504b490d3b
Canalul web trece de la 100% deschis (hardcodat cont 1) la autentificat si multi-tenant. Un service nou se inregistreaza din browser, primeste o cheie API (o singura data) si o sesiune; contul se creeaza "in asteptare" (active=0) si nu trimite la RAR pana la activarea de catre admin (tools/account.py activate). - users + app/users.py: parole scrypt (salt per-user, eticheta parametri onorata la verify pentru migrare cost), email unic case-insensitive - sesiune: SessionMiddleware (same_site=strict, https_only config) + app/web/session.py (current_account/web_account/require_login->LoginRequired, set_session clear-inainte) - CSRF (app/web/csrf.py) enforce in prod inclusiv pe login/signup + rate-limit in-proces (app/web/ratelimit.py) pe signup si login - signup/login/logout (app/web/auth_routes.py): signup tranzactie atomica, cheie-o-data, log SIGNUP pentru descoperire admin - dashboard + import scoped pe contul sesiunii (regula NULL->cont 1); toate rutele web care ating date sensibile sub require_login; nomenclator ramane global - banner "cont in asteptare" pentru conturi active=0 - gate worker: claim_one LEFT JOIN accounts COALESCE(active,1)=1 (account_id NULL=activ) VERIFY context curat (2 runde): leak cross-account /_fragments/mapari prins+reparat. /code-review high: csrf_token lipsa pe re-randari de eroare, scrypt_params ignorat, login fara rate-limit -- toate reparate. 361 teste pass (de la 313). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
156 lines
5.0 KiB
Python
156 lines
5.0 KiB
Python
"""Rute autentificare web: /signup (US-003), /login + /logout (US-004). PRD 3.3."""
|
|
|
|
from __future__ import annotations
|
|
|
|
from pathlib import Path
|
|
|
|
from fastapi import APIRouter, Form, Request
|
|
from fastapi.responses import HTMLResponse, RedirectResponse
|
|
from fastapi.templating import Jinja2Templates
|
|
|
|
from .. import __version__
|
|
from ..accounts import create_account
|
|
from ..auth import create_api_key
|
|
from ..config import get_settings
|
|
from ..db import get_connection
|
|
from ..users import create_user, verify_password
|
|
from ..web.csrf import get_csrf_token, verify_csrf
|
|
from ..web.ratelimit import check_rate_limit
|
|
from ..web.session import clear_session, set_session
|
|
|
|
router = APIRouter()
|
|
_TMPL = Jinja2Templates(directory=str(Path(__file__).resolve().parent / "templates"))
|
|
|
|
_RATE_MSG = "Prea multe cereri. Incearca mai tarziu."
|
|
_PASSWORD_MIN = 10
|
|
|
|
|
|
def _ctx(request: Request, **extra) -> dict:
|
|
settings = get_settings()
|
|
return {"rar_env": settings.rar_env, "version": __version__, **extra}
|
|
|
|
|
|
# --- Signup ---
|
|
|
|
@router.get("/signup", response_class=HTMLResponse)
|
|
async def signup_get(request: Request):
|
|
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
|
request, csrf_token=get_csrf_token(request)
|
|
))
|
|
|
|
|
|
@router.post("/signup", response_class=HTMLResponse)
|
|
async def signup_post(
|
|
request: Request,
|
|
name: str = Form(default=""),
|
|
cui: str = Form(default=""),
|
|
email: str = Form(default=""),
|
|
parola: str = Form(default=""),
|
|
csrf_token: str = Form(default=""),
|
|
):
|
|
verify_csrf(request, csrf_token)
|
|
|
|
settings = get_settings()
|
|
ip = request.client.host if request.client else "unknown"
|
|
if not check_rate_limit(ip, settings.signup_rate_max, settings.signup_rate_window_s):
|
|
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
|
request,
|
|
csrf_token=get_csrf_token(request),
|
|
error=_RATE_MSG,
|
|
name=name, cui=cui, email=email,
|
|
), status_code=429)
|
|
|
|
if len(parola) < _PASSWORD_MIN:
|
|
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
|
request,
|
|
csrf_token=get_csrf_token(request),
|
|
error=f"Parola trebuie sa aiba cel putin {_PASSWORD_MIN} caractere.",
|
|
name=name, cui=cui, email=email,
|
|
), status_code=422)
|
|
|
|
conn = get_connection()
|
|
try:
|
|
conn.execute("BEGIN IMMEDIATE")
|
|
try:
|
|
account_id = create_account(conn, name, cui.strip() or None, active=False)
|
|
user_id = create_user(conn, account_id, email, parola)
|
|
api_key = create_api_key(conn, account_id)
|
|
conn.execute("COMMIT")
|
|
except Exception as exc:
|
|
conn.execute("ROLLBACK")
|
|
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
|
request,
|
|
csrf_token=get_csrf_token(request),
|
|
error=str(exc),
|
|
name=name, cui=cui, email=email,
|
|
), status_code=422)
|
|
finally:
|
|
conn.close()
|
|
|
|
set_session(request, account_id, user_id)
|
|
print(f"SIGNUP cont={account_id} email={email}", flush=True)
|
|
|
|
return _TMPL.TemplateResponse(request, "signup.html", _ctx(
|
|
request,
|
|
csrf_token=get_csrf_token(request),
|
|
api_key=api_key,
|
|
account_id=account_id,
|
|
))
|
|
|
|
|
|
# --- Login / Logout ---
|
|
|
|
@router.get("/login", response_class=HTMLResponse)
|
|
async def login_get(request: Request):
|
|
return _TMPL.TemplateResponse(request, "login.html", _ctx(
|
|
request, csrf_token=get_csrf_token(request)
|
|
))
|
|
|
|
|
|
@router.post("/login", response_class=HTMLResponse)
|
|
async def login_post(
|
|
request: Request,
|
|
email: str = Form(default=""),
|
|
parola: str = Form(default=""),
|
|
csrf_token: str = Form(default=""),
|
|
):
|
|
verify_csrf(request, csrf_token)
|
|
|
|
settings = get_settings()
|
|
ip = request.client.host if request.client else "unknown"
|
|
if not check_rate_limit("login:" + ip, settings.login_rate_max, settings.signup_rate_window_s):
|
|
return _TMPL.TemplateResponse(request, "login.html", _ctx(
|
|
request,
|
|
csrf_token=get_csrf_token(request),
|
|
error=_RATE_MSG,
|
|
), status_code=429)
|
|
|
|
conn = get_connection()
|
|
try:
|
|
account_id = verify_password(conn, email, parola)
|
|
if account_id is None:
|
|
return _TMPL.TemplateResponse(request, "login.html", _ctx(
|
|
request,
|
|
csrf_token=get_csrf_token(request),
|
|
error="Email sau parola incorecte.",
|
|
), status_code=401)
|
|
row = conn.execute(
|
|
"SELECT id FROM users WHERE email=? COLLATE NOCASE", (email.strip(),)
|
|
).fetchone()
|
|
user_id = int(row["id"]) if row else 0
|
|
finally:
|
|
conn.close()
|
|
|
|
set_session(request, account_id, user_id)
|
|
return RedirectResponse("/", status_code=303)
|
|
|
|
|
|
@router.post("/logout", response_class=HTMLResponse)
|
|
async def logout_post(
|
|
request: Request,
|
|
csrf_token: str = Form(default=""),
|
|
):
|
|
verify_csrf(request, csrf_token)
|
|
clear_session(request)
|
|
return RedirectResponse("/login", status_code=303)
|