root
ef72e221be
Implemented a comprehensive authentication system requiring all users to be logged in to access the web interface. Features include: Backend: - JWT-based authentication with 7-day token expiration - bcrypt password hashing with 72-byte limit handling - User management with JSON file storage (config/users.json) - Pydantic models for validation (UserCreate, UserLogin, User, Token) - Authentication endpoints: register, login, me, logout - Protected route dependency with HTTPBearer security Frontend: - Login/register page with dual-tab interface (/login) - Client-side authentication check with automatic redirect - All content hidden by default, shown only after auth validation - User info display with logout button - Main content and tabs hidden when not authenticated - Auto-redirect to /login if token missing or invalid Security: - Password truncation to 72 bytes (bcrypt limitation) - Token verification on each page load - Automatic logout and redirect on token expiry - Username-to-SHA256 user ID generation Dependencies: - passlib[bcrypt]==1.7.4 - python-jose[cryptography]==3.3.0 - bcrypt<4.0 Generated with [Claude Code](https://claude.com/claude-code) via [Happy](https://happy.engineering) Co-Authored-By: Claude <noreply@anthropic.com> Co-Authored-By: Happy <yesreply@happy.engineering>
26 lines
465 B
Plaintext
26 lines
465 B
Plaintext
# Core dependencies
|
|
fastapi==0.115.6
|
|
uvicorn[standard]==0.32.1
|
|
python-multipart==0.0.20
|
|
aiofiles==24.1.0
|
|
pydantic==2.10.4
|
|
pydantic-settings==2.7.1
|
|
httpx==0.28.1
|
|
aiohttp==3.11.11
|
|
beautifulsoup4==4.12.3
|
|
lxml==5.3.0
|
|
jieba==0.42.1
|
|
|
|
# Testing dependencies
|
|
pytest==8.3.4
|
|
pytest-asyncio==0.24.0
|
|
pytest-cov==6.0.0
|
|
pytest-mock==3.14.0
|
|
pytest-timeout==2.3.1
|
|
pytest-html==4.1.1
|
|
|
|
# Authentication dependencies
|
|
passlib[bcrypt]==1.7.4
|
|
python-jose[cryptography]==3.3.0
|
|
bcrypt<4.0
|