knacky/mimic-big
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
feature/backend-user-mgmt
mimic-big/backend/pyproject.toml
knacky 38b35c933a feat(backend): wire auth endpoints + dev CORS (sprint 1) 
Three login endpoints under /api/v1/auth/ + dev-only CORS so the Vite
frontend can drive the session cookie.

- POST /login validates local credentials and sets a Flask session cookie.
  Returns the CurrentUser shape on 200 (user_id, username=email,
  display_name, role, permissions, groups). Uniform 401 invalid_credentials
  on bad password or unknown user; a bcrypt round against a dummy hash runs
  even on unknown users so the request timing does not enumerate accounts.
  Audits an auth.login row and bumps user.last_login_at.
- POST /logout (login_required) clears the session, returns 204, audits an
  auth.logout row.
- GET /me returns the current principal or 401 not_authenticated. Used by
  the frontend at boot to rehydrate state.

Side wiring:
- LoginManager.unauthorized_handler emits the same {error, message} JSON
  envelope so @login_required 401s match the rest of the API surface.
- api/_helpers gains `serialize_current_user(AuthUser) -> CurrentUser` and
  `api_error(code, message, status)` — used by the auth blueprint and
  available to follow-up endpoints.
- AuthUser carries display_name + user_type now; identity.load_user routes
  through a new `authuser_from_orm()` helper that the login endpoint also
  uses so /login and the user_loader produce identical shapes.
- Dev-only CORS via flask-cors on /api/*, gated on
  MIMIC_ENV=development AND MIMIC_CORS_ORIGINS non-empty. Prod keeps
  same-origin (reverse proxy fronts the SPA + API).
- LoginRequest + CurrentUser DTOs added to mimic.schemas.

No frontend-visible change to engagements (sprint-0 already shipped
created_by_id, audit log, F11 scope).
2026-05-23 04:21:44 +02:00

153 lines
3.5 KiB
TOML
Raw Permalink Blame History

[build-system]
requires = ["hatchling>=1.24"]
build-backend = "hatchling.build"
[project]
name = "mimic"
version = "0.1.0a0"
description = "Mimic — internal BAS platform (sprint 0 skeleton)"
readme = "README.md"
requires-python = ">=3.12"
license = { text = "Proprietary" }
authors = [{ name = "RT" }]
dependencies = [
"flask>=3.0,<4.0",
"flask-cors>=4.0,<6.0",
"flask-socketio>=5.3,<6.0",
"flask-login>=0.6.3,<1.0",
"flask-migrate>=4.0,<5.0",
"sqlalchemy>=2.0,<3.0",
"alembic>=1.13,<2.0",
"psycopg[binary]>=3.1,<4.0",
"pydantic>=2.6,<3.0",
"pydantic-settings>=2.2,<3.0",
"python-json-logger>=2.0,<3.0",
"structlog>=24.1,<25.0",
"bcrypt>=4.1,<5.0",
"cryptography>=42.0,<43.0",
"jinja2>=3.1,<4.0",
"google-re2>=1.1,<2.0",
"click>=8.1,<9.0",
"gevent>=24.2,<25.0",
"gevent-websocket>=0.10,<1.0",
"gunicorn>=22.0,<24.0",
"httpx>=0.27,<1.0",
"weasyprint>=61.0,<62.0",
"authlib>=1.3,<2.0",
"pyyaml>=6.0,<7.0",
]
[project.optional-dependencies]
dev = [
"pytest>=8.0,<9.0",
"pytest-cov>=5.0,<6.0",
"pytest-flask>=1.3,<2.0",
"pytest-mock>=3.12,<4.0",
"testcontainers[postgres]>=4.4,<5.0",
"ruff>=0.4,<1.0",
"mypy>=1.10,<2.0",
"types-pyyaml>=6.0,<7.0",
"freezegun>=1.5,<2.0",
]
[project.scripts]
mimic-cli = "mimic.cli:cli"
[tool.hatch.build.targets.wheel]
packages = ["src/mimic"]
[tool.hatch.build.targets.sdist]
include = ["src/mimic", "README.md", "pyproject.toml"]
# -- Ruff -------------------------------------------------------------------
[tool.ruff]
line-length = 100
target-version = "py312"
src = ["src", "tests"]
[tool.ruff.lint]
select = [
"E", "F", "W", # pycodestyle / pyflakes
"I", # isort
"B", # bugbear
"UP", # pyupgrade
"N", # pep8-naming
"S", # flake8-bandit (security)
"C4", # comprehensions
"DTZ", # datetime tz
"PIE",
"PT", # pytest
"RET",
"SIM",
"TID",
"PL",
"RUF",
]
ignore = [
"PLR0913", # too many args (Flask handlers + DI)
"S101", # assert in tests
]
[tool.ruff.lint.per-file-ignores]
"tests/**" = ["S101", "S105", "S106", "PLR2004"]
"src/mimic/db/migrations/**" = ["E501", "N999"]
[tool.ruff.lint.isort]
known-first-party = ["mimic"]
# -- Mypy -------------------------------------------------------------------
[tool.mypy]
python_version = "3.12"
strict = true
warn_unreachable = true
warn_unused_ignores = true
show_error_codes = true
plugins = ["pydantic.mypy"]
exclude = ["src/mimic/db/migrations/versions/"]
[[tool.mypy.overrides]]
module = [
"weasyprint.*",
"google.re2.*",
"re2",
"flask_socketio.*",
"flask_migrate.*",
"flask_login.*",
"flask_cors.*",
"pythonjsonlogger.*",
"gevent.*",
"testcontainers.*",
"authlib.*",
]
ignore_missing_imports = true
# -- Pytest -----------------------------------------------------------------
[tool.pytest.ini_options]
testpaths = ["tests"]
addopts = "-ra --strict-markers --strict-config"
markers = [
"integration: requires testcontainers Postgres",
"slow: long-running tests",
]
filterwarnings = ["error"]
[tool.coverage.run]
branch = true
source = ["src/mimic"]
omit = ["src/mimic/db/migrations/*"]
[tool.coverage.report]
fail_under = 70
show_missing = true
skip_covered = false
exclude_lines = [
"pragma: no cover",
"raise NotImplementedError",
"if TYPE_CHECKING:",
"\\.\\.\\.",
]
Reference in New Issue View Git Blame Copy Permalink