Phase 4: cloud backend — licensing, heartbeat, site management

- New cloud_backend/ FastAPI service on port 8001 (SQLite for dev, swappable to PostgreSQL) - Endpoints: sysadmin auth (JWT), site registration, lock/unlock, heartbeat (X-Site-ID + X-Site-Key headers) - Default sysadmin seeded on first startup from ADMIN_USERNAME/ADMIN_PASSWORD env vars - cloud_backend added to docker-compose.yml with persistent data volume at ./data/cloud/ - local_backend cloud_sync.py updated to use correct /api/heartbeat/ endpoint with header auth - local_backend config.py: added SITE_KEY setting - Smoke tested: login, register site, heartbeat, lock, unlock, list all pass
2026-04-20 19:05:14 +03:00
parent 10b44d9a1a
commit 9812a25198
20 changed files with 421 additions and 2 deletions
--- a/cloud_backend/main.py
+++ b/cloud_backend/main.py
@@ -0,0 +1,51 @@
+from contextlib import asynccontextmanager
+from fastapi import FastAPI
+from fastapi.middleware.cors import CORSMiddleware
+
+from config import settings
+from database import engine, Base
+from auth_utils import hash_password
+import models.admin  # noqa: F401
+import models.site   # noqa: F401
+
+from routers import auth, sites, heartbeat
+
+
+def _seed_default_admin():
+    from sqlalchemy.orm import Session
+    from models.admin import Admin
+
+    with Session(engine) as db:
+        if not db.query(Admin).filter(Admin.username == settings.ADMIN_USERNAME).first():
+            db.add(Admin(
+                username=settings.ADMIN_USERNAME,
+                password_hash=hash_password(settings.ADMIN_PASSWORD),
+                role="sysadmin",
+            ))
+            db.commit()
+
+
+@asynccontextmanager
+async def lifespan(app: FastAPI):
+    Base.metadata.create_all(bind=engine)
+    _seed_default_admin()
+    yield
+
+
+app = FastAPI(title="POS Cloud Backend", lifespan=lifespan)
+
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins=["*"],
+    allow_methods=["*"],
+    allow_headers=["*"],
+)
+
+app.include_router(auth.router,      prefix="/api/auth",      tags=["auth"])
+app.include_router(sites.router,     prefix="/api/sites",     tags=["sites"])
+app.include_router(heartbeat.router, prefix="/api/heartbeat", tags=["heartbeat"])
+
+
+@app.get("/health")
+def health():
+    return {"status": "ok"}