Lukas
750785680b
Backend (tasks 2.1–2.6, 2.10):
- settings_repo: get/set/delete/get_all CRUD for the key-value settings table
- session_repo: create/get/delete/delete_expired for session rows
- setup_service: bcrypt password hashing, one-time-only enforcement,
run_setup() / is_setup_complete() / get_password_hash()
- auth_service: login() with bcrypt verify + token creation,
validate_session() with expiry check, logout()
- setup router: GET /api/setup (status), POST /api/setup (201 / 409)
- auth router: POST /api/auth/login (token + HttpOnly cookie),
POST /api/auth/logout (clears cookie, idempotent)
- SetupRedirectMiddleware: 307 → /api/setup for all API paths until setup done
- require_auth dependency: cookie or Bearer token → Session or 401
- conftest.py: manually bootstraps app.state.db for router tests
(ASGITransport does not trigger ASGI lifespan)
- 85 tests pass; ruff 0 errors; mypy --strict 0 errors
Frontend (tasks 2.7–2.9):
- types/auth.ts, types/setup.ts, api/auth.ts, api/setup.ts
- AuthProvider: sessionStorage-backed context (isAuthenticated, login, logout)
- RequireAuth: guard component → /login?next=<path> when unauthenticated
- SetupPage: Fluent UI form, client-side validation, inline errors
- LoginPage: single password input, ?next= redirect after success
- DashboardPage: placeholder (full impl Stage 5)
- App.tsx: full route tree (/setup, /login, /, *)
72 lines
2.1 KiB
Python
72 lines
2.1 KiB
Python
"""Setup router.
|
|
|
|
Exposes the ``POST /api/setup`` endpoint for the one-time first-run
|
|
configuration wizard. Once setup has been completed, subsequent calls
|
|
return ``409 Conflict``.
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
import structlog
|
|
from fastapi import APIRouter, HTTPException, status
|
|
|
|
from app.dependencies import DbDep
|
|
from app.models.setup import SetupRequest, SetupResponse, SetupStatusResponse
|
|
from app.services import setup_service
|
|
|
|
log: structlog.stdlib.BoundLogger = structlog.get_logger()
|
|
|
|
router = APIRouter(prefix="/api/setup", tags=["setup"])
|
|
|
|
|
|
@router.get(
|
|
"",
|
|
response_model=SetupStatusResponse,
|
|
summary="Check whether setup has been completed",
|
|
)
|
|
async def get_setup_status(db: DbDep) -> SetupStatusResponse:
|
|
"""Return whether the initial setup wizard has been completed.
|
|
|
|
Returns:
|
|
:class:`~app.models.setup.SetupStatusResponse` with ``completed``
|
|
set to ``True`` if setup is done, ``False`` otherwise.
|
|
"""
|
|
done = await setup_service.is_setup_complete(db)
|
|
return SetupStatusResponse(completed=done)
|
|
|
|
|
|
@router.post(
|
|
"",
|
|
response_model=SetupResponse,
|
|
status_code=status.HTTP_201_CREATED,
|
|
summary="Run the initial setup wizard",
|
|
)
|
|
async def post_setup(body: SetupRequest, db: DbDep) -> SetupResponse:
|
|
"""Persist the initial BanGUI configuration.
|
|
|
|
Args:
|
|
body: Setup request payload validated by Pydantic.
|
|
db: Injected aiosqlite connection.
|
|
|
|
Returns:
|
|
:class:`~app.models.setup.SetupResponse` on success.
|
|
|
|
Raises:
|
|
HTTPException: 409 if setup has already been completed.
|
|
"""
|
|
if await setup_service.is_setup_complete(db):
|
|
raise HTTPException(
|
|
status_code=status.HTTP_409_CONFLICT,
|
|
detail="Setup has already been completed.",
|
|
)
|
|
|
|
await setup_service.run_setup(
|
|
db,
|
|
master_password=body.master_password,
|
|
database_path=body.database_path,
|
|
fail2ban_socket=body.fail2ban_socket,
|
|
timezone=body.timezone,
|
|
session_duration_minutes=body.session_duration_minutes,
|
|
)
|
|
return SetupResponse()
|