Decouple cross-domain DB queries for per-app database split

Move Ghost membership sync from blog to account service so blog no longer queries account tables (users, ghost_labels, etc.). Account runs membership sync at startup and exposes HTTP action/data endpoints for webhook-triggered syncs and user lookups. Key changes: - account/services/ghost_membership.py: all membership sync functions - account/bp/actions + data: ghost-sync-member, user-by-email, newsletters - blog ghost_sync.py: stripped to content-only (posts, authors, tags) - blog webhook member: delegates to account via call_action() - try_publish: opens federation session when DBs differ - oauth.py callback: uses get_account_session() for OAuthCode - page_configs moved from db_events to db_blog in split script Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-25 11:32:14 +00:00
parent 50a9e5d952
commit 95bd32bd71
15 changed files with 1007 additions and 808 deletions
--- a/account/bp/actions/init.py
+++ b/account/bp/actions/init.py
--- a/account/bp/actions/routes.py
+++ b/account/bp/actions/routes.py
@@ -0,0 +1,64 @@
+"""Account app action endpoints.
+
+Exposes write operations at ``/internal/actions/<action_name>`` for
+cross-app callers (blog webhooks) via the internal action client.
+"""
+from __future__ import annotations
+
+from quart import Blueprint, g, jsonify, request
+
+from shared.infrastructure.actions import ACTION_HEADER
+
+
+def register() -> Blueprint:
+    bp = Blueprint("actions", __name__, url_prefix="/internal/actions")
+
+    @bp.before_request
+    async def _require_action_header():
+        if not request.headers.get(ACTION_HEADER):
+            return jsonify({"error": "forbidden"}), 403
+
+    _handlers: dict[str, object] = {}
+
+    @bp.post("/<action_name>")
+    async def handle_action(action_name: str):
+        handler = _handlers.get(action_name)
+        if handler is None:
+            return jsonify({"error": "unknown action"}), 404
+        try:
+            result = await handler()
+            return jsonify(result)
+        except Exception as exc:
+            import logging
+            logging.getLogger(__name__).exception("Action %s failed", action_name)
+            return jsonify({"error": str(exc)}), 500
+
+    # --- ghost-sync-member ---
+    async def _ghost_sync_member():
+        """Sync a single Ghost member into db_account."""
+        data = await request.get_json()
+        ghost_id = data.get("ghost_id")
+        if not ghost_id:
+            return {"error": "ghost_id required"}, 400
+
+        from services.ghost_membership import sync_single_member
+        await sync_single_member(g.s, ghost_id)
+        return {"ok": True}
+
+    _handlers["ghost-sync-member"] = _ghost_sync_member
+
+    # --- ghost-push-member ---
+    async def _ghost_push_member():
+        """Push a local user's membership data to Ghost."""
+        data = await request.get_json()
+        user_id = data.get("user_id")
+        if not user_id:
+            return {"error": "user_id required"}, 400
+
+        from services.ghost_membership import sync_member_to_ghost
+        result_id = await sync_member_to_ghost(g.s, int(user_id))
+        return {"ok": True, "ghost_id": result_id}
+
+    _handlers["ghost-push-member"] = _ghost_push_member
+
+    return bp
--- a/account/bp/data/init.py
+++ b/account/bp/data/init.py
--- a/account/bp/data/routes.py
+++ b/account/bp/data/routes.py
@@ -0,0 +1,64 @@
+"""Account app data endpoints.
+
+Exposes read-only JSON queries at ``/internal/data/<query_name>`` for
+cross-app callers via the internal data client.
+"""
+from __future__ import annotations
+
+from quart import Blueprint, g, jsonify, request
+
+from shared.infrastructure.data_client import DATA_HEADER
+from sqlalchemy import select
+from shared.models import User
+
+
+def register() -> Blueprint:
+    bp = Blueprint("data", __name__, url_prefix="/internal/data")
+
+    @bp.before_request
+    async def _require_data_header():
+        if not request.headers.get(DATA_HEADER):
+            return jsonify({"error": "forbidden"}), 403
+
+    _handlers: dict[str, object] = {}
+
+    @bp.get("/<query_name>")
+    async def handle_query(query_name: str):
+        handler = _handlers.get(query_name)
+        if handler is None:
+            return jsonify({"error": "unknown query"}), 404
+        result = await handler()
+        return jsonify(result)
+
+    # --- user-by-email ---
+    async def _user_by_email():
+        """Return user_id for a given email address."""
+        email = request.args.get("email", "").strip().lower()
+        if not email:
+            return None
+        result = await g.s.execute(
+            select(User.id).where(User.email.ilike(email))
+        )
+        row = result.first()
+        if not row:
+            return None
+        return {"user_id": row[0]}
+
+    _handlers["user-by-email"] = _user_by_email
+
+    # --- newsletters ---
+    async def _newsletters():
+        """Return all Ghost newsletters (for blog post editor)."""
+        from shared.models.ghost_membership_entities import GhostNewsletter
+        result = await g.s.execute(
+            select(GhostNewsletter.id, GhostNewsletter.ghost_id, GhostNewsletter.name, GhostNewsletter.slug)
+            .order_by(GhostNewsletter.name)
+        )
+        return [
+            {"id": row[0], "ghost_id": row[1], "name": row[2], "slug": row[3]}
+            for row in result.all()
+        ]
+
+    _handlers["newsletters"] = _newsletters
+
+    return bp