tacit/nanochat
1
0
Fork 0
mirror of https://github.com/karpathy/nanochat.git synced 2026-05-07 16:30:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8eaa96ce02
nanochat/services/auth/README.md
Manmohan Sharma 4b4aca642a
feat(auth): OAuth2 + JWT auth service with Alembic migrations (#5 #7) 
- Alembic async migrations: users, conversations, messages, is_favorited
- FastAPI auth service: Google + GitHub OAuth, RS256 JWT, refresh cookie
- /auth/me, /auth/refresh, /auth/validate (service-to-service)
- rate limiting 10/min on OAuth routes, CORS locked to FRONTEND_URL

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-16 11:47:00 -07:00

1.3 KiB
Raw Blame History

samosaChaat Auth Service

FastAPI microservice providing OAuth2 login (Google + GitHub) and JWT session management for samosaChaat (Issue #5).

Endpoints

Method Path Purpose
GET /auth/google Redirect to Google consent
GET /auth/google/callback Complete Google flow, upsert user, issue tokens
GET /auth/github Redirect to GitHub consent
GET /auth/github/callback Complete GitHub flow, upsert user, issue tokens
POST /auth/refresh Exchange refresh cookie for new access token
GET /auth/me Current user profile (Bearer JWT)
PUT /auth/me Update name / avatar (Bearer JWT)
POST /auth/validate Internal JWT validation (service-to-service)
GET /auth/health Liveness probe

Environment

DATABASE_URL=postgresql+asyncpg://user:pass@host/db
GOOGLE_CLIENT_ID=...
GOOGLE_CLIENT_SECRET=...
GITHUB_CLIENT_ID=...
GITHUB_CLIENT_SECRET=...
JWT_PRIVATE_KEY=<RS256 PEM>
JWT_PUBLIC_KEY=<RS256 PEM>
FRONTEND_URL=http://localhost:3000
INTERNAL_API_KEY=<shared secret for /auth/validate>

Local development

uv sync
uv run uvicorn src.main:app --reload --port 8001
uv run pytest

Database schema is managed by Alembic at db/migrations:

DATABASE_URL=... uv run alembic -c db/alembic.ini upgrade head