solventum-image-metadata

Oliver/solventum-image-metadata

Fork 0

Commit graph

Author	SHA1	Message	Date
SamoilenkoVadym	189cb3dab3	Add deployment script and configure reverse proxy with Azure SSO - Add deploy.sh for idempotent Docker deployments - Configure API_BASE for /solventum-image-metadata-back/ reverse proxy - Enable Azure AD SSO with public client flow (no secret required) - Remove hardcoded tester user for production security - Add ProxyFix middleware for reverse proxy header handling Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-06 16:37:19 +00:00
SamoilenkoVadym	acc071927e	Add Docker support with complete deployment setup Features: - Docker mode detection via DOCKER_MODE env var - Persistent volumes for uploads, database, and output - Health checks and auto-restart - Complete docker-compose.yml configuration - Helper script (docker-run.sh) for easy management - Comprehensive DOCKER.md documentation Changes: - web_app.py: Auto-detect Docker mode, use persistent dirs - src/database.py: Auto-detect database path based on environment - Dockerfile: Multi-stage build with all dependencies (ExifTool, Tesseract, Poppler, FFmpeg) - docker-compose.yml: Production-ready configuration - docker-run.sh: Management script (build, start, stop, logs, etc.) - DOCKER.md: Complete deployment and troubleshooting guide - README.md: Added Docker quick start section - .gitignore: Added Docker-related entries Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-26 13:07:15 +00:00
SamoilenkoVadym	e9784d7da8	Phase 4 Complete: Authentication, Database, and Microsoft SSO This commit implements a complete authentication system with local users, session management, and Microsoft SSO support for enterprise environments. New Files Created: - src/database.py: SQLite database management with users, sessions, audit_log - src/auth.py: Authentication module with login, SSO, and session management - templates/login.html: Modern login page with SSO button Database Schema: - users table: username, password_hash, email, full_name, auth_method - sessions table: session management with expiration - audit_log table: user activity tracking - Indexes for performance optimization Authentication Features: - Local authentication with test user (tester/oliveradmin) - Password hashing with Werkzeug - Session management with 24-hour expiration - @login_required decorator for route protection - Automatic session cleanup Microsoft SSO Integration: - MSAL library integration for Azure AD - OAuth2 authorization code flow - Microsoft Graph API user info retrieval - Automatic user creation/update from SSO - CSRF protection with state parameter - Graceful fallback when SSO not configured Security Improvements: - All routes protected with @login_required - Session-based authentication with database storage - IP address and user agent logging - Audit trail for user actions - Secure session token generation Configuration: - Environment variables for Azure AD (AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID) - SECRET_KEY for Flask session encryption - Optional MSAL dependency (SSO works only if configured) Dependencies Added: - Werkzeug>=3.0.0 for password hashing - msal>=1.20.0 for Microsoft SSO (optional) Test Credentials: - Username: tester - Password: oliveradmin Phase 4 Status: Complete Next Phase: Phase 5 (Modern UI Overhaul) for v3.1 release Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-01-25 15:57:47 +00:00

Author

SHA1

Message

Date

SamoilenkoVadym

189cb3dab3

Add deployment script and configure reverse proxy with Azure SSO

- Add deploy.sh for idempotent Docker deployments
- Configure API_BASE for /solventum-image-metadata-back/ reverse proxy
- Enable Azure AD SSO with public client flow (no secret required)
- Remove hardcoded tester user for production security
- Add ProxyFix middleware for reverse proxy header handling

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-06 16:37:19 +00:00

SamoilenkoVadym

acc071927e

Add Docker support with complete deployment setup

Features:
- Docker mode detection via DOCKER_MODE env var
- Persistent volumes for uploads, database, and output
- Health checks and auto-restart
- Complete docker-compose.yml configuration
- Helper script (docker-run.sh) for easy management
- Comprehensive DOCKER.md documentation

Changes:
- web_app.py: Auto-detect Docker mode, use persistent dirs
- src/database.py: Auto-detect database path based on environment
- Dockerfile: Multi-stage build with all dependencies (ExifTool, Tesseract, Poppler, FFmpeg)
- docker-compose.yml: Production-ready configuration
- docker-run.sh: Management script (build, start, stop, logs, etc.)
- DOCKER.md: Complete deployment and troubleshooting guide
- README.md: Added Docker quick start section
- .gitignore: Added Docker-related entries

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-01-26 13:07:15 +00:00

SamoilenkoVadym

e9784d7da8

Phase 4 Complete: Authentication, Database, and Microsoft SSO

This commit implements a complete authentication system with local users,
session management, and Microsoft SSO support for enterprise environments.

New Files Created:
- src/database.py: SQLite database management with users, sessions, audit_log
- src/auth.py: Authentication module with login, SSO, and session management
- templates/login.html: Modern login page with SSO button

Database Schema:
- users table: username, password_hash, email, full_name, auth_method
- sessions table: session management with expiration
- audit_log table: user activity tracking
- Indexes for performance optimization

Authentication Features:
- Local authentication with test user (tester/oliveradmin)
- Password hashing with Werkzeug
- Session management with 24-hour expiration
- @login_required decorator for route protection
- Automatic session cleanup

Microsoft SSO Integration:
- MSAL library integration for Azure AD
- OAuth2 authorization code flow
- Microsoft Graph API user info retrieval
- Automatic user creation/update from SSO
- CSRF protection with state parameter
- Graceful fallback when SSO not configured

Security Improvements:
- All routes protected with @login_required
- Session-based authentication with database storage
- IP address and user agent logging
- Audit trail for user actions
- Secure session token generation

Configuration:
- Environment variables for Azure AD (AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, AZURE_TENANT_ID)
- SECRET_KEY for Flask session encryption
- Optional MSAL dependency (SSO works only if configured)

Dependencies Added:
- Werkzeug>=3.0.0 for password hashing
- msal>=1.20.0 for Microsoft SSO (optional)

Test Credentials:
- Username: tester
- Password: oliveradmin

Phase 4 Status: Complete
Next Phase: Phase 5 (Modern UI Overhaul) for v3.1 release

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-01-25 15:57:47 +00:00

3 commits