feat(web): self-onboarding multi-tenant + auth sesiune (PRD 3.3a)
Canalul web trece de la 100% deschis (hardcodat cont 1) la autentificat si multi-tenant. Un service nou se inregistreaza din browser, primeste o cheie API (o singura data) si o sesiune; contul se creeaza "in asteptare" (active=0) si nu trimite la RAR pana la activarea de catre admin (tools/account.py activate). - users + app/users.py: parole scrypt (salt per-user, eticheta parametri onorata la verify pentru migrare cost), email unic case-insensitive - sesiune: SessionMiddleware (same_site=strict, https_only config) + app/web/session.py (current_account/web_account/require_login->LoginRequired, set_session clear-inainte) - CSRF (app/web/csrf.py) enforce in prod inclusiv pe login/signup + rate-limit in-proces (app/web/ratelimit.py) pe signup si login - signup/login/logout (app/web/auth_routes.py): signup tranzactie atomica, cheie-o-data, log SIGNUP pentru descoperire admin - dashboard + import scoped pe contul sesiunii (regula NULL->cont 1); toate rutele web care ating date sensibile sub require_login; nomenclator ramane global - banner "cont in asteptare" pentru conturi active=0 - gate worker: claim_one LEFT JOIN accounts COALESCE(active,1)=1 (account_id NULL=activ) VERIFY context curat (2 runde): leak cross-account /_fragments/mapari prins+reparat. /code-review high: csrf_token lipsa pe re-randari de eroare, scrypt_params ignorat, login fara rate-limit -- toate reparate. 361 teste pass (de la 313). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
75
app/web/session.py
Normal file
75
app/web/session.py
Normal file
@@ -0,0 +1,75 @@
|
||||
"""Helper-e sesiune web. US-002 PRD 3.3.
|
||||
|
||||
Mecanism require_login (C11): NU un dependency FastAPI care intoarce RedirectResponse
|
||||
(acela nu scurtcircuiteaza handler-ul — FastAPI continua executia). In schimb:
|
||||
- require_login() RIDICA LoginRequired
|
||||
- app.main inregistreaza @app.exception_handler(LoginRequired) care intoarce
|
||||
RedirectResponse('/login', 303)
|
||||
Astfel handler-ul e intrerupt imediat la raise, independent de logica FastAPI.
|
||||
"""
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
from starlette.requests import Request
|
||||
|
||||
from ..config import get_settings
|
||||
from ..mapping import DEFAULT_ACCOUNT_ID
|
||||
|
||||
|
||||
class LoginRequired(Exception):
|
||||
"""Ridica pentru a redirectiona la /login (prinsa de exception_handler in main.py)."""
|
||||
|
||||
|
||||
def current_account(request: Request) -> int | None:
|
||||
"""account_id din sesiune sau None daca nu e logat."""
|
||||
val = request.session.get("account_id")
|
||||
return int(val) if val is not None else None
|
||||
|
||||
|
||||
def current_user_id(request: Request) -> int | None:
|
||||
"""user_id din sesiune sau None (C19: leaga import_attestations.confirmed_by)."""
|
||||
val = request.session.get("user_id")
|
||||
return int(val) if val is not None else None
|
||||
|
||||
|
||||
def web_account(request: Request) -> int | None:
|
||||
"""account_id pentru rutele web de CITIRE.
|
||||
|
||||
- sesiune activa -> contul sesiunii
|
||||
- fara sesiune + web_auth_required=False (dev) -> DEFAULT_ACCOUNT_ID (cont 1, back-compat)
|
||||
- fara sesiune + web_auth_required=True (prod) -> None
|
||||
|
||||
Rutele de SCRIERE trebuie sa foloseasca require_login() direct, nu web_account(),
|
||||
ca sa nu cada niciodata tacit pe contul 1 in prod.
|
||||
"""
|
||||
aid = current_account(request)
|
||||
if aid is not None:
|
||||
return aid
|
||||
settings = get_settings()
|
||||
if not settings.web_auth_required:
|
||||
return DEFAULT_ACCOUNT_ID
|
||||
return None
|
||||
|
||||
|
||||
def require_login(request: Request) -> int:
|
||||
"""Verifica sesiunea activa; ridica LoginRequired daca nu.
|
||||
|
||||
Intoarce account_id la succes. Aruncatorul (exception_handler din main.py)
|
||||
intercepteaza LoginRequired si intoarce RedirectResponse('/login', 303).
|
||||
"""
|
||||
aid = web_account(request)
|
||||
if aid is None:
|
||||
raise LoginRequired()
|
||||
return aid
|
||||
|
||||
|
||||
def set_session(request: Request, account_id: int, user_id: int) -> None:
|
||||
"""Seteaza sesiunea dupa login. Curata mai intai (C3 anti-fixare sesiune)."""
|
||||
request.session.clear()
|
||||
request.session["account_id"] = account_id
|
||||
request.session["user_id"] = user_id
|
||||
|
||||
|
||||
def clear_session(request: Request) -> None:
|
||||
"""Sterge sesiunea (logout)."""
|
||||
request.session.clear()
|
||||
Reference in New Issue
Block a user