k3nny/TISbackup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): install all authentication providers by default
Some checks are pending
lint / docker (push) Waiting to run
Details

Browse Source 
All authentication methods (Basic Auth, Flask-Login, OAuth) are now
installed as core dependencies instead of optional extras. This
simplifies setup and eliminates the need to run `uv sync --extra auth-*`
when switching between authentication methods.

Changes:
- Move authlib, bcrypt, and flask-login to core dependencies
- Remove auth-* optional dependency groups from pyproject.toml
- Update documentation to remove installation instructions
- Simplify troubleshooting and migration guides

Benefits:
- No import errors when switching auth methods
- Simpler user experience
- All providers available out of the box

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
k3nny 2025-10-05 21:17:30 +02:00
parent 12f35934a9
commit 38a0d788d4
4 changed files with 18 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
AUTHENTICATION.md
View File

@ -23,23 +23,7 @@ password = $2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewY5GyYWv.5qVQK6
use_bcrypt = True use_bcrypt = True
``` ```
### 2. Install Dependencies ### 2. Restart TISBackup
```bash
# For Basic Auth
uv sync --extra auth-basic
# For Flask-Login
uv sync --extra auth-login
# For OAuth
uv sync --extra auth-oauth
# For all auth methods
uv sync --extra auth-all
```
### 3. Restart TISBackup
```bash ```bash
docker compose restart tisbackup_gui docker compose restart tisbackup_gui
@ -332,12 +316,7 @@ docker logs tisbackup_gui | grep -i "auth"
### Basic Auth Not Working ### Basic Auth Not Working
1. **Check bcrypt installation:** 1. **Verify password hash:**
```bash
uv sync --extra auth-basic
```
2. **Verify password hash:**
```bash ```bash
python3 -c "import bcrypt; print(bcrypt.checkpw(b'yourpassword', b'$2b$12$your-hash'))" python3 -c "import bcrypt; print(bcrypt.checkpw(b'yourpassword', b'$2b$12$your-hash'))"
``` ```
@ -354,12 +333,7 @@ docker logs tisbackup_gui | grep -i "auth"
chmod 600 /etc/tis/users.txt chmod 600 /etc/tis/users.txt
``` ```
2. **Module not found:** 2. **Session problems:**
```bash
uv sync --extra auth-login
```
3. **Session problems:**
- Check `TISBACKUP_SECRET_KEY` is set - Check `TISBACKUP_SECRET_KEY` is set
- Ensure cookies are enabled - Ensure cookies are enabled
@ -373,12 +347,7 @@ docker logs tisbackup_gui | grep -i "auth"
- Verify email matches `authorized_users` or domain matches `authorized_domains` - Verify email matches `authorized_users` or domain matches `authorized_domains`
- Check OAuth provider returns email in user info - Check OAuth provider returns email in user info
3. **Module not found:** 3. **Token errors:**
```bash
uv sync --extra auth-oauth
```
4. **Token errors:**
- Verify client ID and secret are correct - Verify client ID and secret are correct
- Check OAuth app is enabled - Check OAuth app is enabled
- Ensure scopes are correct - Ensure scopes are correct
@ -415,17 +384,15 @@ Or implement API key authentication separately for API endpoints.
### From No Auth to Basic Auth ### From No Auth to Basic Auth
1. Add authentication section to config 1. Add authentication section to config
2. Install bcrypt: `uv sync --extra auth-basic` 2. Restart service
3. Restart service 3. Update client scripts with credentials
4. Update client scripts with credentials
### From Basic Auth to OAuth ### From Basic Auth to OAuth
1. Register OAuth application 1. Register OAuth application
2. Update configuration 2. Update configuration
3. Install dependencies: `uv sync --extra auth-oauth` 3. Test OAuth login flow
4. Test OAuth login flow 4. Update redirect URI if needed
5. Update redirect URI if needed
### From Flask-Login to OAuth ### From Flask-Login to OAuth

15
libtisbackup/auth/README.md
View File

@ -61,11 +61,6 @@ auth = get_auth_provider("basic", {
}) })
``` ```
**Required dependencies:**
```bash
uv sync --extra auth-basic
```
**Features:** **Features:**
- HTTP Basic Authentication - HTTP Basic Authentication
- bcrypt password hashing - bcrypt password hashing
@ -81,11 +76,6 @@ auth = get_auth_provider("flask-login", {
}) })
``` ```
**Required dependencies:**
```bash
uv sync --extra auth-login
```
**Features:** **Features:**
- Session-based authentication - Session-based authentication
- Multiple users support - Multiple users support
@ -111,11 +101,6 @@ auth = get_auth_provider("oauth", {
}) })
``` ```
**Required dependencies:**
```bash
uv sync --extra auth-oauth
```
**Features:** **Features:**
- OAuth2 authentication - OAuth2 authentication
- Google, GitHub, GitLab support - Google, GitHub, GitLab support

9
pyproject.toml
View File

@ -4,7 +4,10 @@ version = "1.8.0"
description = "Backup server side executed python scripts for managing linux and windows system and application data backups, developed by adminsys for adminsys" description = "Backup server side executed python scripts for managing linux and windows system and application data backups, developed by adminsys for adminsys"
readme = "README.md" readme = "README.md"
dependencies = [ dependencies = [
"authlib>=1.3.0",
"bcrypt>=4.0.0",
"flask==3.1.0", "flask==3.1.0",
"flask-login>=0.6.0",
"huey==2.5.3", "huey==2.5.3",
"iniparse==0.5", "iniparse==0.5",
"paramiko==3.5.1", "paramiko==3.5.1",
@ -19,12 +22,6 @@ dependencies = [
requires-python = ">=3.13" requires-python = ">=3.13"
[project.optional-dependencies] [project.optional-dependencies]
# Authentication providers
auth-basic = ["bcrypt>=4.0.0"]
auth-login = ["flask-login>=0.6.0", "bcrypt>=4.0.0"]
auth-oauth = ["authlib>=1.3.0", "requests>=2.32.0"]
# Install all auth providers
auth-all = ["bcrypt>=4.0.0", "flask-login>=0.6.0", "authlib>=1.3.0", "requests>=2.32.0"]
# Documentation dependencies # Documentation dependencies
docs = [ docs = [
"docutils", "docutils",

34
uv.lock generated
View File

@ -649,7 +649,10 @@ name = "tisbackup"
version = "1.8.0" version = "1.8.0"
source = { virtual = "." } source = { virtual = "." }
dependencies = [ dependencies = [
{ name = "authlib" },
{ name = "bcrypt" },
{ name = "flask" }, { name = "flask" },
{ name = "flask-login" },
{ name = "huey" }, { name = "huey" },
{ name = "iniparse" }, { name = "iniparse" },
{ name = "paramiko" }, { name = "paramiko" },
@ -663,23 +666,6 @@ dependencies = [
] ]
[package.optional-dependencies] [package.optional-dependencies]
auth-all = [
{ name = "authlib" },
{ name = "bcrypt" },
{ name = "flask-login" },
{ name = "requests" },
]
auth-basic = [
{ name = "bcrypt" },
]
auth-login = [
{ name = "bcrypt" },
{ name = "flask-login" },
]
auth-oauth = [
{ name = "authlib" },
{ name = "requests" },
]
docs = [ docs = [
{ name = "docutils" }, { name = "docutils" },
{ name = "sphinx" }, { name = "sphinx" },
@ -691,15 +677,11 @@ docs = [
[package.metadata] [package.metadata]
requires-dist = [ requires-dist = [
{ name = "authlib", marker = "extra == 'auth-all'", specifier = ">=1.3.0" }, { name = "authlib", specifier = ">=1.3.0" },
{ name = "authlib", marker = "extra == 'auth-oauth'", specifier = ">=1.3.0" }, { name = "bcrypt", specifier = ">=4.0.0" },
{ name = "bcrypt", marker = "extra == 'auth-all'", specifier = ">=4.0.0" },
{ name = "bcrypt", marker = "extra == 'auth-basic'", specifier = ">=4.0.0" },
{ name = "bcrypt", marker = "extra == 'auth-login'", specifier = ">=4.0.0" },
{ name = "docutils", marker = "extra == 'docs'" }, { name = "docutils", marker = "extra == 'docs'" },
{ name = "flask", specifier = "==3.1.0" }, { name = "flask", specifier = "==3.1.0" },
{ name = "flask-login", marker = "extra == 'auth-all'", specifier = ">=0.6.0" }, { name = "flask-login", specifier = ">=0.6.0" },
{ name = "flask-login", marker = "extra == 'auth-login'", specifier = ">=0.6.0" },
{ name = "huey", specifier = "==2.5.3" }, { name = "huey", specifier = "==2.5.3" },
{ name = "iniparse", specifier = "==0.5" }, { name = "iniparse", specifier = "==0.5" },
{ name = "paramiko", specifier = "==3.5.1" }, { name = "paramiko", specifier = "==3.5.1" },
@ -707,8 +689,6 @@ requires-dist = [
{ name = "pexpect", specifier = "==4.9.0" }, { name = "pexpect", specifier = "==4.9.0" },
{ name = "redis", specifier = "==5.2.1" }, { name = "redis", specifier = "==5.2.1" },
{ name = "requests", specifier = "==2.32.3" }, { name = "requests", specifier = "==2.32.3" },
{ name = "requests", marker = "extra == 'auth-all'", specifier = ">=2.32.0" },
{ name = "requests", marker = "extra == 'auth-oauth'", specifier = ">=2.32.0" },
{ name = "ruff", specifier = ">=0.13.3" }, { name = "ruff", specifier = ">=0.13.3" },
{ name = "simplejson", specifier = "==3.20.1" }, { name = "simplejson", specifier = "==3.20.1" },
{ name = "six", specifier = "==1.17.0" }, { name = "six", specifier = "==1.17.0" },
@ -718,7 +698,7 @@ requires-dist = [
{ name = "sphinx-tabs", marker = "extra == 'docs'" }, { name = "sphinx-tabs", marker = "extra == 'docs'" },
{ name = "sphinxjp-themes-revealjs", marker = "extra == 'docs'" }, { name = "sphinxjp-themes-revealjs", marker = "extra == 'docs'" },
] ]
provides-extras = ["auth-basic", "auth-login", "auth-oauth", "auth-all", "docs"] provides-extras = ["docs"]
[[package]] [[package]]
name = "urllib3" name = "urllib3"