rohskiddo/UMBRA
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
UMBRA/backend/app/models
History
Kyle Pope bcfebbc9ae feat(backend): Phase 1 passwordless login — migration, models, toggle endpoints, unlock, delete guard, admin controls 
- Migration 062: adds users.passwordless_enabled and system_config.allow_passwordless (both default false)
- User model: passwordless_enabled field after must_change_password
- SystemConfig model: allow_passwordless field after enforce_mfa_new_users
- auth.py login(): block passwordless-enabled accounts from password login path (403) with audit log
- auth.py auth_status(): change has_passkeys query to full COUNT, add passkey_count + passwordless_enabled to response
- auth.py get_current_user(): add /api/auth/passkeys/login/begin and /login/complete to lock_exempt set
- passkeys.py: add PasswordlessEnableRequest + PasswordlessDisableRequest schemas
- passkeys.py: PUT /passwordless/enable — verify password, check system config, require >= 2 passkeys, set flag
- passkeys.py: POST /passwordless/disable/begin — generate user-bound challenge for passkey auth ceremony
- passkeys.py: PUT /passwordless/disable — verify passkey auth response, clear flag, update sign count
- passkeys.py: PasskeyLoginCompleteRequest.unlock field — passkey re-auth into locked session without new session
- passkeys.py: delete guard — 409 if passwordless user attempts to drop below 2 passkeys
- schemas/admin.py: add passwordless_enabled to UserListItem + UserDetailResponse; add allow_passwordless to SystemConfigResponse + SystemConfigUpdate; add TogglePasswordlessRequest
- admin.py: PUT /users/{user_id}/passwordless — admin-only disable (enabled=False only), revokes all sessions, audit log
- admin.py: update_system_config handles allow_passwordless field

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-18 00:15:39 +08:00
..
__init__.py
Phase 1: Add passkey (WebAuthn/FIDO2) backend
2026-03-17 22:46:00 +08:00
audit_log.py
Fix QA review findings: C-01 through C-04, W-01 through W-07, S-01/S-04/S-05/S-06
2026-02-26 19:19:04 +08:00
backup_code.py
Implement Stage 6 Track B: TOTP MFA (pyotp, Fernet-encrypted secrets, backup codes)
2026-02-25 04:18:05 +08:00
calendar_event.py
Phase 1: Schema and models for shared calendars
2026-03-06 03:22:44 +08:00
calendar_member.py
Fix remaining QA warnings: lazy=raise on CalendarMember + bidirectional connection check
2026-03-06 23:45:10 +08:00
calendar.py
Phase 1: Schema and models for shared calendars
2026-03-06 03:22:44 +08:00
connection_request.py
Add umbral name header, preferred name field, and link button for contacts
2026-03-04 08:37:01 +08:00
event_invitation.py
Add per-invitee can_modify toggle for event edit access
2026-03-17 00:59:36 +08:00
event_lock.py
Phase 1: Schema and models for shared calendars
2026-03-06 03:22:44 +08:00
event_template.py
Fix QA review #2: W-03/W-04, S-01 through S-04
2026-02-27 05:41:16 +08:00
location.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
notification.py
Add project notification types to CHECK constraint (migration 060)
2026-03-17 03:54:54 +08:00
ntfy_sent.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
passkey_credential.py
Phase 1: Add passkey (WebAuthn/FIDO2) backend
2026-03-17 22:46:00 +08:00
person.py
Add user connections, notification centre, and people integration
2026-03-04 02:10:16 +08:00
project_member.py
Add collaborative project sharing, task assignments, and delta polling
2026-03-17 03:18:35 +08:00
project_task_assignment.py
Add collaborative project sharing, task assignments, and delta polling
2026-03-17 03:18:35 +08:00
project_task.py
Fix task/project deletion broken by lazy='raise' on cascade relationships
2026-03-17 07:51:26 +08:00
project.py
Fix task/project deletion broken by lazy='raise' on cascade relationships
2026-03-17 07:51:26 +08:00
reminder.py
Implement multi-user RBAC: database, auth, routing, admin API (Phases 1-6)
2026-02-26 19:06:25 +08:00
session.py
Fix lock screen bypass, theme flicker, skeleton flash, and sidebar click target
2026-03-12 19:00:55 +08:00
settings.py
Fix notification background polling, add first/last name sharing
2026-03-04 07:34:13 +08:00
system_config.py
feat(backend): Phase 1 passwordless login — migration, models, toggle endpoints, unlock, delete guard, admin controls
2026-03-18 00:15:39 +08:00
task_comment.py
Add collaborative project sharing, task assignments, and delta polling
2026-03-17 03:18:35 +08:00
todo.py
Add admin delete-user with full cascade cleanup
2026-02-27 19:20:47 +08:00
totp_usage.py
Implement Stage 6 Track B: TOTP MFA (pyotp, Fernet-encrypted secrets, backup codes)
2026-02-25 04:18:05 +08:00
user_connection.py
Add user connections, notification centre, and people integration
2026-03-04 02:10:16 +08:00
user.py
feat(backend): Phase 1 passwordless login — migration, models, toggle endpoints, unlock, delete guard, admin controls
2026-03-18 00:15:39 +08:00