feat(connect): Phase 3 — cloud API routes for Xenia Connect
Adds four new routers, three schema files, and one new model.
All new endpoints use new URL prefixes — no existing routes touched.
routers/menu.py
GET /api/menu/{site_slug} — public menu snapshot (no auth)
POST /api/menu/sync — upsert snapshot (site API key)
routers/orders.py
POST /api/orders/{site_slug} — customer places order (public)
GET /api/orders/status/{public_ref} — customer tracks order (public)
GET /api/orders/pending/{site_id} — local backend polls (site key)
POST /api/orders/{id}/synced — mark synced (site key)
PATCH /api/orders/{id}/status — update status with transition
validation (site key)
routers/manager_auth.py
POST /api/manager/register — create manager account (admin JWT)
POST /api/manager/login — returns manager JWT
POST /api/manager/refresh — refreshes manager JWT
Shared _get_current_manager dependency used by remote_dashboard
routers/remote_dashboard.py
GET /api/remote/sites — manager JWT
GET /api/remote/sites/{id}/snapshot — manager JWT
GET /api/remote/sites/{id}/orders — manager JWT
GET /api/remote/sites/{id}/orders/pending — manager JWT
PATCH /api/remote/sites/{id}/orders/{oid}/status — manager JWT
POST /api/remote/snapshot — site API key
(stats push)
models/stats_snapshot.py (NEW)
stats_snapshots table — one row per site, holds serialized
operational stats; created by create_all on startup
config.py / .env.example
MANAGER_JWT_SECRET and MANAGER_JWT_EXPIRE_HOURS (default 72h)
added as separate settings from the admin SECRET_KEY
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
91
cloud_backend/routers/manager_auth.py
Normal file
91
cloud_backend/routers/manager_auth.py
Normal file
@@ -0,0 +1,91 @@
|
||||
from datetime import datetime, timedelta, timezone
|
||||
from fastapi import APIRouter, Depends, HTTPException, status
|
||||
from fastapi.security import OAuth2PasswordBearer
|
||||
from jose import jwt, JWTError
|
||||
from passlib.context import CryptContext
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from config import settings
|
||||
from database import get_db
|
||||
from models.manager_account import ManagerAccount
|
||||
from models.site import Site
|
||||
from auth_utils import get_current_admin
|
||||
from schemas.manager import (
|
||||
ManagerRegisterRequest, ManagerLoginRequest,
|
||||
ManagerTokenOut, ManagerOut,
|
||||
)
|
||||
|
||||
router = APIRouter()
|
||||
_pwd = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
||||
_manager_oauth2 = OAuth2PasswordBearer(tokenUrl="/api/manager/login")
|
||||
|
||||
ALGORITHM = "HS256"
|
||||
|
||||
|
||||
# ── Shared dependency: decode manager JWT ─────────────────────────────────────
|
||||
|
||||
def _get_current_manager(token: str = Depends(_manager_oauth2), db: Session = Depends(get_db)) -> ManagerAccount:
|
||||
try:
|
||||
payload = jwt.decode(token, settings.MANAGER_JWT_SECRET, algorithms=[ALGORITHM])
|
||||
manager_id = int(payload.get("sub", 0))
|
||||
except (JWTError, ValueError):
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token")
|
||||
|
||||
manager = db.query(ManagerAccount).filter(ManagerAccount.id == manager_id).first()
|
||||
if not manager or not manager.is_active:
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Manager not found or inactive")
|
||||
return manager
|
||||
|
||||
|
||||
def _create_manager_token(manager: ManagerAccount) -> str:
|
||||
site_ids = [s.id for s in manager.sites]
|
||||
payload = {
|
||||
"sub": str(manager.id),
|
||||
"email": manager.email,
|
||||
"site_ids": site_ids,
|
||||
"exp": datetime.now(timezone.utc) + timedelta(hours=settings.MANAGER_JWT_EXPIRE_HOURS),
|
||||
}
|
||||
return jwt.encode(payload, settings.MANAGER_JWT_SECRET, algorithm=ALGORITHM)
|
||||
|
||||
|
||||
# ── Admin-only: register a manager ───────────────────────────────────────────
|
||||
|
||||
@router.post("/register", response_model=ManagerOut, status_code=status.HTTP_201_CREATED)
|
||||
def register_manager(
|
||||
body: ManagerRegisterRequest,
|
||||
db: Session = Depends(get_db),
|
||||
_admin=Depends(get_current_admin),
|
||||
):
|
||||
if db.query(ManagerAccount).filter(ManagerAccount.email == body.email).first():
|
||||
raise HTTPException(status_code=status.HTTP_409_CONFLICT, detail="Email already registered")
|
||||
|
||||
sites = db.query(Site).filter(Site.id.in_(body.site_ids)).all()
|
||||
manager = ManagerAccount(
|
||||
email=body.email,
|
||||
password_hash=_pwd.hash(body.password),
|
||||
full_name=body.full_name,
|
||||
sites=sites,
|
||||
)
|
||||
db.add(manager)
|
||||
db.commit()
|
||||
db.refresh(manager)
|
||||
return manager
|
||||
|
||||
|
||||
# ── Public: manager login ─────────────────────────────────────────────────────
|
||||
|
||||
@router.post("/login", response_model=ManagerTokenOut)
|
||||
def login_manager(body: ManagerLoginRequest, db: Session = Depends(get_db)):
|
||||
manager = db.query(ManagerAccount).filter(ManagerAccount.email == body.email).first()
|
||||
if not manager or not _pwd.verify(body.password, manager.password_hash):
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials")
|
||||
if not manager.is_active:
|
||||
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Account disabled")
|
||||
return ManagerTokenOut(access_token=_create_manager_token(manager))
|
||||
|
||||
|
||||
# ── Public: refresh ───────────────────────────────────────────────────────────
|
||||
|
||||
@router.post("/refresh", response_model=ManagerTokenOut)
|
||||
def refresh_manager_token(manager: ManagerAccount = Depends(_get_current_manager)):
|
||||
return ManagerTokenOut(access_token=_create_manager_token(manager))
|
||||
Reference in New Issue
Block a user