Merge dev to main: Security improvements and comprehensive test infrastructure #39

Merged
jimmy merged 195 commits from dev into main 2026-04-08 01:42:27 +08:00
Showing only changes of commit c5987b1b6b - Show all commits
+9 -4
View File
@@ -95,6 +95,8 @@ async def passkey_register_verify(request: Request, current_user=Depends(auth.ge
"sign_count": verification.sign_count,
"name": body.get("name", "Passkey"),
"created_at": time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime()),
"username": current_user.username,
"role": current_user.role,
}
)
return {"ok": True}
@@ -149,19 +151,22 @@ async def passkey_login_verify(request: Request, response: Response):
data["passkey_credentials"] = creds
auth._save_auth_data(data)
username = config.ADMIN_USER
# Use stored username and role from passkey credential
username = matched.get("username", config.ADMIN_USER)
role = matched.get("role", "admin")
access_token = auth.create_access_token(
data={"sub": username, "role": "admin"},
data={"sub": username, "role": role},
expires_delta=timedelta(minutes=config.ACCESS_TOKEN_EXPIRE_MINUTES),
)
refresh_token = auth.create_refresh_token(data={"sub": username, "role": "admin"})
refresh_token = auth.create_refresh_token(data={"sub": username, "role": role})
auth.set_auth_cookies(response, access_token, refresh_token)
return {
"access_token": access_token,
"refresh_token": refresh_token,
"token_type": "bearer",
"user": username,
"role": "admin",
"role": role,
}