mirror of
https://github.com/karpathy/nanochat.git
synced 2026-05-08 08:49:53 +00:00
4b4aca642a
- Alembic async migrations: users, conversations, messages, is_favorited - FastAPI auth service: Google + GitHub OAuth, RS256 JWT, refresh cookie - /auth/me, /auth/refresh, /auth/validate (service-to-service) - rate limiting 10/min on OAuth routes, CORS locked to FRONTEND_URL Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1.3 KiB
1.3 KiB
samosaChaat Auth Service
FastAPI microservice providing OAuth2 login (Google + GitHub) and JWT session management for samosaChaat (Issue #5).
Endpoints
| Method | Path | Purpose |
|---|---|---|
| GET | /auth/google |
Redirect to Google consent |
| GET | /auth/google/callback |
Complete Google flow, upsert user, issue tokens |
| GET | /auth/github |
Redirect to GitHub consent |
| GET | /auth/github/callback |
Complete GitHub flow, upsert user, issue tokens |
| POST | /auth/refresh |
Exchange refresh cookie for new access token |
| GET | /auth/me |
Current user profile (Bearer JWT) |
| PUT | /auth/me |
Update name / avatar (Bearer JWT) |
| POST | /auth/validate |
Internal JWT validation (service-to-service) |
| GET | /auth/health |
Liveness probe |
Environment
DATABASE_URL=postgresql+asyncpg://user:pass@host/db
GOOGLE_CLIENT_ID=...
GOOGLE_CLIENT_SECRET=...
GITHUB_CLIENT_ID=...
GITHUB_CLIENT_SECRET=...
JWT_PRIVATE_KEY=<RS256 PEM>
JWT_PUBLIC_KEY=<RS256 PEM>
FRONTEND_URL=http://localhost:3000
INTERNAL_API_KEY=<shared secret for /auth/validate>
Local development
uv sync
uv run uvicorn src.main:app --reload --port 8001
uv run pytest
Database schema is managed by Alembic at db/migrations:
DATABASE_URL=... uv run alembic -c db/alembic.ini upgrade head