feat(web): self-onboarding multi-tenant + auth sesiune (PRD 3.3a)
Canalul web trece de la 100% deschis (hardcodat cont 1) la autentificat si multi-tenant. Un service nou se inregistreaza din browser, primeste o cheie API (o singura data) si o sesiune; contul se creeaza "in asteptare" (active=0) si nu trimite la RAR pana la activarea de catre admin (tools/account.py activate). - users + app/users.py: parole scrypt (salt per-user, eticheta parametri onorata la verify pentru migrare cost), email unic case-insensitive - sesiune: SessionMiddleware (same_site=strict, https_only config) + app/web/session.py (current_account/web_account/require_login->LoginRequired, set_session clear-inainte) - CSRF (app/web/csrf.py) enforce in prod inclusiv pe login/signup + rate-limit in-proces (app/web/ratelimit.py) pe signup si login - signup/login/logout (app/web/auth_routes.py): signup tranzactie atomica, cheie-o-data, log SIGNUP pentru descoperire admin - dashboard + import scoped pe contul sesiunii (regula NULL->cont 1); toate rutele web care ating date sensibile sub require_login; nomenclator ramane global - banner "cont in asteptare" pentru conturi active=0 - gate worker: claim_one LEFT JOIN accounts COALESCE(active,1)=1 (account_id NULL=activ) VERIFY context curat (2 runde): leak cross-account /_fragments/mapari prins+reparat. /code-review high: csrf_token lipsa pe re-randari de eroare, scrypt_params ignorat, login fara rate-limit -- toate reparate. 361 teste pass (de la 313). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
155
app/web/auth_routes.py
Normal file
155
app/web/auth_routes.py
Normal file
@@ -0,0 +1,155 @@
|
||||
"""Rute autentificare web: /signup (US-003), /login + /logout (US-004). PRD 3.3."""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
from pathlib import Path
|
||||
|
||||
from fastapi import APIRouter, Form, Request
|
||||
from fastapi.responses import HTMLResponse, RedirectResponse
|
||||
from fastapi.templating import Jinja2Templates
|
||||
|
||||
from .. import __version__
|
||||
from ..accounts import create_account
|
||||
from ..auth import create_api_key
|
||||
from ..config import get_settings
|
||||
from ..db import get_connection
|
||||
from ..users import create_user, verify_password
|
||||
from ..web.csrf import get_csrf_token, verify_csrf
|
||||
from ..web.ratelimit import check_rate_limit
|
||||
from ..web.session import clear_session, set_session
|
||||
|
||||
router = APIRouter()
|
||||
_TMPL = Jinja2Templates(directory=str(Path(__file__).resolve().parent / "templates"))
|
||||
|
||||
_RATE_MSG = "Prea multe cereri. Incearca mai tarziu."
|
||||
_PASSWORD_MIN = 10
|
||||
|
||||
|
||||
def _ctx(request: Request, **extra) -> dict:
|
||||
settings = get_settings()
|
||||
return {"rar_env": settings.rar_env, "version": __version__, **extra}
|
||||
|
||||
|
||||
# --- Signup ---
|
||||
|
||||
@router.get("/signup", response_class=HTMLResponse)
|
||||
async def signup_get(request: Request):
|
||||
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
||||
request, csrf_token=get_csrf_token(request)
|
||||
))
|
||||
|
||||
|
||||
@router.post("/signup", response_class=HTMLResponse)
|
||||
async def signup_post(
|
||||
request: Request,
|
||||
name: str = Form(default=""),
|
||||
cui: str = Form(default=""),
|
||||
email: str = Form(default=""),
|
||||
parola: str = Form(default=""),
|
||||
csrf_token: str = Form(default=""),
|
||||
):
|
||||
verify_csrf(request, csrf_token)
|
||||
|
||||
settings = get_settings()
|
||||
ip = request.client.host if request.client else "unknown"
|
||||
if not check_rate_limit(ip, settings.signup_rate_max, settings.signup_rate_window_s):
|
||||
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
||||
request,
|
||||
csrf_token=get_csrf_token(request),
|
||||
error=_RATE_MSG,
|
||||
name=name, cui=cui, email=email,
|
||||
), status_code=429)
|
||||
|
||||
if len(parola) < _PASSWORD_MIN:
|
||||
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
||||
request,
|
||||
csrf_token=get_csrf_token(request),
|
||||
error=f"Parola trebuie sa aiba cel putin {_PASSWORD_MIN} caractere.",
|
||||
name=name, cui=cui, email=email,
|
||||
), status_code=422)
|
||||
|
||||
conn = get_connection()
|
||||
try:
|
||||
conn.execute("BEGIN IMMEDIATE")
|
||||
try:
|
||||
account_id = create_account(conn, name, cui.strip() or None, active=False)
|
||||
user_id = create_user(conn, account_id, email, parola)
|
||||
api_key = create_api_key(conn, account_id)
|
||||
conn.execute("COMMIT")
|
||||
except Exception as exc:
|
||||
conn.execute("ROLLBACK")
|
||||
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
||||
request,
|
||||
csrf_token=get_csrf_token(request),
|
||||
error=str(exc),
|
||||
name=name, cui=cui, email=email,
|
||||
), status_code=422)
|
||||
finally:
|
||||
conn.close()
|
||||
|
||||
set_session(request, account_id, user_id)
|
||||
print(f"SIGNUP cont={account_id} email={email}", flush=True)
|
||||
|
||||
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
||||
request,
|
||||
csrf_token=get_csrf_token(request),
|
||||
api_key=api_key,
|
||||
account_id=account_id,
|
||||
))
|
||||
|
||||
|
||||
# --- Login / Logout ---
|
||||
|
||||
@router.get("/login", response_class=HTMLResponse)
|
||||
async def login_get(request: Request):
|
||||
return _TMPL.TemplateResponse(request, "login.html", _ctx(
|
||||
request, csrf_token=get_csrf_token(request)
|
||||
))
|
||||
|
||||
|
||||
@router.post("/login", response_class=HTMLResponse)
|
||||
async def login_post(
|
||||
request: Request,
|
||||
email: str = Form(default=""),
|
||||
parola: str = Form(default=""),
|
||||
csrf_token: str = Form(default=""),
|
||||
):
|
||||
verify_csrf(request, csrf_token)
|
||||
|
||||
settings = get_settings()
|
||||
ip = request.client.host if request.client else "unknown"
|
||||
if not check_rate_limit("login:" + ip, settings.login_rate_max, settings.signup_rate_window_s):
|
||||
return _TMPL.TemplateResponse(request, "login.html", _ctx(
|
||||
request,
|
||||
csrf_token=get_csrf_token(request),
|
||||
error=_RATE_MSG,
|
||||
), status_code=429)
|
||||
|
||||
conn = get_connection()
|
||||
try:
|
||||
account_id = verify_password(conn, email, parola)
|
||||
if account_id is None:
|
||||
return _TMPL.TemplateResponse(request, "login.html", _ctx(
|
||||
request,
|
||||
csrf_token=get_csrf_token(request),
|
||||
error="Email sau parola incorecte.",
|
||||
), status_code=401)
|
||||
row = conn.execute(
|
||||
"SELECT id FROM users WHERE email=? COLLATE NOCASE", (email.strip(),)
|
||||
).fetchone()
|
||||
user_id = int(row["id"]) if row else 0
|
||||
finally:
|
||||
conn.close()
|
||||
|
||||
set_session(request, account_id, user_id)
|
||||
return RedirectResponse("/", status_code=303)
|
||||
|
||||
|
||||
@router.post("/logout", response_class=HTMLResponse)
|
||||
async def logout_post(
|
||||
request: Request,
|
||||
csrf_token: str = Form(default=""),
|
||||
):
|
||||
verify_csrf(request, csrf_token)
|
||||
clear_session(request)
|
||||
return RedirectResponse("/login", status_code=303)
|
||||
Reference in New Issue
Block a user