Add web frontend with JWT auth, RBAC, SSE dashboard, and config editor
- FastAPI + htmx + Jinja2 web frontend, started with --web flag - JWT HS256 auth (WEB_SECRET_KEY) with httpOnly cookies; access (15 min) + refresh (7 day) tokens; refresh rotation + JTI revocation in data/web.db - RBAC: superadmin > admin > reader enforced per route - Live SSE dashboard fed by tui/events broadcast queue - Config editor: keyword groups and channel list saved to data/runtime_config.json and hot-reloaded in-process (scorer.reload_from_config, signal_channel_changed) - config.py migrated to load groups/channels from runtime_config.json; falls back to hardcoded defaults when file absent - tui/events.py: subscribe/unsubscribe broadcast, set_bot_context/signal_channel_changed - utils/scorer.py: import config as _config (fixes local binding); reload_from_config() - utils/database.py: count_by_severity, recent_for_domains, count_by_severity_for_domains - 53 new tests (events bus, JWT lifecycle, web DB CRUD, RBAC enforcement, config round-trip); total 141 passing
This commit is contained in:
64
web/models.py
Normal file
64
web/models.py
Normal file
@@ -0,0 +1,64 @@
|
||||
"""
|
||||
web/models.py — Pydantic request/response schemas.
|
||||
"""
|
||||
|
||||
import re
|
||||
from typing import Literal
|
||||
|
||||
from pydantic import BaseModel, field_validator
|
||||
|
||||
|
||||
# ─── Auth ─────────────────────────────────────────────────────────────────────
|
||||
|
||||
class LoginRequest(BaseModel):
|
||||
username: str
|
||||
password: str
|
||||
|
||||
|
||||
# ─── Keyword groups ───────────────────────────────────────────────────────────
|
||||
|
||||
class PatternEntry(BaseModel):
|
||||
regex: str
|
||||
label: str
|
||||
|
||||
@field_validator("regex")
|
||||
@classmethod
|
||||
def regex_must_compile(cls, v: str) -> str:
|
||||
try:
|
||||
re.compile(v, re.IGNORECASE)
|
||||
except re.error as e:
|
||||
raise ValueError(f"Invalid regex: {e}") from e
|
||||
return v
|
||||
|
||||
|
||||
class KeywordGroup(BaseModel):
|
||||
id: str
|
||||
name: str
|
||||
patterns: list[PatternEntry]
|
||||
|
||||
|
||||
class KeywordGroupsPayload(BaseModel):
|
||||
groups: list[KeywordGroup]
|
||||
|
||||
|
||||
# ─── Channels ─────────────────────────────────────────────────────────────────
|
||||
|
||||
class ChannelsPayload(BaseModel):
|
||||
channels: list[str | int]
|
||||
|
||||
|
||||
# ─── Users ───────────────────────────────────────────────────────────────────
|
||||
|
||||
Role = Literal["superadmin", "admin", "reader"]
|
||||
|
||||
|
||||
class CreateUserRequest(BaseModel):
|
||||
username: str
|
||||
password: str
|
||||
role: Role
|
||||
|
||||
|
||||
class UpdateUserRequest(BaseModel):
|
||||
password: str | None = None
|
||||
role: Role | None = None
|
||||
is_active: bool | None = None
|
||||
Reference in New Issue
Block a user