1dc87d0f64
All checks were successful
Build and Deploy / build-and-deploy (push) Successful in 7m0s
- Replace L2's username/password auth with OAuth SSO via account.rose-ash.com - Add device_id middleware (artdag_did cookie) - Add silent auth check (prompt=none with 5-min cooldown) - Add OAuth config settings and itsdangerous dependency - Register artdag_l2 client with account service Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Account App
User dashboard for the Rose Ash cooperative. Provides account management, newsletter preferences, and widget pages for tickets and bookings.
Structure
app.py # Application factory (create_base_app + blueprints)
path_setup.py # Adds project root + app dir to sys.path
entrypoint.sh # Container entrypoint (Redis flush, start)
bp/
account/ # Dashboard, newsletters, widget pages (tickets, bookings)
auth/ # OAuth client routes + HTTP token exchange for non-coop clients
fragments/ # auth-menu fragment (sign-in button / user menu)
models/ # Re-export stubs pointing to shared/models/
services/ # register_domain_services() — wires all domains
templates/ # Account-specific templates (override shared/)
Auth menu
Account serves the auth-menu fragment consumed by all other apps' headers. It renders either a sign-in button (anonymous) or the user's email with a dropdown (authenticated), for both desktop and mobile layouts.
OAuth token exchange
POST /auth/oauth/token provides HTTP-based token exchange for non-coop OAuth clients (e.g., Artdag).
Cross-domain communication
services.blog.*— post queries for page contextservices.calendar.*— calendar/entry queries for bookings panelservices.cart.*— cart summary + orders for tickets panel
Fragments served
- auth-menu — sign-in button or user email menu (desktop + mobile)