- Introduce a new `auth` module with login, logout, and user verification endpoints for a single admin user. - Update backend routes to require admin authentication for sensitive operations, enhancing security. - Modify frontend components to include an authentication provider and gate, ensuring only authorized users can access the application. - Implement a login page for admin access, improving user experience and security management. - Update API request handling to redirect unauthorized users to the login page, ensuring proper access control.
49 lines
1.6 KiB
Python
49 lines
1.6 KiB
Python
"""Runtime settings for backend infrastructure.
|
|
|
|
Model provider credentials live in ``model_resources`` and are resolved per
|
|
assistant. Keep this module limited to process-level settings such as database,
|
|
CORS, server bind address, and WebRTC ICE/TURN configuration.
|
|
"""
|
|
|
|
import os
|
|
|
|
from dotenv import load_dotenv
|
|
|
|
load_dotenv()
|
|
|
|
|
|
def _split(value: str) -> list[str]:
|
|
return [item.strip() for item in value.split(",") if item.strip()]
|
|
|
|
|
|
# ---- Database ----
|
|
DATABASE_URL = os.getenv(
|
|
"DATABASE_URL",
|
|
"postgresql+asyncpg://postgres:postgres@localhost:5432/postgres",
|
|
)
|
|
|
|
# ---- Service ----
|
|
HOST = os.getenv("HOST", "0.0.0.0")
|
|
PORT = int(os.getenv("PORT", "8000"))
|
|
CORS_ORIGINS = _split(
|
|
os.getenv("CORS_ORIGINS", "http://localhost:3000,http://127.0.0.1:3000")
|
|
)
|
|
|
|
# ---- Admin auth ----
|
|
ADMIN_USERNAME = os.getenv("ADMIN_USERNAME", "admin")
|
|
ADMIN_PASSWORD = os.getenv("ADMIN_PASSWORD", "znjj189981$")
|
|
AUTH_SECRET_KEY = os.getenv("AUTH_SECRET_KEY", "dev-secret-change-me")
|
|
AUTH_COOKIE_NAME = os.getenv("AUTH_COOKIE_NAME", "ai_video_admin_token")
|
|
AUTH_TOKEN_EXPIRE_MINUTES = int(os.getenv("AUTH_TOKEN_EXPIRE_MINUTES", "1440"))
|
|
AUTH_COOKIE_SECURE = os.getenv("AUTH_COOKIE_SECURE", "false").lower() == "true"
|
|
AUTH_COOKIE_SAMESITE = os.getenv("AUTH_COOKIE_SAMESITE", "lax")
|
|
|
|
# ---- WebRTC TURN ----
|
|
# TURN_URLS example:
|
|
# turn:182.92.86.220:3478?transport=udp,turn:182.92.86.220:3478?transport=tcp
|
|
TURN_URLS = _split(os.getenv("TURN_URLS", ""))
|
|
TURN_SECRET = os.getenv("TURN_SECRET", "")
|
|
TURN_USERNAME = os.getenv("TURN_USERNAME", "")
|
|
TURN_PASSWORD = os.getenv("TURN_PASSWORD", "")
|
|
TURN_CREDENTIAL_TTL = int(os.getenv("TURN_CREDENTIAL_TTL", "86400"))
|