P1.1 — Implement real ai_router.chat_completion / stream_chat_completion using Ollama Cloud primary + OpenRouter fallback. Fixes AttributeError on /api/v1/chat and /api/v1/wallet-clusters. P1.2 — Fix broken RAG call paths: telegram bot now hits /api/v1/rag/v2/search then ai_router.chat_completion; unified_wallet_scanner._rag_enrich uses async httpx + correct path. Mount app.domains.databus.router. P1.3 — Implement setup_otel / shutdown_otel in core/tracing.py and create core/langfuse.py with init_langfuse / flush_langfuse as safe no-ops when SDK is missing or env vars unset. P1.4 — Fix Prometheus alert rule metric name drift: rmi_requests_total -> rmi_http_requests_total (matches metrics.py). P1.5 — Move dead admin_backend.py (1691 LOC) to app/domains/admin/router.py and mount it. Admin login endpoint now reachable. P2.1 — Rename app/domains/auth/__init__.py (507 LOC router file that broke mypy) -> app/domains/auth/router.py. Mount app.domains.auth.router so /register, /login, /wallet/*, /user/me, /2fa/*, OAuth, Telegram are live. P2.1b — Add pyotp + qrcode to requirements.txt so 2FA endpoints don't 503.
115 lines
No EOL
2.7 KiB
Python
115 lines
No EOL
2.7 KiB
Python
"""Auth domain - public API.
|
|
|
|
Phase 4 domain consolidation + Phase 2.1 structural fix:
|
|
``app/domains/auth/__init__.py`` was a 507-LOC router file that broke mypy
|
|
(source file found twice under different module names). The router now
|
|
lives in ``app/domains/auth/router.py`` and this package marker only
|
|
re-exports the public surface.
|
|
"""
|
|
from __future__ import annotations
|
|
|
|
from app.domains.auth.deps import (
|
|
get_current_user,
|
|
require_auth,
|
|
require_public_profile,
|
|
)
|
|
from app.domains.auth.jwt import (
|
|
JWT_ALGORITHM,
|
|
JWT_EXPIRY_DAYS,
|
|
JWT_SECRET,
|
|
_create_jwt,
|
|
_derive_user_id,
|
|
_verify_jwt,
|
|
generate_nonce,
|
|
)
|
|
from app.domains.auth.oauth import router as oauth_router
|
|
from app.domains.auth.passwords import hash_password, verify_password
|
|
from app.domains.auth.router import router
|
|
from app.domains.auth.schemas import (
|
|
EmailLoginRequest,
|
|
EmailRegisterRequest,
|
|
GoogleAuthResponse,
|
|
NonceResponse,
|
|
TelegramAuthRequest,
|
|
TwoFAEnableRequest,
|
|
TwoFALoginRequest,
|
|
TwoFASetupResponse,
|
|
TwoFAStatusResponse,
|
|
TwoFAVerifyRequest,
|
|
UserResponse,
|
|
WalletAuthResponse,
|
|
WalletNonceRequest,
|
|
WalletVerifyRequest,
|
|
)
|
|
from app.domains.auth.store import (
|
|
_delete_user,
|
|
_get_user,
|
|
_get_user_by_email,
|
|
_is_valid_email,
|
|
_save_user,
|
|
)
|
|
from app.domains.auth.totp import (
|
|
PYOTP_AVAILABLE,
|
|
TOTP_DIGITS,
|
|
TOTP_INTERVAL,
|
|
TOTP_ISSUER,
|
|
TOTP_WINDOW,
|
|
_build_totp,
|
|
_generate_backup_codes,
|
|
_generate_qr_base64,
|
|
_generate_totp_secret,
|
|
_get_totp_uri,
|
|
_hash_backup_code,
|
|
_verify_backup_code,
|
|
_verify_totp,
|
|
)
|
|
|
|
__all__ = [
|
|
"EmailLoginRequest",
|
|
"EmailRegisterRequest",
|
|
"GoogleAuthResponse",
|
|
"JWT_ALGORITHM",
|
|
"JWT_EXPIRY_DAYS",
|
|
"JWT_SECRET",
|
|
"NonceResponse",
|
|
"PYOTP_AVAILABLE",
|
|
"PERMISSIONS",
|
|
"TOTP_DIGITS",
|
|
"TOTP_INTERVAL",
|
|
"TOTP_ISSUER",
|
|
"TOTP_WINDOW",
|
|
"TelegramAuthRequest",
|
|
"TwoFAEnableRequest",
|
|
"TwoFALoginRequest",
|
|
"TwoFASetupResponse",
|
|
"TwoFAStatusResponse",
|
|
"TwoFAVerifyRequest",
|
|
"UserResponse",
|
|
"WalletAuthResponse",
|
|
"WalletNonceRequest",
|
|
"WalletVerifyRequest",
|
|
"_build_totp",
|
|
"_create_jwt",
|
|
"_delete_user",
|
|
"_derive_user_id",
|
|
"_generate_backup_codes",
|
|
"_generate_qr_base64",
|
|
"_generate_totp_secret",
|
|
"_get_totp_uri",
|
|
"_get_user",
|
|
"_get_user_by_email",
|
|
"_hash_backup_code",
|
|
"_is_valid_email",
|
|
"_save_user",
|
|
"_verify_backup_code",
|
|
"_verify_jwt",
|
|
"_verify_totp",
|
|
"generate_nonce",
|
|
"get_current_user",
|
|
"hash_password",
|
|
"oauth_router",
|
|
"require_auth",
|
|
"require_public_profile",
|
|
"router",
|
|
"verify_password",
|
|
] |