Add web frontend with JWT auth, RBAC, SSE dashboard, and config editor

- FastAPI + htmx + Jinja2 web frontend, started with --web flag - JWT HS256 auth (WEB_SECRET_KEY) with httpOnly cookies; access (15 min) + refresh (7 day) tokens; refresh rotation + JTI revocation in data/web.db - RBAC: superadmin > admin > reader enforced per route - Live SSE dashboard fed by tui/events broadcast queue - Config editor: keyword groups and channel list saved to data/runtime_config.json and hot-reloaded in-process (scorer.reload_from_config, signal_channel_changed) - config.py migrated to load groups/channels from runtime_config.json; falls back to hardcoded defaults when file absent - tui/events.py: subscribe/unsubscribe broadcast, set_bot_context/signal_channel_changed - utils/scorer.py: import config as _config (fixes local binding); reload_from_config() - utils/database.py: count_by_severity, recent_for_domains, count_by_severity_for_domains - 53 new tests (events bus, JWT lifecycle, web DB CRUD, RBAC enforcement, config round-trip); total 141 passing
2026-04-02 11:41:46 -03:00
parent b28168c846
commit 4c104cddd2
32 changed files with 2093 additions and 47 deletions
--- a/utils/database.py
+++ b/utils/database.py
@@ -144,6 +144,51 @@ def by_severity(severity: str) -> list[sqlite3.Row]:
        """, (severity,)).fetchall()


+def recent_for_domains(patterns: list[str], limit: int = 100) -> list[sqlite3.Row]:
+    """Return recent hits whose `raw` field matches any of the given regex-like patterns."""
+    if not patterns:
+        return []
+    conditions = " OR ".join("raw LIKE ?" for _ in patterns)
+    args = [f"%{p.replace(r'\.','.').replace('@','').replace('^','').replace('$','')}%" for p in patterns]
+    args.append(limit)
+    with _connect() as conn:
+        return conn.execute(
+            f"SELECT * FROM hits WHERE ({conditions}) ORDER BY timestamp DESC LIMIT ?",
+            args,
+        ).fetchall()
+
+
+def count_by_severity_for_domains(patterns: list[str]) -> dict:
+    """Severity counts filtered to hits matching any of the given patterns."""
+    if not patterns:
+        return {"CRITICAL": 0, "HIGH": 0, "MEDIUM": 0, "LOW": 0}
+    conditions = " OR ".join("raw LIKE ?" for _ in patterns)
+    args = [f"%{p.replace(r'\.','.').replace('@','').replace('^','').replace('$','')}%" for p in patterns]
+    with _connect() as conn:
+        rows = conn.execute(
+            f"SELECT severity, COUNT(*) FROM hits WHERE ({conditions}) GROUP BY severity",
+            args,
+        ).fetchall()
+    counts = {"CRITICAL": 0, "HIGH": 0, "MEDIUM": 0, "LOW": 0}
+    for row in rows:
+        if row[0] in counts:
+            counts[row[0]] = row[1]
+    return counts
+
+
+def count_by_severity() -> dict:
+    """Overall severity counts (unique hits only)."""
+    with _connect() as conn:
+        rows = conn.execute(
+            "SELECT severity, COUNT(*) FROM hits WHERE seen_before=0 GROUP BY severity"
+        ).fetchall()
+    counts = {"CRITICAL": 0, "HIGH": 0, "MEDIUM": 0, "LOW": 0}
+    for row in rows:
+        if row[0] in counts:
+            counts[row[0]] = row[1]
+    return counts
+
+
 def stats() -> dict:
    """Return summary statistics."""
    with _connect() as conn: