feat(connect): Phase 3 — cloud API routes for Xenia Connect
Adds four new routers, three schema files, and one new model.
All new endpoints use new URL prefixes — no existing routes touched.
routers/menu.py
GET /api/menu/{site_slug} — public menu snapshot (no auth)
POST /api/menu/sync — upsert snapshot (site API key)
routers/orders.py
POST /api/orders/{site_slug} — customer places order (public)
GET /api/orders/status/{public_ref} — customer tracks order (public)
GET /api/orders/pending/{site_id} — local backend polls (site key)
POST /api/orders/{id}/synced — mark synced (site key)
PATCH /api/orders/{id}/status — update status with transition
validation (site key)
routers/manager_auth.py
POST /api/manager/register — create manager account (admin JWT)
POST /api/manager/login — returns manager JWT
POST /api/manager/refresh — refreshes manager JWT
Shared _get_current_manager dependency used by remote_dashboard
routers/remote_dashboard.py
GET /api/remote/sites — manager JWT
GET /api/remote/sites/{id}/snapshot — manager JWT
GET /api/remote/sites/{id}/orders — manager JWT
GET /api/remote/sites/{id}/orders/pending — manager JWT
PATCH /api/remote/sites/{id}/orders/{oid}/status — manager JWT
POST /api/remote/snapshot — site API key
(stats push)
models/stats_snapshot.py (NEW)
stats_snapshots table — one row per site, holds serialized
operational stats; created by create_all on startup
config.py / .env.example
MANAGER_JWT_SECRET and MANAGER_JWT_EXPIRE_HOURS (default 72h)
added as separate settings from the admin SECRET_KEY
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
54
cloud_backend/routers/menu.py
Normal file
54
cloud_backend/routers/menu.py
Normal file
@@ -0,0 +1,54 @@
|
||||
from fastapi import APIRouter, Depends, HTTPException, Header, status
|
||||
from passlib.context import CryptContext
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from database import get_db
|
||||
from models.site import Site
|
||||
from models.menu_snapshot import MenuSnapshot
|
||||
from schemas.menu import MenuSyncRequest, MenuSyncResponse
|
||||
|
||||
router = APIRouter()
|
||||
_pwd = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
||||
|
||||
|
||||
def _require_site(
|
||||
x_site_id: str = Header(..., alias="X-Site-ID"),
|
||||
x_site_key: str = Header(..., alias="X-Site-Key"),
|
||||
db: Session = Depends(get_db),
|
||||
) -> Site:
|
||||
site = db.query(Site).filter(Site.site_id == x_site_id).first()
|
||||
if not site or not _pwd.verify(x_site_key, site.secret_key_hash):
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid site credentials")
|
||||
return site
|
||||
|
||||
|
||||
# ── Public ────────────────────────────────────────────────────────────────────
|
||||
|
||||
@router.get("/{site_slug}")
|
||||
def get_menu(site_slug: str, db: Session = Depends(get_db)):
|
||||
"""Return the latest menu snapshot for a site. Used by the public menu SPA."""
|
||||
site = db.query(Site).filter(Site.site_id == site_slug).first()
|
||||
if not site:
|
||||
raise HTTPException(status_code=404, detail="Site not found")
|
||||
|
||||
snapshot = db.query(MenuSnapshot).filter(MenuSnapshot.site_id == site.id).first()
|
||||
if not snapshot:
|
||||
raise HTTPException(status_code=404, detail="No menu published yet")
|
||||
|
||||
import json
|
||||
return json.loads(snapshot.snapshot_json)
|
||||
|
||||
|
||||
# ── Internal (site API key) ───────────────────────────────────────────────────
|
||||
|
||||
@router.post("/sync", response_model=MenuSyncResponse)
|
||||
def sync_menu(body: MenuSyncRequest, site: Site = Depends(_require_site), db: Session = Depends(get_db)):
|
||||
"""Upsert the menu snapshot for this site. Called by local_backend on each sync."""
|
||||
snapshot = db.query(MenuSnapshot).filter(MenuSnapshot.site_id == body.site_id).first()
|
||||
if snapshot:
|
||||
snapshot.snapshot_json = body.snapshot_json
|
||||
else:
|
||||
snapshot = MenuSnapshot(site_id=body.site_id, snapshot_json=body.snapshot_json)
|
||||
db.add(snapshot)
|
||||
db.commit()
|
||||
return MenuSyncResponse(ok=True)
|
||||
Reference in New Issue
Block a user