feat(web): self-service cheie/creds + admin web + email signup (PRD 3.3b)
US-007: rute web proprii /cont/roteste-cheie + /cont/rar-creds scoped pe sesiune (C13), sectiune "Contul meu" cu cheie afisata o data. US-010: rol admin (users.is_admin) + require_admin->403 + CLI set-admin + bootstrap primul cont=admin (count_admins in BEGIN IMMEDIATE, anti-race). US-011: panou /admin (activare/dezactivare conturi, CSRF + PRG), link admin + logout pe dashboard. US-012: app/email.py notify_signup best-effort degradat fara SMTP + config smtp_*. Fix: migrare defensiva users.is_admin/email_verified in _migrate. VERIFY x2 context curat (PASS) + /code-review high. 393 teste pass. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -28,8 +28,9 @@ from .db import get_connection, init_db, queue_depth, read_heartbeat
|
||||
from .security import install_log_redaction
|
||||
from .web.routes import router as web_router
|
||||
from .web.auth_routes import router as auth_router
|
||||
from .web.admin_routes import router as admin_router
|
||||
from .web.csrf import CsrfError
|
||||
from .web.session import LoginRequired
|
||||
from .web.session import AdminRequired, LoginRequired
|
||||
|
||||
|
||||
@asynccontextmanager
|
||||
@@ -57,6 +58,11 @@ async def login_required_handler(request: Request, exc: LoginRequired) -> Redire
|
||||
return RedirectResponse("/login", status_code=303)
|
||||
|
||||
|
||||
@app.exception_handler(AdminRequired)
|
||||
async def admin_required_handler(request: Request, exc: AdminRequired) -> JSONResponse:
|
||||
return JSONResponse(status_code=403, content={"detail": "acces interzis (necesita admin)"})
|
||||
|
||||
|
||||
@app.exception_handler(CsrfError)
|
||||
async def csrf_error_handler(request: Request, exc: CsrfError) -> JSONResponse:
|
||||
return JSONResponse(status_code=403, content={"detail": "CSRF invalid"})
|
||||
@@ -86,6 +92,7 @@ app.include_router(api_v1_router)
|
||||
app.include_router(import_v1_router)
|
||||
app.include_router(web_router)
|
||||
app.include_router(auth_router)
|
||||
app.include_router(admin_router)
|
||||
|
||||
|
||||
@app.get("/healthz")
|
||||
|
||||
Reference in New Issue
Block a user