anti/stealergram
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add web frontend with JWT auth, RBAC, SSE dashboard, and config editor

Browse Source 
- FastAPI + htmx + Jinja2 web frontend, started with --web flag
- JWT HS256 auth (WEB_SECRET_KEY) with httpOnly cookies; access (15 min) +
  refresh (7 day) tokens; refresh rotation + JTI revocation in data/web.db
- RBAC: superadmin > admin > reader enforced per route
- Live SSE dashboard fed by tui/events broadcast queue
- Config editor: keyword groups and channel list saved to data/runtime_config.json
  and hot-reloaded in-process (scorer.reload_from_config, signal_channel_changed)
- config.py migrated to load groups/channels from runtime_config.json;
  falls back to hardcoded defaults when file absent
- tui/events.py: subscribe/unsubscribe broadcast, set_bot_context/signal_channel_changed
- utils/scorer.py: import config as _config (fixes local binding); reload_from_config()
- utils/database.py: count_by_severity, recent_for_domains, count_by_severity_for_domains
- 53 new tests (events bus, JWT lifecycle, web DB CRUD, RBAC enforcement,
  config round-trip); total 141 passing
This commit is contained in:
anti
2026-04-02 11:41:46 -03:00
parent b28168c846
commit 4c104cddd2
32 changed files with 2093 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
web/templates/base.html Normal file
View File

@@ -0,0 +1,32 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>{% block title %}ULPgrammer{% endblock %}</title>
<link rel="stylesheet" href="/static/style.css">
<script src="https://unpkg.com/htmx.org@1.9.12" defer></script>
<script src="https://unpkg.com/htmx.org@1.9.12/dist/ext/sse.js" defer></script>
</head>
<body>
{% if user is defined %}
<nav>
<a href="/dashboard" class="nav-brand">ULPgrammer</a>
<span class="nav-links">
<a href="/dashboard">Dashboard</a>
<a href="/config/keywords">Config</a>
{% if user.role == 'superadmin' %}
<a href="/users">Users</a>
{% endif %}
<form method="post" action="/logout" style="display:inline">
<button type="submit" class="btn-link">Logout ({{ user.username }})</button>
</form>
</span>
</nav>
{% endif %}
<main>
{% block content %}{% endblock %}
</main>
</body>
</html>