Migrate to PostgreSQL database, consolidate routes, improve home page
- Add PostgreSQL with asyncpg for persistent storage
- Create db.py module with async database operations
- Create migrate.py script to migrate JSON data to PostgreSQL
- Update docker-compose.yml with PostgreSQL service
- Home page now shows README with styled headings
- Remove /ui prefix routes, use content negotiation on main routes
- Add /activities/{idx} as canonical route (with /activity redirect)
- Update /assets/{name} to support HTML and JSON responses
- Convert auth.py to use async database operations
- RSA keys still stored as files in $ARTDAG_DATA/keys/
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
gilesb
90
auth.py
90
auth.py
@@ -4,7 +4,6 @@ Authentication for Art DAG L2 Server.
|
||||
User registration, login, and JWT tokens.
|
||||
"""
|
||||
|
||||
import json
|
||||
import os
|
||||
import secrets
|
||||
from datetime import datetime, timezone, timedelta
|
||||
@@ -15,6 +14,8 @@ import bcrypt
|
||||
from jose import JWTError, jwt
|
||||
from pydantic import BaseModel
|
||||
|
||||
import db
|
||||
|
||||
# JWT settings
|
||||
ALGORITHM = "HS256"
|
||||
ACCESS_TOKEN_EXPIRE_DAYS = 30
|
||||
@@ -68,25 +69,8 @@ class Token(BaseModel):
|
||||
expires_at: str
|
||||
|
||||
|
||||
def get_users_path(data_dir: Path) -> Path:
|
||||
"""Get users file path."""
|
||||
return data_dir / "users.json"
|
||||
|
||||
|
||||
def load_users(data_dir: Path) -> dict[str, dict]:
|
||||
"""Load users from disk."""
|
||||
path = get_users_path(data_dir)
|
||||
if path.exists():
|
||||
with open(path) as f:
|
||||
return json.load(f)
|
||||
return {}
|
||||
|
||||
|
||||
def save_users(data_dir: Path, users: dict[str, dict]):
|
||||
"""Save users to disk."""
|
||||
path = get_users_path(data_dir)
|
||||
with open(path, "w") as f:
|
||||
json.dump(users, f, indent=2)
|
||||
# Keep DATA_DIR for keys (RSA keys still stored as files)
|
||||
DATA_DIR = Path(os.environ.get("ARTDAG_DATA", str(Path.home() / ".artdag" / "l2")))
|
||||
|
||||
|
||||
def hash_password(password: str) -> str:
|
||||
@@ -102,43 +86,53 @@ def verify_password(plain_password: str, hashed_password: str) -> bool:
|
||||
return bcrypt.checkpw(pw_bytes, hashed_password.encode('utf-8'))
|
||||
|
||||
|
||||
def create_user(data_dir: Path, username: str, password: str, email: Optional[str] = None) -> User:
|
||||
async def create_user(data_dir: Path, username: str, password: str, email: Optional[str] = None) -> User:
|
||||
"""Create a new user with ActivityPub keys."""
|
||||
from keys import generate_keypair
|
||||
|
||||
users = load_users(data_dir)
|
||||
|
||||
if username in users:
|
||||
if await db.user_exists(username):
|
||||
raise ValueError(f"Username already exists: {username}")
|
||||
|
||||
user = User(
|
||||
username=username,
|
||||
password_hash=hash_password(password),
|
||||
created_at=datetime.now(timezone.utc).isoformat(),
|
||||
email=email
|
||||
)
|
||||
|
||||
users[username] = user.model_dump()
|
||||
save_users(data_dir, users)
|
||||
password_hash = hash_password(password)
|
||||
user_data = await db.create_user(username, password_hash, email)
|
||||
|
||||
# Generate ActivityPub keys for this user
|
||||
generate_keypair(data_dir, username)
|
||||
|
||||
return user
|
||||
# Convert datetime to ISO string if needed
|
||||
created_at = user_data.get("created_at")
|
||||
if hasattr(created_at, 'isoformat'):
|
||||
created_at = created_at.isoformat()
|
||||
|
||||
return User(
|
||||
username=username,
|
||||
password_hash=password_hash,
|
||||
created_at=created_at,
|
||||
email=email
|
||||
)
|
||||
|
||||
|
||||
def authenticate_user(data_dir: Path, username: str, password: str) -> Optional[User]:
|
||||
async def authenticate_user(data_dir: Path, username: str, password: str) -> Optional[User]:
|
||||
"""Authenticate a user by username and password."""
|
||||
users = load_users(data_dir)
|
||||
user_data = await db.get_user(username)
|
||||
|
||||
if username not in users:
|
||||
if not user_data:
|
||||
return None
|
||||
|
||||
user_data = users[username]
|
||||
if not verify_password(password, user_data["password_hash"]):
|
||||
return None
|
||||
|
||||
return User(**user_data)
|
||||
# Convert datetime to ISO string if needed
|
||||
created_at = user_data.get("created_at")
|
||||
if hasattr(created_at, 'isoformat'):
|
||||
created_at = created_at.isoformat()
|
||||
|
||||
return User(
|
||||
username=user_data["username"],
|
||||
password_hash=user_data["password_hash"],
|
||||
created_at=created_at,
|
||||
email=user_data.get("email")
|
||||
)
|
||||
|
||||
|
||||
def create_access_token(username: str) -> Token:
|
||||
@@ -170,14 +164,24 @@ def verify_token(token: str) -> Optional[str]:
|
||||
return None
|
||||
|
||||
|
||||
def get_current_user(data_dir: Path, token: str) -> Optional[User]:
|
||||
async def get_current_user(data_dir: Path, token: str) -> Optional[User]:
|
||||
"""Get current user from token."""
|
||||
username = verify_token(token)
|
||||
if not username:
|
||||
return None
|
||||
|
||||
users = load_users(data_dir)
|
||||
if username not in users:
|
||||
user_data = await db.get_user(username)
|
||||
if not user_data:
|
||||
return None
|
||||
|
||||
return User(**users[username])
|
||||
# Convert datetime to ISO string if needed
|
||||
created_at = user_data.get("created_at")
|
||||
if hasattr(created_at, 'isoformat'):
|
||||
created_at = created_at.isoformat()
|
||||
|
||||
return User(
|
||||
username=user_data["username"],
|
||||
password_hash=user_data["password_hash"],
|
||||
created_at=created_at,
|
||||
email=user_data.get("email")
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user