first commit

2026-03-23 15:56:18 +01:00
commit c5cc2efbac
106 changed files with 10254 additions and 0 deletions
--- a/backend/app/routes/auth.py
+++ b/backend/app/routes/auth.py
@@ -0,0 +1,80 @@
+from __future__ import annotations
+
+from flask import Blueprint, jsonify, request
+
+from app.services.auth import get_auth_service
+from app.utils.serialization import to_plain
+
+
+auth_blueprint = Blueprint("auth", __name__)
+service = get_auth_service()
+
+
+@auth_blueprint.get("/auth/status")
+def auth_status():
+    return jsonify(to_plain(service.status()))
+
+
+@auth_blueprint.post("/auth/login")
+def auth_login():
+    payload = request.get_json(silent=True) or {}
+    try:
+        status = service.login(payload.get("username", ""), payload.get("password", ""))
+        return jsonify(to_plain(status))
+    except ValueError as exc:
+        return jsonify({"detail": str(exc)}), 401
+
+
+@auth_blueprint.post("/auth/logout")
+def auth_logout():
+    return jsonify(to_plain(service.logout()))
+
+
+@auth_blueprint.get("/auth/users")
+def list_users():
+    try:
+        service.require_admin()
+        return jsonify(to_plain({"items": service.list_users()}))
+    except PermissionError as exc:
+        return jsonify({"detail": str(exc)}), 403
+
+
+@auth_blueprint.post("/auth/users")
+def create_user():
+    payload = request.get_json(silent=True) or {}
+    try:
+        service.require_admin()
+        user = service.create_user(
+            username=payload.get("username", ""),
+            password=payload.get("password", ""),
+            role=payload.get("role", "user"),
+            display_name=payload.get("display_name") or payload.get("username") or "",
+        )
+        return jsonify(to_plain({
+            "username": user.username,
+            "display_name": user.display_name,
+            "role": user.role,
+            "is_active": user.is_active,
+        }))
+    except PermissionError as exc:
+        return jsonify({"detail": str(exc)}), 403
+    except ValueError as exc:
+        return jsonify({"detail": str(exc)}), 400
+
+
+@auth_blueprint.post("/auth/users/<username>/reset-password")
+def reset_password(username: str):
+    payload = request.get_json(silent=True) or {}
+    try:
+        service.require_admin()
+        user = service.reset_password(username=username, new_password=payload.get("password", ""))
+        return jsonify(to_plain({
+            "username": user.username,
+            "display_name": user.display_name,
+            "role": user.role,
+            "is_active": user.is_active,
+        }))
+    except PermissionError as exc:
+        return jsonify({"detail": str(exc)}), 403
+    except ValueError as exc:
+        return jsonify({"detail": str(exc)}), 400