Scott.Idem/OSIT-AE-API-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,129 Commits 4 Branches 0 Tags
45ca81a3e366a6ac9074c342716d49c79734eff8
Commit Graph

32 Commits

Author SHA1 Message Date
Scott Idem
45ca81a3e3 Removing debugging. Changing it to INFO in many locations. 2026-01-20 19:23:30 -05:00
Scott Idem
43ac62b561 feat(auth): consolidate and secure V3 authentication flow 
- Re-apply safe guest auth and passcode-to-JWT endpoint
- Consolidate AccountContext with token_payload and role flags
- Restore documentation for new guest flows and public read whitelists
- Fix 403 error in get_obj_li by allowing optional account context
 2026-01-20 18:42:43 -05:00
Scott Idem
d4e46a4a97 feat(auth): implement site-based passcode-to-JWT endpoint 
- Add POST /api/authenticate_passcode to verify site access codes
- Refactor sign_jwt to support arbitrary role flags (super, admin, etc.)
- Update dependencies_v3 to extract role flags from JWT payloads
- Add E2E test for passcode auth verification
 2026-01-20 17:51:54 -05:00
Scott Idem
dc7732ab5f feat(security): implement safe guest auth flow and harden request_jwt 
- Patched request_jwt to strip privileged IDs when signing with public keys
- Updated AccountContext and V3 dependencies to preserve JWT payloads for guests
- Whitelisted Archive, Post, Event, and other core objects for public read access
- Added 'default_qry_str' to Event searchable fields
- Added test_e2e_jwt_guest_auth.py for security verification
 2026-01-20 14:56:56 -05:00
Scott Idem
19a9890dd9 Better bug fix for working SQL test. 2026-01-13 14:21:56 -05:00
Scott Idem
ed3dda6cf5 Bug fixes for SQL testing 2026-01-13 13:57:18 -05:00
Scott Idem
0e41205472 Cleaned up the aud field. We think this part is correct finally. 2025-12-03 15:48:57 -05:00
Scott Idem
3394ebcdad Again... 2025-12-03 15:40:06 -05:00
Scott Idem
36ae9c5035 We think it might work now... Gemini thinks the aud may have been set incorrectly. Not matching the actual Jitsi server. 2025-12-03 15:38:14 -05:00
Scott Idem
c5d25b5717 More work on the Jitsi JWT 2025-12-03 15:25:30 -05:00
Scott Idem
e40b01d276 Another quick bug fix. 2025-12-02 18:50:50 -05:00
Scott Idem
38455d4549 Bug fix!!! 2025-12-02 18:46:19 -05:00
Scott Idem
5535b1af34 Try try again... Jitsi JWT.... 2025-12-02 18:36:56 -05:00
Scott Idem
412277b3a7 Another update. Still not working right though... 2025-12-02 18:15:07 -05:00
Scott Idem
ac41aec71c Changed settings to features 2025-12-02 17:41:34 -05:00
Scott Idem
1a315483eb Jitsi JWT settings trying again. 2025-12-02 17:17:19 -05:00
Scott Idem
8891a51c2e Work on Jitsi JWT 2025-12-02 17:08:16 -05:00
Scott Idem
ef9042fe20 New Jitsi tokens 2025-09-19 18:13:09 -04:00
Scott Idem
f4eda34035 Saving current progress with change from using Query() to Path() 2024-04-26 14:51:11 -04:00
Scott Idem
b37f14d25c Slow but steady progress to update all end points... 2024-04-26 14:17:46 -04:00
Scott Idem
cff165d9d9 Work on websockets end points and management 2023-03-30 19:27:39 -04:00
Scott Idem
8a92ffb6ba General code clean up. 2021-08-23 12:55:35 -04:00
Scott Idem
67b8435e08 Work on API tokens 2021-08-20 14:34:02 -04:00
Scott Idem
cfd85435f2 Finally returning correct HTTP status codes 2021-08-10 19:06:40 -04:00
Scott Idem
d933395a9f A lot of code clean up! Also adding in Response everywhere... 2021-08-10 18:09:34 -04:00
Scott Idem
790dc2961b Work on API keys and tokens clean up 2021-07-14 17:16:34 -04:00
Scott Idem
6bb2d7f761 Work on API keys and tokens 2021-07-14 17:12:20 -04:00
Scott Idem
ea254c584f Working on membership still... 2021-06-24 14:17:29 -04:00
Scott Idem
0dc50e4509 Work on file uploads and listing event files. 2021-06-15 18:05:56 -04:00
Scott Idem
443d2bab77 A lot of general clean up of everything. 2021-05-28 03:52:31 -04:00
Scott Idem
09c7b48223 General clean up of models and methods. 2021-05-28 01:40:18 -04:00
Scott Idem
46c562871f Working finally getting this to interact with the actual front end. 2021-03-11 18:19:25 -05:00