restructure of dirs, huge docs update

2025-11-17 16:29:14 -06:00
parent 456e052389
commit cd840cb8ca
87 changed files with 2827 additions and 1094 deletions
--- a/app/web/auth/models.py
+++ b/app/web/auth/models.py
@@ -0,0 +1,107 @@
+"""
+User model for Flask-Login authentication.
+
+Simple single-user model that loads credentials from the settings table.
+"""
+
+from typing import Optional
+
+from flask_login import UserMixin
+from sqlalchemy.orm import Session
+
+from web.utils.settings import PasswordManager, SettingsManager
+
+
+class User(UserMixin):
+    """
+    User class for Flask-Login.
+
+    Represents the single application user. Credentials are stored in the
+    settings table (app_password key).
+    """
+
+    # Single user ID (always 1 for single-user app)
+    USER_ID = '1'
+
+    def __init__(self, user_id: str = USER_ID):
+        """
+        Initialize user.
+
+        Args:
+            user_id: User ID (always '1' for single-user app)
+        """
+        self.id = user_id
+
+    def get_id(self) -> str:
+        """
+        Get user ID for Flask-Login.
+
+        Returns:
+            User ID string
+        """
+        return self.id
+
+    @property
+    def is_authenticated(self) -> bool:
+        """User is always authenticated if instance exists."""
+        return True
+
+    @property
+    def is_active(self) -> bool:
+        """User is always active."""
+        return True
+
+    @property
+    def is_anonymous(self) -> bool:
+        """User is never anonymous."""
+        return False
+
+    @staticmethod
+    def get(user_id: str, db_session: Session = None) -> Optional['User']:
+        """
+        Get user by ID (Flask-Login user_loader).
+
+        Args:
+            user_id: User ID to load
+            db_session: Database session (unused - kept for compatibility)
+
+        Returns:
+            User instance if ID is valid, None otherwise
+        """
+        if user_id == User.USER_ID:
+            return User(user_id)
+        return None
+
+    @staticmethod
+    def authenticate(password: str, db_session: Session) -> Optional['User']:
+        """
+        Authenticate user with password.
+
+        Args:
+            password: Password to verify
+            db_session: Database session for accessing settings
+
+        Returns:
+            User instance if password is correct, None otherwise
+        """
+        settings_manager = SettingsManager(db_session)
+
+        if PasswordManager.verify_app_password(settings_manager, password):
+            return User(User.USER_ID)
+
+        return None
+
+    @staticmethod
+    def has_password_set(db_session: Session) -> bool:
+        """
+        Check if application password is set.
+
+        Args:
+            db_session: Database session for accessing settings
+
+        Returns:
+            True if password is set, False otherwise
+        """
+        settings_manager = SettingsManager(db_session)
+        stored_hash = settings_manager.get('app_password', decrypt=False)
+        return bool(stored_hash)