
trap "rm -f $TEMP_FILE" EXIT trap "rm -f $TEMP_FILE" EXIT
# Check if backend is accessible # Determine OpenAPI source: local file or backend URL
BACKEND_URL="${BANGUI_BACKEND_URL:-http://localhost:8000}" BACKEND_URL="${BANGUI_BACKEND_URL:-http://localhost:8000}"
if ! curl -sf "${BACKEND_URL}/api/openapi.json" > /dev/null 2>&1; then OPENAPI_SOURCE=""
echo "❌ Backend not accessible at ${BACKEND_URL}/api/openapi.json" >&2
if [[ -f "${FRONTEND_DIR}/openapi.json" ]]; then
OPENAPI_SOURCE="${FRONTEND_DIR}/openapi.json"
echo "📋 Validating OpenAPI schema types (local openapi.json)..."
elif curl -sf "${BACKEND_URL}/api/openapi.json" > /dev/null 2>&1; then
OPENAPI_SOURCE="${BACKEND_URL}/api/openapi.json"
echo "📋 Validating OpenAPI schema types (backend ${BACKEND_URL})..."
else
echo "❌ Backend not accessible at ${BACKEND_URL}/api/openapi.json and no local openapi.json found" >&2
exit 2 exit 2
fi fi
echo "📋 Validating OpenAPI schema types..."
# Generate types to a temporary file # Generate types to a temporary file
if ! npx openapi-typescript "${BACKEND_URL}/api/openapi.json" -o "$TEMP_FILE" 2>&1; then if ! npx openapi-typescript "${OPENAPI_SOURCE}" -o "$TEMP_FILE" 2>&1; then
echo "❌ Failed to generate types from OpenAPI schema" >&2 echo "❌ Failed to generate types from OpenAPI schema" >&2
exit 3 exit 3
fi fi

1
frontend/src/components/__tests__/ErrorBoundary.test.tsx
View File

@@ -1,7 +1,6 @@
import { describe, it, expect, vi } from "vitest"; import { describe, it, expect, vi } from "vitest";
import { render, screen } from "@testing-library/react"; import { render, screen } from "@testing-library/react";
import { ErrorBoundary } from "../ErrorBoundary"; import { ErrorBoundary } from "../ErrorBoundary";
import * as telemetry from "../../utils/telemetry";
// Mock telemetry to verify it's called // Mock telemetry to verify it's called
vi.mock("../../utils/telemetry"); vi.mock("../../utils/telemetry");

5
frontend/src/hooks/__tests__/useFetchData.test.ts
View File

@@ -468,13 +468,10 @@ describe("useFetchData", () => {
}); });
it("last subscriber abort cancels underlying request", async () => { it("last subscriber abort cancels underlying request", async () => {
let resolveFirst: ((value: { value: string }) => void) | null = null;
const abortSignals: AbortSignal[] = []; const abortSignals: AbortSignal[] = [];
const fetcher = vi.fn().mockImplementation((signal: AbortSignal) => { const fetcher = vi.fn().mockImplementation((signal: AbortSignal) => {
abortSignals.push(signal); abortSignals.push(signal);
return new Promise((resolve) => { return new Promise(() => {});
resolveFirst = resolve;
});
}); });
const selector = vi.fn((response: { value: string }) => response.value); const selector = vi.fn((response: { value: string }) => response.value);

2
frontend/src/hooks/__tests__/useJailBannedIps.test.ts
View File

@@ -10,7 +10,7 @@ describe("useJailBannedIps", () => {
const fetchMock = vi.mocked(api.fetchJailBannedIps); const fetchMock = vi.mocked(api.fetchJailBannedIps);
const unbanMock = vi.mocked(api.unbanIp); const unbanMock = vi.mocked(api.unbanIp);
fetchMock.mockResolvedValue({ items: [{ ip: "1.2.3.4", jail: "sshd", banned_at: "2025-01-01T10:00:00+00:00", expires_at: "2025-01-01T10:10:00+00:00", ban_count: 1, country: "US" }], total: 1, page: 1, page_size: 25 }); fetchMock.mockResolvedValue({ items: [{ ip: "1.2.3.4", jail: "sshd", banned_at: "2025-01-01T10:00:00+00:00", expires_at: "2025-01-01T10:10:00+00:00", ban_count: 1, country: "US" }], total: 1, page: 1, page_size: 25, total_pages: 1, pagination_mode: "offset" });
unbanMock.mockResolvedValue({ message: "ok", jail: "sshd", success: true }); unbanMock.mockResolvedValue({ message: "ok", jail: "sshd", success: true });
const { result } = renderHook(() => useJailBannedIps("sshd")); const { result } = renderHook(() => useJailBannedIps("sshd"));

5
frontend/src/hooks/__tests__/usePolledData.test.ts
View File

@@ -34,8 +34,6 @@ describe("usePolledData", () => {
vi.runAllTimersAsync(); vi.runAllTimersAsync();
}); });
const callCountAfterInitial = fetcher.mock.calls.length;
// Reset timer and advance to ensure no more polls // Reset timer and advance to ensure no more polls
vi.clearAllTimers(); vi.clearAllTimers();
fetcher.mockClear(); fetcher.mockClear();
@@ -66,8 +64,6 @@ describe("usePolledData", () => {
vi.advanceTimersByTime(100); vi.advanceTimersByTime(100);
}); });
const initialCalls = fetcher.mock.calls.length;
// Clear for clean test // Clear for clean test
fetcher.mockClear(); fetcher.mockClear();
@@ -135,7 +131,6 @@ describe("usePolledData", () => {
vi.advanceTimersByTime(100); vi.advanceTimersByTime(100);
}); });
const initialCalls = fetcher.mock.calls.length;
fetcher.mockClear(); fetcher.mockClear();
// Call refresh // Call refresh

14
frontend/src/types/generated.ts
View File

@@ -177,11 +177,6 @@ export interface paths {
* On success the token is also set as an ``HttpOnly`` ``SameSite=Lax`` * On success the token is also set as an ``HttpOnly`` ``SameSite=Lax``
* cookie so the browser SPA benefits from automatic credential handling. * cookie so the browser SPA benefits from automatic credential handling.
* *
* Rate limiting: Exponential backoff on failed attempts. Each wrong password
* incurs an increasing delay (0.5s, 1s, 2s, 4s, 5s max per IP address).
* Requests during the penalty period return ``429 Too Many Requests`` with
* a ``Retry-After`` header.
*
* Cache invalidation: On successful login, any existing cached sessions for * Cache invalidation: On successful login, any existing cached sessions for
* the same user are invalidated so that stale tokens (e.g., from a stolen * the same user are invalidated so that stale tokens (e.g., from a stolen
* device) cannot be reused beyond the cache TTL window. * device) cannot be reused beyond the cache TTL window.
@@ -192,7 +187,6 @@ export interface paths {
* request: The incoming HTTP request (used to extract client IP). * request: The incoming HTTP request (used to extract client IP).
* session_ctx: Session service context containing db and repository. * session_ctx: Session service context containing db and repository.
* settings: Application settings (used for session duration and trusted proxies). * settings: Application settings (used for session duration and trusted proxies).
* rate_limiter: The login rate limiter (per IP).
* session_cache: Session cache for invalidating old sessions on login. * session_cache: Session cache for invalidating old sessions on login.
* *
* Returns: * Returns:
@@ -200,7 +194,6 @@ export interface paths {
* *
* Raises: * Raises:
* AuthenticationError: if the password is incorrect. * AuthenticationError: if the password is incorrect.
* RateLimitError: if the rate limit is exceeded.
*/ */
post: operations["login_api_v1_auth_login_post"]; post: operations["login_api_v1_auth_login_post"];
delete?: never; delete?: never;
@@ -6274,13 +6267,6 @@ export interface operations {
}; };
content?: never; content?: never;
}; };
/** @description Too many login attempts, retry after delay */
429: {
headers: {
[name: string]: unknown;
};
content?: never;
};
/** @description Setup not complete */ /** @description Setup not complete */
503: { 503: {
headers: { headers: {