Scott.Idem/OSIT-AE-API-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5d91c059259b8ec3de5db5f08848396f111fbb3d
OSIT-AE-API-FastAPI/app/models/auth_models.py
Scott Idem dc7732ab5f feat(security): implement safe guest auth flow and harden request_jwt 
- Patched request_jwt to strip privileged IDs when signing with public keys
- Updated AccountContext and V3 dependencies to preserve JWT payloads for guests
- Whitelisted Archive, Post, Event, and other core objects for public read access
- Added 'default_qry_str' to Event searchable fields
- Added test_e2e_jwt_guest_auth.py for security verification
2026-01-20 14:56:56 -05:00

15 lines
433 B
Python
Raw Blame History

from typing import Optional
from pydantic import BaseModel
# Zero-dependency auth models for V3
# Created 2026-01-07 to resolve circular dependencies in FastAPI startup
class AccountContext(BaseModel):
account_id: Optional[int]
account_id_random: Optional[str]
administrator: bool = False
manager: bool = False
super: bool = False
auth_method: str = 'legacy_header'
token_payload: Optional[dict] = None
Reference in New Issue View Git Blame Copy Permalink