apac-ops-bot

History

SamoilenkoVadym 8c770dbfa9 Implement MSAL authentication system with JWT sessions Authentication Core: - Security utilities: JWT token creation, validation, hashing - AuthService: Azure AD token validation via Microsoft Graph API - User session management with access/refresh tokens - Token expiration handling (1 hour access, 7 days refresh) API Endpoints: - POST /api/v1/auth/login - Login with Azure AD MSAL token - POST /api/v1/auth/refresh - Refresh access token - POST /api/v1/auth/logout - Logout and invalidate session - GET /api/v1/auth/me - Get current user info - GET /api/v1/auth/health - Auth service health check Middleware: - get_current_user: Extract and validate user from Bearer token - get_current_active_user: Ensure user is active - get_current_admin_user: Require admin role - get_optional_user: Optional authentication Security Features: - JWT with HS256 signing - Token hashing with bcrypt for storage - Session validation with expiration checks - Microsoft Graph API integration for Azure AD validation - IP address and user agent tracking - Active session management Schemas: - LoginRequest/Response with tokens and user info - RefreshTokenRequest/Response - UserInfo for current user details - LogoutResponse Main App Updates: - Connected auth router to /api/v1/auth - All authentication endpoints now accessible Dependencies Added: - pyjwt for JWT handling - httpx for async HTTP requests to Microsoft Graph Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-27 14:33:28 +00:00
..
v1	Implement MSAL authentication system with JWT sessions	2026-01-27 14:33:28 +00:00
__init__.py	Add comprehensive backend test suite and Phase 1 foundation	2026-01-27 14:24:59 +00:00

SamoilenkoVadym 8c770dbfa9 Implement MSAL authentication system with JWT sessions

Authentication Core:
- Security utilities: JWT token creation, validation, hashing
- AuthService: Azure AD token validation via Microsoft Graph API
- User session management with access/refresh tokens
- Token expiration handling (1 hour access, 7 days refresh)

API Endpoints:
- POST /api/v1/auth/login - Login with Azure AD MSAL token
- POST /api/v1/auth/refresh - Refresh access token
- POST /api/v1/auth/logout - Logout and invalidate session
- GET /api/v1/auth/me - Get current user info
- GET /api/v1/auth/health - Auth service health check

Middleware:
- get_current_user: Extract and validate user from Bearer token
- get_current_active_user: Ensure user is active
- get_current_admin_user: Require admin role
- get_optional_user: Optional authentication

Security Features:
- JWT with HS256 signing
- Token hashing with bcrypt for storage
- Session validation with expiration checks
- Microsoft Graph API integration for Azure AD validation
- IP address and user agent tracking
- Active session management

Schemas:
- LoginRequest/Response with tokens and user info
- RefreshTokenRequest/Response
- UserInfo for current user details
- LogoutResponse

Main App Updates:
- Connected auth router to /api/v1/auth
- All authentication endpoints now accessible

Dependencies Added:
- pyjwt for JWT handling
- httpx for async HTTP requests to Microsoft Graph

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-01-27 14:33:28 +00:00

Implement MSAL authentication system with JWT sessions

2026-01-27 14:33:28 +00:00

__init__.py

Add comprehensive backend test suite and Phase 1 foundation

2026-01-27 14:24:59 +00:00