pelmen/baton
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

auth: replace UUID-based login with JWT credential verification

Browse source 
Login now requires login/email + password verified against DB via
/api/auth/login. Only approved registrations can access the app.
Signal endpoint accepts JWT Bearer tokens alongside legacy api_key auth.
Old UUID-only registration flow removed from frontend.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Gros Frumos 2026-03-21 14:14:12 +02:00
parent 1adcabf3a6
commit 04f7bd79e2
8 changed files with 173 additions and 128 deletions
Download patch file Download diff file Expand all files Collapse all files

12
tests/test_models.py
View file

@ -123,14 +123,16 @@ def test_signal_request_no_geo():
assert req.geo is None
def test_signal_request_missing_user_id():
with pytest.raises(ValidationError):
SignalRequest(timestamp=1742478000000) # type: ignore[call-arg]
def test_signal_request_without_user_id():
"""user_id is optional (JWT auth sends signals without it)."""
req = SignalRequest(timestamp=1742478000000)
assert req.user_id is None
def test_signal_request_empty_user_id():
with pytest.raises(ValidationError):
SignalRequest(user_id="", timestamp=1742478000000)
"""Empty string user_id is accepted (treated as None at endpoint level)."""
req = SignalRequest(user_id="", timestamp=1742478000000)
assert req.user_id == ""
def test_signal_request_timestamp_zero():