forked from yvv/decision
Auth : mode prototype factice en prod + fix test DB manquante
ci/woodpecker/push/woodpecker Pipeline failed
ci/woodpecker/push/woodpecker Pipeline failed
- Login : panneau proto-mode en avant quand DEMO_MODE actif (profils API) masque le formulaire extension-required ; note trustWallet à venir - auth.ts : TODO trustWallet avec protocole postMessage prévu - routers/auth.py : TODO trustWallet au point de vérification signature - test_middleware : fixture _create_tables (autouse) — ASGITransport ne déclenche pas le lifespan, init_db() ne tournait pas → duniter_identities introuvable au verify ; 224/224 passent Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Yvv
@@ -132,7 +132,11 @@ async def verify_challenge(
|
||||
detail="Challenge invalide",
|
||||
)
|
||||
|
||||
# 4. Verify signature (bypass for demo profiles in dev/demo mode)
|
||||
# 4. Verify signature
|
||||
# TODO: trustWallet — déléguer la vérification au protocole trustWallet (librodrome)
|
||||
# Quand trustWallet sera disponible : remplacer le bloc ci-dessous par une vérification
|
||||
# du token signé fourni par trustWallet (JWT ou preuve Ed25519 via iframe postMessage).
|
||||
# Le bypass DEMO_MODE sera alors supprimé.
|
||||
_demo_addresses = {p["address"] for p in DEV_PROFILES}
|
||||
is_demo_bypass = (settings.DEMO_MODE or settings.ENVIRONMENT == "development") and payload.address in _demo_addresses
|
||||
|
||||
|
||||
@@ -14,8 +14,21 @@ from __future__ import annotations
|
||||
import pytest
|
||||
from httpx import ASGITransport, AsyncClient
|
||||
|
||||
import app.models # noqa: F401 — registers all models with Base.metadata before create_all
|
||||
from app.database import init_db
|
||||
from app.main import app
|
||||
|
||||
|
||||
@pytest.fixture(scope="module", autouse=True)
|
||||
async def _create_tables():
|
||||
"""Create DB tables once for this module.
|
||||
|
||||
ASGITransport does not trigger the FastAPI lifespan, so init_db() would
|
||||
never run. Tests that hit endpoints backed by the DB need the tables to
|
||||
exist beforehand.
|
||||
"""
|
||||
await init_db()
|
||||
|
||||
ORIGIN = "http://localhost:3002"
|
||||
CHALLENGE_URL = "/api/v1/auth/challenge"
|
||||
VERIFY_URL = "/api/v1/auth/verify"
|
||||
|
||||
@@ -100,6 +100,8 @@ const activeStepIndex = computed(() => {
|
||||
}
|
||||
})
|
||||
|
||||
const isProtoMode = computed(() => devProfiles.value.length > 0)
|
||||
|
||||
onMounted(() => {
|
||||
if (auth.isAuthenticated) {
|
||||
router.push('/')
|
||||
@@ -166,45 +168,50 @@ onMounted(() => {
|
||||
<span>Connecte. Redirection...</span>
|
||||
</div>
|
||||
|
||||
<!-- Button -->
|
||||
<button
|
||||
class="login-card__btn"
|
||||
:disabled="!address.trim() || step === 'success' || auth.loading"
|
||||
@click="handleLogin"
|
||||
>
|
||||
<UIcon v-if="auth.loading" name="i-lucide-loader-2" class="animate-spin" />
|
||||
<UIcon v-else name="i-lucide-log-in" />
|
||||
<span>{{ auth.loading ? 'Verification...' : 'Se connecter' }}</span>
|
||||
</button>
|
||||
|
||||
<!-- Dev Mode Panel -->
|
||||
<div v-if="devProfiles.length" class="dev-panel">
|
||||
<div class="dev-panel__header">
|
||||
<UIcon name="i-lucide-bug" />
|
||||
<span>Mode Dev — Connexion rapide</span>
|
||||
<!-- Mode prototype : profils démo -->
|
||||
<template v-if="isProtoMode">
|
||||
<div class="proto-panel">
|
||||
<div class="proto-panel__header">
|
||||
<UIcon name="i-lucide-flask-conical" />
|
||||
<span>Mode prototype — sélectionnez un profil</span>
|
||||
</div>
|
||||
<div class="proto-panel__profiles">
|
||||
<button
|
||||
v-for="p in devProfiles"
|
||||
:key="p.address"
|
||||
class="dev-profile"
|
||||
:disabled="devLoading || step === 'success'"
|
||||
@click="loginAsProfile(p)"
|
||||
>
|
||||
<div class="dev-profile__dot" :style="{ background: statusColor(p) }" />
|
||||
<div class="dev-profile__info">
|
||||
<span class="dev-profile__name">{{ p.display_name }}</span>
|
||||
<span class="dev-profile__status">{{ statusLabel(p) }}</span>
|
||||
</div>
|
||||
<span class="dev-profile__addr">{{ p.address.slice(0, 8) }}...</span>
|
||||
</button>
|
||||
</div>
|
||||
<p class="proto-panel__note">
|
||||
Authentification trustWallet à venir — intégration librodrome
|
||||
</p>
|
||||
</div>
|
||||
<div class="dev-panel__profiles">
|
||||
<button
|
||||
v-for="p in devProfiles"
|
||||
:key="p.address"
|
||||
class="dev-profile"
|
||||
:disabled="devLoading || step === 'success'"
|
||||
@click="loginAsProfile(p)"
|
||||
>
|
||||
<div class="dev-profile__dot" :style="{ background: statusColor(p) }" />
|
||||
<div class="dev-profile__info">
|
||||
<span class="dev-profile__name">{{ p.display_name }}</span>
|
||||
<span class="dev-profile__status">{{ statusLabel(p) }}</span>
|
||||
</div>
|
||||
<span class="dev-profile__addr">{{ p.address.slice(0, 8) }}...</span>
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
<!-- Note -->
|
||||
<p class="login-card__note">
|
||||
Aucun mot de passe. Authentification par signature cryptographique.
|
||||
</p>
|
||||
<!-- Mode production : formulaire + extension -->
|
||||
<template v-else>
|
||||
<button
|
||||
class="login-card__btn"
|
||||
:disabled="!address.trim() || step === 'success' || auth.loading"
|
||||
@click="handleLogin"
|
||||
>
|
||||
<UIcon v-if="auth.loading" name="i-lucide-loader-2" class="animate-spin" />
|
||||
<UIcon v-else name="i-lucide-log-in" />
|
||||
<span>{{ auth.loading ? 'Verification...' : 'Se connecter' }}</span>
|
||||
</button>
|
||||
<p class="login-card__note">
|
||||
Aucun mot de passe. Authentification par signature cryptographique.
|
||||
</p>
|
||||
</template>
|
||||
</div>
|
||||
</div>
|
||||
</template>
|
||||
@@ -453,32 +460,40 @@ onMounted(() => {
|
||||
cursor: not-allowed;
|
||||
}
|
||||
|
||||
/* Dev panel */
|
||||
.dev-panel {
|
||||
border: 2px dashed var(--mood-warning, #f59e0b);
|
||||
/* Proto panel */
|
||||
.proto-panel {
|
||||
border-radius: 16px;
|
||||
padding: 1rem;
|
||||
background: rgba(245, 158, 11, 0.04);
|
||||
background: var(--mood-accent-soft);
|
||||
box-shadow: 0 2px 12px var(--mood-shadow, rgba(0,0,0,0.06));
|
||||
}
|
||||
|
||||
.dev-panel__header {
|
||||
.proto-panel__header {
|
||||
display: flex;
|
||||
align-items: center;
|
||||
gap: 0.5rem;
|
||||
font-size: 0.8125rem;
|
||||
font-weight: 700;
|
||||
color: var(--mood-warning, #f59e0b);
|
||||
color: var(--mood-accent);
|
||||
margin-bottom: 0.75rem;
|
||||
text-transform: uppercase;
|
||||
letter-spacing: 0.04em;
|
||||
}
|
||||
|
||||
.dev-panel__profiles {
|
||||
.proto-panel__profiles {
|
||||
display: flex;
|
||||
flex-direction: column;
|
||||
gap: 0.5rem;
|
||||
}
|
||||
|
||||
.proto-panel__note {
|
||||
margin-top: 0.75rem;
|
||||
font-size: 0.75rem;
|
||||
color: var(--mood-text-muted);
|
||||
opacity: 0.7;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
.dev-profile {
|
||||
display: flex;
|
||||
align-items: center;
|
||||
|
||||
@@ -11,6 +11,9 @@
|
||||
*
|
||||
* The extension signs <Bytes>{challenge}</Bytes> to match the backend verifier.
|
||||
*/
|
||||
// TODO: trustWallet — remplacer par postMessage vers l'iframe trustWallet (librodrome)
|
||||
// Protocole prévu : window.postMessage({ type: 'LD_SIGN_REQUEST', address, challenge })
|
||||
// → trustWallet répond { type: 'LD_SIGN_RESPONSE', signature }
|
||||
async function _signWithExtension(address: string, challenge: string): Promise<string> {
|
||||
const { web3Enable, web3FromAddress } = await import('@polkadot/extension-dapp')
|
||||
const { stringToHex } = await import('@polkadot/util')
|
||||
|
||||
Reference in New Issue
Block a user