Add local auth: AuthProvider, mailer, sessions, /api/v1/auth
Pluggable AuthProvider interface with a local (email+password) implementation, and a Mailer interface (ConsoleMailer for dev, SMTPMailer for operators). The auth service owns registration, login, opaque session issuance, email verification, and password reset (which revokes prior sessions). Endpoints under /api/v1/auth; sessions are returned as a Bearer token and set as an HttpOnly cookie. Replaces the temporary X-User-Id shim: get_current_user now resolves a real session (Bearer or cookie). The open user-bootstrap endpoint is gone (registration replaces it). App logging is configured so the ConsoleMailer's verification/reset links are visible to self-hosters. Verified end-to-end on the deploy target, including the email-verification flow. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: Justin Paul <justin@jpaul.me>
This commit is contained in:
@@ -0,0 +1,16 @@
|
||||
"""Mailer interface for transactional email.
|
||||
|
||||
Implementations: ConsoleMailer (dev default — logs the link) and SMTPMailer
|
||||
(operator-configured). Selected by config; resolved via app.api.deps.get_mailer.
|
||||
Real deployments will move sending to the worker; for now it is inline.
|
||||
"""
|
||||
|
||||
from abc import ABC, abstractmethod
|
||||
|
||||
|
||||
class Mailer(ABC):
|
||||
@abstractmethod
|
||||
async def send_email_verification(self, *, to: str, link: str) -> None: ...
|
||||
|
||||
@abstractmethod
|
||||
async def send_password_reset(self, *, to: str, link: str) -> None: ...
|
||||
Reference in New Issue
Block a user