semantics: complete DEF-to-region migration, fix regressions
- Convert legacy [DEF🆔Type] anchors to #region/#endregion across 329 files
- Reinstate _normalize_timestamp_value in sql_generator.py
- Fix MarkerLogger→logger migration in events.py (molecular CoT markers)
- Fix dataset_review orchestrator dependencies (_build_execution_snapshot)
- Fix config_manager stale-record deletion (moved to save path only)
- Add 77 missing [/DEF:] closers in 5 unbalanced test files
- Update assistant_chat.integration.test.js for #region format
- Apply molecular-cot-logging markers (REASON/REFLECT/EXPLORE) via logger.* methods
This commit is contained in:
@@ -1,14 +1,13 @@
|
||||
# #region AuthApi [C:3] [TYPE Module] [SEMANTICS api, auth, routes, login, logout]
|
||||
#
|
||||
# @BRIEF Authentication API endpoints.
|
||||
# @LAYER API
|
||||
# @INVARIANT All auth endpoints must return consistent error codes.
|
||||
# @LAYER: API
|
||||
# @RELATION DEPENDS_ON -> [AuthService]
|
||||
# @RELATION DEPENDS_ON -> [get_auth_db]
|
||||
# @RELATION DEPENDS_ON -> [get_current_user]
|
||||
# @RELATION DEPENDS_ON -> [is_adfs_configured]
|
||||
#
|
||||
# @INVARIANT: All auth endpoints must return consistent error codes.
|
||||
|
||||
# [SECTION: IMPORTS]
|
||||
from fastapi import APIRouter, Depends, HTTPException, status
|
||||
from fastapi.security import OAuth2PasswordRequestForm
|
||||
from sqlalchemy.orm import Session
|
||||
@@ -20,25 +19,20 @@ from ..core.auth.oauth import oauth, is_adfs_configured
|
||||
from ..core.auth.logger import log_security_event
|
||||
from ..core.logger import belief_scope
|
||||
import starlette.requests
|
||||
# [/SECTION]
|
||||
|
||||
# #region router [C:1] [TYPE Variable]
|
||||
# @BRIEF APIRouter instance for authentication routes.
|
||||
# @RELATION DEPENDS_ON -> [fastapi.APIRouter]
|
||||
# @BRIEF APIRouter instance for authentication routes.
|
||||
router = APIRouter(prefix="/api/auth", tags=["auth"])
|
||||
# #endregion router
|
||||
|
||||
|
||||
# #region login_for_access_token [C:3] [TYPE Function]
|
||||
# @BRIEF Authenticates a user and returns a JWT access token.
|
||||
# @PRE form_data contains username and password.
|
||||
# @POST Returns a Token object on success.
|
||||
# @THROW: HTTPException 401 if authentication fails.
|
||||
# @PARAM: form_data (OAuth2PasswordRequestForm) - Login credentials.
|
||||
# @PARAM: db (Session) - Auth database session.
|
||||
# @RETURN: Token - The generated JWT token.
|
||||
# @RELATION: CALLS -> [AuthService.authenticate_user]
|
||||
# @RELATION: CALLS -> [AuthService.create_session]
|
||||
# @PRE: form_data contains username and password.
|
||||
# @POST: Returns a Token object on success.
|
||||
# @RELATION CALLS -> [AuthService.authenticate_user]
|
||||
# @RELATION CALLS -> [AuthService.create_session]
|
||||
@router.post("/login", response_model=Token)
|
||||
async def login_for_access_token(
|
||||
form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_auth_db)
|
||||
@@ -64,11 +58,9 @@ async def login_for_access_token(
|
||||
|
||||
# #region read_users_me [C:3] [TYPE Function]
|
||||
# @BRIEF Retrieves the profile of the currently authenticated user.
|
||||
# @PRE Valid JWT token provided.
|
||||
# @POST Returns the current user's data.
|
||||
# @PARAM: current_user (UserSchema) - The user extracted from the token.
|
||||
# @RETURN: UserSchema - The current user profile.
|
||||
# @RELATION: DEPENDS_ON -> [get_current_user]
|
||||
# @PRE: Valid JWT token provided.
|
||||
# @POST: Returns the current user's data.
|
||||
# @RELATION DEPENDS_ON -> [get_current_user]
|
||||
@router.get("/me", response_model=UserSchema)
|
||||
async def read_users_me(current_user: UserSchema = Depends(get_current_user)):
|
||||
with belief_scope("api.auth.me"):
|
||||
@@ -80,10 +72,9 @@ async def read_users_me(current_user: UserSchema = Depends(get_current_user)):
|
||||
|
||||
# #region logout [C:3] [TYPE Function]
|
||||
# @BRIEF Logs out the current user (placeholder for session revocation).
|
||||
# @PRE Valid JWT token provided.
|
||||
# @POST Returns success message.
|
||||
# @PARAM: current_user (UserSchema) - The user extracted from the token.
|
||||
# @RELATION: DEPENDS_ON -> [get_current_user]
|
||||
# @PRE: Valid JWT token provided.
|
||||
# @POST: Returns success message.
|
||||
# @RELATION DEPENDS_ON -> [get_current_user]
|
||||
@router.post("/logout")
|
||||
async def logout(current_user: UserSchema = Depends(get_current_user)):
|
||||
with belief_scope("api.auth.logout"):
|
||||
@@ -98,7 +89,7 @@ async def logout(current_user: UserSchema = Depends(get_current_user)):
|
||||
|
||||
# #region login_adfs [C:3] [TYPE Function]
|
||||
# @BRIEF Initiates the ADFS OIDC login flow.
|
||||
# @POST Redirects the user to ADFS.
|
||||
# @POST: Redirects the user to ADFS.
|
||||
# @RELATION USES -> [is_adfs_configured]
|
||||
@router.get("/login/adfs")
|
||||
async def login_adfs(request: starlette.requests.Request):
|
||||
@@ -117,7 +108,7 @@ async def login_adfs(request: starlette.requests.Request):
|
||||
|
||||
# #region auth_callback_adfs [C:3] [TYPE Function]
|
||||
# @BRIEF Handles the callback from ADFS after successful authentication.
|
||||
# @POST Provisions user JIT and returns session token.
|
||||
# @POST: Provisions user JIT and returns session token.
|
||||
# @RELATION DEPENDS_ON -> [is_adfs_configured]
|
||||
# @RELATION CALLS -> [AuthService.provision_adfs_user]
|
||||
# @RELATION CALLS -> [AuthService.create_session]
|
||||
|
||||
Reference in New Issue
Block a user