lundberg/porchlight
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
125 commits 1 branch 0 tags 566 KiB
Commit graph

125 commits

This branch
This branch
All branches
Author SHA1 Message Date
Johan Lundberg
2dfa3f3bff
test: add profile validation e2e tests and fix pre-existing failures 
Add 7 new e2e tests verifying profile form validation in both manage
and admin UIs: invalid phone number, phone normalization, E.164 hint
attributes, and admin-side email/phone/picture URL validation errors.

Fix 3 pre-existing test failures:
- Replace invalid seeded phone number (+1234567890) with valid E.164
  (+12025551234) that was causing profile update tests to fail
- Update email validation error assertion to match actual pydantic
  message (value_error type uses raw message, not label-prefixed)
 2026-03-16 10:00:46 +01:00
Johan Lundberg
752bf87b7c
style: apply ruff SIM108 ternary to validation error handling 2026-03-13 20:46:12 +01:00
Johan Lundberg
86deb56524
style: add E.164 format hint to phone number inputs 2026-03-13 20:44:30 +01:00
Johan Lundberg
7bfea306ab
refactor: use shared ProfileUpdate validation in admin routes 2026-03-13 20:43:52 +01:00
Johan Lundberg
5fd63d61ff
feat: wire ProfileUpdate validation into manage profile route 2026-03-10 15:36:47 +01:00
Johan Lundberg
3cbf7cda5f
test: add e2e tests for logout buttons in admin and manage nav bars 2026-03-10 10:50:44 +01:00
Johan Lundberg
b9bb848d5e
update .gitignore 2026-03-10 09:00:11 +01:00
Johan Lundberg
a52bb2eef7
chore: stop tracking data/keys/public_jwks.json 2026-02-20 15:44:18 +01:00
Johan Lundberg
db94294d6d
feat: add logout buttons to admin and manage navigation bars 2026-02-20 15:41:45 +01:00
Johan Lundberg
7c9e426bb8
feat: add ProfileUpdate pydantic model with email and phone validation 2026-02-20 15:21:28 +01:00
Johan Lundberg
428c17c4e3
build: add pydantic-extra-types[phonenumbers] dependency 2026-02-20 15:06:26 +01:00
Johan Lundberg
d696c91d95
docs: add profile validation implementation plan 2026-02-20 15:05:00 +01:00
Johan Lundberg
1dfd89c7c3
add Makefile 2026-02-20 15:04:04 +01:00
Johan Lundberg
a5198148a3
make output from cli commands easier to read 2026-02-20 15:03:45 +01:00
Johan Lundberg
dc84881c87
replace check.sh with Makefile 2026-02-20 15:03:20 +01:00
Johan Lundberg
a3d4ac1bfd
docs: add profile form validation design 2026-02-20 15:01:55 +01:00
Johan Lundberg
0435b81c5a
feat: add landing page at / with navigation links 
Route GET / to a landing page with the Porchlight logo, tagline,
and card-style navigation links to My Account and Administration.
 2026-02-19 15:38:09 +01:00
Johan Lundberg
cedf2a65e2
fix: add session_https_only to dev config and update README 2026-02-19 15:10:37 +01:00
Johan Lundberg
4242f1a40f
style: update logo and favicon with new pentagon house design 2026-02-19 15:03:31 +01:00
Johan Lundberg
befcef9395
fix: add CSRF token handling to admin tests after merge 
The CSRF middleware added to main after the admin-pages branch was
created caused all admin test POSTs/DELETEs to be rejected. Add
get_csrf_token() calls and X-CSRF-Token headers to login helpers and
all mutation requests, matching the pattern used by other tests.
 2026-02-19 15:02:51 +01:00
Johan Lundberg
33a61ecc2a
Merge branch 'feature/admin-pages' 
# Conflicts:
#	src/porchlight/app.py
 2026-02-19 14:36:48 +01:00
Johan Lundberg
34450aa38f
style: fix import sort order in app.py 2026-02-19 14:33:57 +01:00
Johan Lundberg
5a24a9c70b
test: add E2E tests for admin pages 2026-02-19 14:31:41 +01:00
Johan Lundberg
1054feb534
fix: reorder imports and use ty-compatible type suppression 2026-02-19 14:29:01 +01:00
Johan Lundberg
7ad794170d
feat: show admin link in manage nav for admin users 2026-02-19 14:20:57 +01:00
Johan Lundberg
f648422227
test: update all tests to include CSRF tokens 2026-02-19 14:19:47 +01:00
Johan Lundberg
186be17b97
test: add comprehensive unit tests for admin routes 2026-02-19 14:17:41 +01:00
Johan Lundberg
9e5773f52f
feat: add CSRF tokens to templates and JS fetch calls 2026-02-19 14:03:34 +01:00
Johan Lundberg
3975d5ce88
feat: add admin action routes (profile, groups, activate, credentials, invite, delete) 2026-02-19 13:47:36 +01:00
Johan Lundberg
d1f2b39cb6
feat: wire CSRF middleware and harden session cookie 2026-02-19 13:45:58 +01:00
Johan Lundberg
2b8d3e9800
feat: add admin user detail page with profile, groups, credentials, and actions 2026-02-19 13:44:14 +01:00
Johan Lundberg
b5ea9950a2
fix: use frozenset for SAFE_METHODS and extract SESSION_KEY constant 2026-02-19 13:42:18 +01:00
Johan Lundberg
6a9e32f74d
feat: add admin invite creation endpoint 2026-02-19 13:36:11 +01:00
Johan Lundberg
f93290d43e
feat: add CSRF middleware with synchronizer token pattern 2026-02-19 13:26:33 +01:00
Johan Lundberg
1a795914f9
feat: add admin user list page with search and pagination 2026-02-19 11:35:25 +01:00
Johan Lundberg
b1291c801e
docs: add CSRF protection implementation plan 2026-02-19 11:32:51 +01:00
Johan Lundberg
f2d669d705
feat: add admin base template and CSS styles 2026-02-19 11:30:35 +01:00
Johan Lundberg
94c14af8cc
docs: add CSRF protection design document 2026-02-19 11:29:19 +01:00
Johan Lundberg
dd1f85d8d3
feat: add admin router with admin group guard 2026-02-19 11:18:50 +01:00
Johan Lundberg
be35c17fa5
Merge branch 'feature/consent-screen' 2026-02-19 11:16:51 +01:00
Johan Lundberg
3b1c145e31
fix: add type annotation to approved_scopes for type checker 2026-02-19 11:16:01 +01:00
Johan Lundberg
b8464284c2
test: update existing tests to handle consent step 2026-02-19 11:13:11 +01:00
Johan Lundberg
078892a413
fix: validate consent action and add error check after re-parse 2026-02-19 11:09:14 +01:00
Johan Lundberg
7e9eeb1339
feat: add search_users and count_users to user repository 2026-02-19 11:00:47 +01:00
Johan Lundberg
5c4269fd6e
feat: add consent page template 2026-02-19 09:52:45 +01:00
Johan Lundberg
1d8fd91f68
feat: add consent check to authorization flow 2026-02-19 09:47:59 +01:00
Johan Lundberg
9ccc6c885f
feat: add Consent model, migration, and repository 2026-02-18 15:01:35 +01:00
Johan Lundberg
b22dabbbb0
Merge branch 'feature/profile-page' 2026-02-18 14:38:53 +01:00
Johan Lundberg
8a610a0cd6
feat: add self-service profile page with manage navigation 
Add /manage/profile page where authenticated users can view and edit
their OIDC profile fields (given_name, family_name, preferred_username,
email, phone_number, picture, locale).

- Create manage/base.html with tab-style nav for Profile/Credentials
- Update credentials.html to extend manage/base.html
- Add GET/POST routes with server-side validation
- Add input styling for tel and url input types
- Add profile test user with pre-filled data in setup_db.py
- Add 19 E2E tests covering structure, navigation, updates, validation
- All 76 E2E tests and 172 Python tests pass
 2026-02-18 14:35:17 +01:00
Johan Lundberg
16f3e039d9
docs: add consent screen design 2026-02-18 13:50:56 +01:00