cbfdf5289e
Phase 5: Multi-user authentication with session cookies, bcrypt passwords, first-user-is-admin pattern, per-user data isolation, backup/restore, Docker Swarm production stack with secrets and network isolation. Phase 5.1: Chat UX improvements: - Background generation architecture (GenerationBuffer + asyncio task) with SSE fan-out, reconnect support, and periodic DB flushes - LLM-generated conversation titles (first exchange + every 10th message) - Stop generation button with cancel_event and partial content preservation - Relative timestamps in sidebar (5m ago, 3h ago, then dates) - Empty chat auto-cleanup on navigation away - Save-as-note uses LLM for title generation, tags notes with "chat" - Summarize-as-note also tags with "chat" Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
71 lines
2.0 KiB
Python
71 lines
2.0 KiB
Python
from quart import Blueprint, jsonify, request, session
|
|
|
|
from fabledassistant.auth import login_required, get_current_user_id
|
|
from fabledassistant.services.auth import (
|
|
authenticate,
|
|
create_user,
|
|
get_user_by_id,
|
|
get_user_count,
|
|
)
|
|
|
|
auth_bp = Blueprint("auth", __name__, url_prefix="/api/auth")
|
|
|
|
|
|
@auth_bp.route("/register", methods=["POST"])
|
|
async def register():
|
|
data = await request.get_json()
|
|
username = (data.get("username") or "").strip()
|
|
password = data.get("password") or ""
|
|
email = (data.get("email") or "").strip() or None
|
|
|
|
if not username:
|
|
return jsonify({"error": "Username is required"}), 400
|
|
if len(password) < 8:
|
|
return jsonify({"error": "Password must be at least 8 characters"}), 400
|
|
|
|
try:
|
|
user = await create_user(username, password, email)
|
|
except Exception:
|
|
return jsonify({"error": "Username already taken"}), 409
|
|
|
|
session["user_id"] = user.id
|
|
return jsonify(user.to_dict()), 201
|
|
|
|
|
|
@auth_bp.route("/login", methods=["POST"])
|
|
async def login():
|
|
data = await request.get_json()
|
|
username = (data.get("username") or "").strip()
|
|
password = data.get("password") or ""
|
|
|
|
if not username or not password:
|
|
return jsonify({"error": "Username and password are required"}), 400
|
|
|
|
user = await authenticate(username, password)
|
|
if not user:
|
|
return jsonify({"error": "Invalid username or password"}), 401
|
|
|
|
session["user_id"] = user.id
|
|
return jsonify(user.to_dict())
|
|
|
|
|
|
@auth_bp.route("/logout", methods=["POST"])
|
|
async def logout():
|
|
session.clear()
|
|
return jsonify({"status": "ok"})
|
|
|
|
|
|
@auth_bp.route("/me", methods=["GET"])
|
|
@login_required
|
|
async def me():
|
|
user = await get_user_by_id(get_current_user_id())
|
|
if not user:
|
|
return jsonify({"error": "User not found"}), 404
|
|
return jsonify(user.to_dict())
|
|
|
|
|
|
@auth_bp.route("/status", methods=["GET"])
|
|
async def status():
|
|
count = await get_user_count()
|
|
return jsonify({"has_users": count > 0})
|