Implementare completă a autentificării Bearer token:
- Creiez backend/auth.py: funcții JWT (create_access_token, get_current_user, get_current_admin)
- Modific /users/login: returnează TokenResponse cu JWT token și expirare 8h
- Adaug Depends(get_current_user) pe toate endpoint-urile API
- [M-02] user_id extras din JWT token, nu din request body
- [L-01] Token cu exp claim pentru sesiuni frontend
Acces endpoints-uri:
- GET/POST /users/: authenticated users
- POST /users/: admin only
- PUT /users/{id}, DELETE /users/{id}, /ldap-config, /test-ldap: admin only
- Toți routers (items, operations, categories): authenticated users minimum
Modificări dependențe:
- Adaug: python-jose[cryptography]>=3.3.0, slowapi>=0.1.9 (pentru H-02 rate limiting)
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
15 lines
284 B
Plaintext
15 lines
284 B
Plaintext
fastapi>=0.115.0
|
|
uvicorn[standard]>=0.30.0
|
|
sqlalchemy>=2.0.0
|
|
pydantic>=2.0.0
|
|
pydantic-settings>=2.0.0
|
|
google-genai>=0.1.0
|
|
anthropic>=0.40.0
|
|
python-dotenv>=1.0.0
|
|
Pillow>=10.0.0
|
|
python-multipart>=0.0.9
|
|
ldap3>=2.9.1
|
|
passlib[bcrypt]>=1.7.4
|
|
python-jose[cryptography]>=3.3.0
|
|
slowapi>=0.1.9
|