5123c85397
Two tables (sessions, user_tokens) + migration; only token *hashes* are stored, so a DB leak yields no usable credential. Argon2id password hashing and token primitives in app/core/security. Config and .env.example gain session/cookie/token TTLs, app base URL, and SMTP settings (twelve-factor). Migration verified reversible (drops the token_purpose enum) and matches the models. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: Justin Paul <justin@jpaul.me>
32 lines
781 B
Python
32 lines
781 B
Python
"""Import every model so ``Base.metadata`` is complete for Alembic autogenerate
|
|
and for ``create_all`` in tests."""
|
|
|
|
from app.models.audit import AuditEntry
|
|
from app.models.auth import Session, UserToken
|
|
from app.models.base import Base
|
|
from app.models.event import Event
|
|
from app.models.person import Name, Person
|
|
from app.models.place import Place, PlaceName
|
|
from app.models.relationship import Relationship
|
|
from app.models.source import Citation, Source
|
|
from app.models.tree import Tree, TreeMembership
|
|
from app.models.user import User
|
|
|
|
__all__ = [
|
|
"Base",
|
|
"User",
|
|
"Tree",
|
|
"TreeMembership",
|
|
"Person",
|
|
"Name",
|
|
"Place",
|
|
"PlaceName",
|
|
"Relationship",
|
|
"Event",
|
|
"Source",
|
|
"Citation",
|
|
"AuditEntry",
|
|
"Session",
|
|
"UserToken",
|
|
]
|