tliu93
c2b1b7b751
- new app/api/routes/api/ package with shared require_session (401) and require_csrf (presence-only X-CSRF-Token, 403) dependencies - GET /api/config returns masked config sections; PUT /api/config reuses save_config_updates (blank secret keeps old; invalid -> 422, no write) - session-protected; PUT also CSRF-protected - register router in app/main.py; regenerate openapi/ - tests/test_api_config.py
32 lines
581 B
Python
32 lines
581 B
Python
from __future__ import annotations
|
|
|
|
from pydantic import BaseModel
|
|
|
|
|
|
class ConfigField(BaseModel):
|
|
env_name: str
|
|
label: str
|
|
value: str
|
|
secret: bool
|
|
input_type: str
|
|
configured: bool
|
|
|
|
|
|
class ConfigSection(BaseModel):
|
|
name: str
|
|
fields: list[ConfigField]
|
|
|
|
|
|
class ConfigResponse(BaseModel):
|
|
sections: list[ConfigSection]
|
|
|
|
|
|
class ConfigUpdateRequest(BaseModel):
|
|
"""Flat mapping of env_name → value, mirroring the existing form semantics."""
|
|
|
|
updates: dict[str, str]
|
|
|
|
|
|
class ConfigUpdateResponse(BaseModel):
|
|
sections: list[ConfigSection]
|