agatha
5fbbc1e67f
Protects image upload, delete, and tag-update endpoints behind Bearer token auth. Public read endpoints remain open. Angular SPA gains a login page, auth interceptor, and route guard for /upload. - JWTAuthProvider (HS256, sub/iat/exp, secrets.compare_digest) - POST /api/v1/auth/token login endpoint - require_auth FastAPI dependency on all write routes - AuthService, LoginComponent, authInterceptor, authGuard - Detail page hides write controls for unauthenticated visitors - 43 unit tests passing; integration tests require Docker stack Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
26 lines
659 B
Python
26 lines
659 B
Python
from functools import lru_cache
|
|
|
|
from pydantic_settings import BaseSettings, SettingsConfigDict
|
|
|
|
|
|
class Settings(BaseSettings):
|
|
model_config = SettingsConfigDict(env_file=".env", env_file_encoding="utf-8", extra="ignore")
|
|
|
|
database_url: str
|
|
s3_endpoint_url: str
|
|
s3_bucket_name: str
|
|
s3_access_key_id: str
|
|
s3_secret_access_key: str
|
|
s3_region: str = "us-east-1"
|
|
api_base_url: str = "http://localhost:8000"
|
|
max_upload_bytes: int = 52_428_800 # 50 MiB
|
|
jwt_secret_key: str
|
|
jwt_expiry_seconds: int = 86400
|
|
owner_username: str
|
|
owner_password: str
|
|
|
|
|
|
@lru_cache
|
|
def get_settings() -> Settings:
|
|
return Settings()
|