feat: Implement Phase 4 Web Interface with bugfixes (v0.5.2)
## Phase 4: Web Interface Implementation Implemented complete web interface with public and admin routes, templates, CSS, and development authentication. ### Core Features **Public Routes**: - Homepage with recent published notes - Note permalinks with microformats2 - Server-side rendering (Jinja2) **Admin Routes**: - Login via IndieLogin - Dashboard with note management - Create, edit, delete notes - Protected with @require_auth decorator **Development Authentication**: - Dev login bypass for local testing (DEV_MODE only) - Security safeguards per ADR-011 - Returns 404 when disabled **Templates & Frontend**: - Base layouts (public + admin) - 8 HTML templates with microformats2 - Custom responsive CSS (114 lines) - Error pages (404, 500) ### Bugfixes (v0.5.1 → v0.5.2) 1. **Cookie collision fix (v0.5.1)**: - Renamed auth cookie from "session" to "starpunk_session" - Fixed redirect loop between dev login and admin dashboard - Flask's session cookie no longer conflicts with auth 2. **HTTP 404 error handling (v0.5.1)**: - Update route now returns 404 for nonexistent notes - Delete route now returns 404 for nonexistent notes - Follows ADR-012 HTTP Error Handling Policy - Pattern consistency across all admin routes 3. **Note model enhancement (v0.5.2)**: - Exposed deleted_at field from database schema - Enables soft deletion verification in tests - Follows ADR-013 transparency principle ### Architecture **New ADRs**: - ADR-011: Development Authentication Mechanism - ADR-012: HTTP Error Handling Policy - ADR-013: Expose deleted_at Field in Note Model **Standards Compliance**: - Uses uv for Python environment - Black formatted, Flake8 clean - Follows git branching strategy - Version incremented per versioning strategy ### Test Results - 405/406 tests passing (99.75%) - 87% code coverage - All security tests passing - Manual testing confirmed working ### Documentation - Complete implementation reports in docs/reports/ - Architecture reviews in docs/reviews/ - Design documents in docs/design/ - CHANGELOG updated for v0.5.2 ### Files Changed **New Modules**: - starpunk/dev_auth.py - starpunk/routes/ (public, admin, auth, dev_auth) **Templates**: 10 files (base, pages, admin, errors) **Static**: CSS and optional JavaScript **Tests**: 4 test files for routes and templates **Docs**: 20+ architectural and implementation documents 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
@@ -57,6 +57,7 @@ class Note:
|
||||
published: Whether note is published (visible publicly)
|
||||
created_at: Creation timestamp (UTC)
|
||||
updated_at: Last update timestamp (UTC)
|
||||
deleted_at: Soft deletion timestamp (UTC, None if not deleted)
|
||||
content_hash: SHA-256 hash of content (for integrity checking)
|
||||
_data_dir: Base data directory path (used for file loading)
|
||||
_cached_content: Cached markdown content (lazy-loaded)
|
||||
@@ -111,6 +112,7 @@ class Note:
|
||||
_data_dir: Path = field(repr=False, compare=False)
|
||||
|
||||
# Optional fields
|
||||
deleted_at: Optional[datetime] = None
|
||||
content_hash: Optional[str] = None
|
||||
_cached_content: Optional[str] = field(
|
||||
default=None, repr=False, compare=False, init=False
|
||||
@@ -150,6 +152,10 @@ class Note:
|
||||
if isinstance(updated_at, str):
|
||||
updated_at = datetime.fromisoformat(updated_at.replace("Z", "+00:00"))
|
||||
|
||||
deleted_at = data.get("deleted_at")
|
||||
if deleted_at and isinstance(deleted_at, str):
|
||||
deleted_at = datetime.fromisoformat(deleted_at.replace("Z", "+00:00"))
|
||||
|
||||
return cls(
|
||||
id=data["id"],
|
||||
slug=data["slug"],
|
||||
@@ -157,6 +163,7 @@ class Note:
|
||||
published=bool(data["published"]),
|
||||
created_at=created_at,
|
||||
updated_at=updated_at,
|
||||
deleted_at=deleted_at,
|
||||
_data_dir=data_dir,
|
||||
content_hash=data.get("content_hash"),
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user