feat(auth): account lifecycle — Google linking, passwords, suspension & deletion plumbing
- Link a Google account to a password account, and adopt the Google identity onto a matching email account instead of 500ing on a duplicate; set or change a password from Settings. - Expose has_google/has_password on /api/me for the Sign-in methods UI. - Mark Google logins email-verified (backfill existing rows, migration 0024); stop a routine login from clobbering an admin-assigned role (env ADMIN_EMAILS stays the bootstrap admin). - Suspension login-gates (password + Google callback + current_user) with a rate-limited 'suspended' notice; shared purge_user (cascade delete + access-request cleanup + Google-grant revoke) behind self- and admin-deletion; single app_base source for user-facing email links.
This commit is contained in:
parent
72cd8e6d65
commit
8c727dd99e
9 changed files with 507 additions and 43 deletions
|
|
@ -119,6 +119,14 @@ class Settings(BaseSettings):
|
|||
def admin_email_set(self) -> set[str]:
|
||||
return {e.strip().lower() for e in self.admin_emails.split(",") if e.strip()}
|
||||
|
||||
@property
|
||||
def app_base(self) -> str:
|
||||
"""Public origin of the deployed app, derived from the OAuth redirect URL
|
||||
(.../auth/callback). The single source for user-facing links (verification, reset,
|
||||
approval emails); dev and prod differ, so links must always come from config."""
|
||||
u = self.oauth_redirect_url
|
||||
return u.split("/auth/")[0] if "/auth/" in u else u.rstrip("/")
|
||||
|
||||
@property
|
||||
def session_https_only(self) -> bool:
|
||||
"""Mark the session cookie Secure when we're served over HTTPS. We treat an
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue