Phase 7: Auth & Security upgrade (JWT, 2FA, Login UI)

This commit is contained in:
Gan, Jimmy
2026-02-19 03:47:48 +08:00
parent f3db7d3654
commit 651bc0580e
12 changed files with 495 additions and 38 deletions
+7 -6
View File
@@ -5,16 +5,17 @@ import signal
import struct
import fcntl
import termios
from fastapi import WebSocket, WebSocketDisconnect
from fastapi import WebSocket, WebSocketDisconnect, Depends
import auth
async def ws_endpoint(ws: WebSocket):
# Block non-Tailscale IPs
client_ip = ws.client.host if ws.client else ""
async def ws_endpoint(websocket: WebSocket, user: str = Depends(auth.get_current_user_ws)):
# Block non-Tailscale IPs (Defense in depth)
client_ip = websocket.client.host if websocket.client else ""
if not client_ip.startswith("100."):
await ws.close(code=1008, reason="Tailscale only")
await websocket.close(code=1008, reason="Tailscale only")
return
await ws.accept()
master_fd, slave_fd = pty.openpty()
pid = os.fork()