bb-plane-fork

binarybeach/bb-plane-fork

Fork 0

Commit graph

Author	SHA1	Message	Date
binarybeach	c0cfbb2bdc	binarybeachio: trusted view — mirror OAuth adapter create-shape (Profile, username, is_email_verified) Plane's OAuth adapter (apps/api/plane/authentication/adapter/base.py:289-342) creates User AND Profile when a new identity arrives. My trusted view was calling User.objects.get_or_create() without the Profile, so the SPA's /api/users/me/profile/ 404'd and the SPA bounced the user back to /login in an onboarding loop. Mirror the adapter's full create-shape: random username (uuid hex), first/last names from JWT claims, is_password_autoset=True, is_email_verified=True, random password (so Django's auth hash is non-empty for break-glass), then Profile.objects.create(user=user). Wrapped in a transaction so partial creation can't leave the DB inconsistent. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-03 23:55:25 -10:00
binarybeach	13b4de6d82	binarybeachio: trusted view — rename log extra key 'created' to 'is_signup' LogRecord has a built-in `created` attribute (timestamp) and Python's Logger.makeRecord raises KeyError("Attempt to overwrite 'created' in LogRecord") when extra= contains it. The 500 fired AFTER user_login already set the sessionid, so users were technically signed in but saw a 500 page on first visit. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-03 21:18:49 -10:00
binarybeach	712612865d	binarybeachio: Bucket-4 trusted-JWT auth — replaces in-place github.py patch Migrates this fork to the binarybeachio platform-architecture pivot: oauth2-proxy at the edge enforces a Zitadel session, the auth-bridge mints a short-lived RS256 JWT, and a NEW additive endpoint at /auth/sign-in-trusted/ verifies the JWT, claims its jti against shared-redis (single-use replay protection, fail-closed), find-or-creates the User, and starts a Django session via user_login(). Net surface vs. upstream-clean: 1 new view file + 1 url path + 1 exports __init__ entry + 7 reserved error codes (6000-6099 range). github.py and the GitHub-button rebrand patch are reverted to upstream — sign-in entry-point UX is now driven by Traefik redirectregex on /sign-in* in infrastructure/plane/docker-compose.yml. Replay protection contract: jti claim minted by bridge, consumed via Redis SETNX with ttl = exp - now + 30s. Documented at binarybeachio/docs/architecture/bridge-jwt-replay-protection.md. Public-key transport: BB_BRIDGE_PUBLIC_KEY_URL env points at the in-cluster bridge's /.well-known/bb-bridge.pub.pem (avoids the env-PEM corruption issue Coolify has with backslash-escaped keys). Endpoint is implicitly disabled (404) when env unset — vanilla upstream behavior preserved. Storage patches (Patch 2) unchanged. Brand asset preserved (dormant). Pre-migration source state preserved on branch pre-migration-2026-05-04. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-03 20:24:48 -10:00

Author

SHA1

Message

Date

binarybeach

c0cfbb2bdc

binarybeachio: trusted view — mirror OAuth adapter create-shape (Profile, username, is_email_verified)

Plane's OAuth adapter (apps/api/plane/authentication/adapter/base.py:289-342)
creates User AND Profile when a new identity arrives. My trusted view was
calling User.objects.get_or_create() without the Profile, so the SPA's
/api/users/me/profile/ 404'd and the SPA bounced the user back to /login
in an onboarding loop.

Mirror the adapter's full create-shape: random username (uuid hex),
first/last names from JWT claims, is_password_autoset=True,
is_email_verified=True, random password (so Django's auth hash is non-empty
for break-glass), then Profile.objects.create(user=user). Wrapped in a
transaction so partial creation can't leave the DB inconsistent.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-03 23:55:25 -10:00

binarybeach

13b4de6d82

binarybeachio: trusted view — rename log extra key 'created' to 'is_signup'

LogRecord has a built-in `created` attribute (timestamp) and Python's
Logger.makeRecord raises KeyError("Attempt to overwrite 'created' in
LogRecord") when extra= contains it. The 500 fired AFTER user_login
already set the sessionid, so users were technically signed in but
saw a 500 page on first visit.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-03 21:18:49 -10:00

binarybeach

712612865d

binarybeachio: Bucket-4 trusted-JWT auth — replaces in-place github.py patch

Migrates this fork to the binarybeachio platform-architecture pivot:
oauth2-proxy at the edge enforces a Zitadel session, the auth-bridge
mints a short-lived RS256 JWT, and a NEW additive endpoint at
/auth/sign-in-trusted/ verifies the JWT, claims its jti against
shared-redis (single-use replay protection, fail-closed), find-or-creates
the User, and starts a Django session via user_login().

Net surface vs. upstream-clean: 1 new view file + 1 url path + 1
exports __init__ entry + 7 reserved error codes (6000-6099 range).
github.py and the GitHub-button rebrand patch are reverted to upstream
— sign-in entry-point UX is now driven by Traefik redirectregex on
/sign-in* in infrastructure/plane/docker-compose.yml.

Replay protection contract: jti claim minted by bridge, consumed via
Redis SETNX with ttl = exp - now + 30s. Documented at
binarybeachio/docs/architecture/bridge-jwt-replay-protection.md.

Public-key transport: BB_BRIDGE_PUBLIC_KEY_URL env points at the
in-cluster bridge's /.well-known/bb-bridge.pub.pem (avoids the
env-PEM corruption issue Coolify has with backslash-escaped keys).
Endpoint is implicitly disabled (404) when env unset — vanilla
upstream behavior preserved.

Storage patches (Patch 2) unchanged. Brand asset preserved (dormant).
Pre-migration source state preserved on branch pre-migration-2026-05-04.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-03 20:24:48 -10:00

3 commits